Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/SlqdND-78hGcK3DSc7ZKEerME7A.roa
File:                     SlqdND-78hGcK3DSc7ZKEerME7A.roa (raw, json)
Hash identifier:          SEirbswQmHkNk0PgwlxFNKIeQsYu37/SMLLURNnYxLQ=
Subject key identifier:   4A:5A:9D:34:3F:BB:F2:11:9C:2B:70:D2:73:B6:4A:11:EA:CC:13:B0
Certificate issuer:       /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial:       0194AC1506039C206F31B959705817CFDC5D
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/SlqdND-78hGcK3DSc7ZKEerME7A.roa
Signing time:             Tue 28 Jan 2025 08:44:06 +0000
ROA not before:           Tue 28 Jan 2025 08:44:06 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     50304
IP address blocks:        31.169.48.0/21 maxlen: 32
                          37.202.56.0/21 maxlen: 24
                          45.152.48.0/22 maxlen: 22
                          91.90.40.0/21 maxlen: 24
                          91.199.193.0/24 maxlen: 24
                          91.205.184.0/22 maxlen: 22
                          91.227.248.0/22 maxlen: 24
                          94.124.74.0/24 maxlen: 24
                          134.90.144.0/21 maxlen: 32
                          134.90.148.0/24 maxlen: 24
                          176.125.232.0/22 maxlen: 22
                          178.255.144.0/21 maxlen: 32
                          185.12.56.0/22 maxlen: 24
                          185.35.200.0/22 maxlen: 24
                          185.35.200.0/24 maxlen: 24
                          185.41.240.0/22 maxlen: 24
                          185.152.32.0/22 maxlen: 24
                          185.152.32.0/23 maxlen: 23
                          193.27.45.0/24 maxlen: 24
                          193.28.1.0/24 maxlen: 24
                          193.28.4.0/24 maxlen: 24
                          193.28.7.0/24 maxlen: 24
                          193.138.6.0/23 maxlen: 24
                          194.35.228.0/22 maxlen: 24
                          194.99.40.0/22 maxlen: 24
                          194.127.198.0/23 maxlen: 23
                          194.127.199.0/24 maxlen: 24
                          195.64.118.0/24 maxlen: 24
                          213.163.240.0/23 maxlen: 23
                          217.197.164.0/22 maxlen: 24
                          217.197.164.0/24 maxlen: 24
                          2a02:20c8::/32 maxlen: 48
                          2a02:ed00::/29 maxlen: 32
                          2a02:ed00::/32 maxlen: 32
                          2a02:ed01::/32 maxlen: 32
                          2a02:ed03::/32 maxlen: 32
                          2a02:ed04:100::/44 maxlen: 44
                          2a02:ed04:3400::/44 maxlen: 44
                          2a02:ed04:3580::/44 maxlen: 44
                          2a02:ed04:4400::/44 maxlen: 44
                          2a02:ed04:4500::/44 maxlen: 44
                          2a02:ed04:4600::/44 maxlen: 44
                          2a02:ed04:4700::/44 maxlen: 44
                          2a02:ed05::/32 maxlen: 32
                          2a02:ed06::/32 maxlen: 32
                          2a04:8d40::/29 maxlen: 32
                          2a07:7d80::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ac:15:06:03:9c:20:6f:31:b9:59:70:58:17:cf:dc:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
        Validity
            Not Before: Jan 28 08:44:06 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4a5a9d343fbbf2119c2b70d273b64a11eacc13b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ca:e0:92:8a:c7:e6:32:d7:25:43:74:87:5b:
                    58:56:76:1a:b5:43:16:0e:0b:f7:46:1a:9d:04:16:
                    a5:fa:9f:58:e5:ac:b1:e5:6c:49:44:24:66:86:6a:
                    a7:9d:19:38:cc:cf:6b:1d:eb:08:fd:86:59:f8:2c:
                    dd:0e:a8:01:08:88:5a:47:cf:d6:24:7b:97:e6:eb:
                    2d:c2:be:23:df:a3:cf:d7:83:3d:b0:a6:a8:1a:6f:
                    71:2c:18:97:92:eb:0d:95:18:1b:f6:14:9f:66:e2:
                    91:9e:36:08:34:6c:c3:fc:5f:34:23:f0:90:90:cb:
                    10:2b:13:81:b5:46:e6:cf:52:43:90:3c:93:0d:6c:
                    16:60:6f:e0:15:29:a2:d5:1a:90:4c:9a:3e:7e:12:
                    4b:71:df:3b:0f:49:e7:6e:1e:04:2b:43:68:97:4b:
                    82:e6:5e:a1:3e:45:cb:16:70:1d:37:c9:1c:e8:a9:
                    e2:08:30:e9:97:38:a3:aa:aa:b1:59:4e:8e:f8:33:
                    78:1e:8f:a5:0e:14:7a:d1:38:d6:db:79:3a:31:9d:
                    ec:15:9a:49:ac:85:4b:52:d0:59:6f:98:f2:03:db:
                    10:59:cd:11:31:d7:8e:fc:74:4b:5e:ea:1e:f9:ab:
                    95:02:1e:ca:71:58:b6:3e:b5:94:30:16:9d:1d:7e:
                    df:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:5A:9D:34:3F:BB:F2:11:9C:2B:70:D2:73:B6:4A:11:EA:CC:13:B0
            X509v3 Authority Key Identifier:
                keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/SlqdND-78hGcK3DSc7ZKEerME7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.169.48.0/21
                  37.202.56.0/21
                  45.152.48.0/22
                  91.90.40.0/21
                  91.199.193.0/24
                  91.205.184.0/22
                  91.227.248.0/22
                  94.124.74.0/24
                  134.90.144.0/21
                  176.125.232.0/22
                  178.255.144.0/21
                  185.12.56.0/22
                  185.35.200.0/22
                  185.41.240.0/22
                  185.152.32.0/22
                  193.27.45.0/24
                  193.28.1.0/24
                  193.28.4.0/24
                  193.28.7.0/24
                  193.138.6.0/23
                  194.35.228.0/22
                  194.99.40.0/22
                  194.127.198.0/23
                  195.64.118.0/24
                  213.163.240.0/23
                  217.197.164.0/22
                IPv6:
                  2a02:20c8::/32
                  2a02:ed00::/29
                  2a04:8d40::/29
                  2a07:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         2c:09:14:dc:de:ba:09:f9:22:43:01:d3:32:fb:72:7f:76:c8:
         a1:51:fe:b4:89:53:40:0b:4e:15:ba:9b:80:4b:6a:7f:ab:68:
         85:13:53:d3:86:02:42:b5:bc:95:e3:c3:4e:7c:b4:75:96:8f:
         d8:76:6d:5b:f1:ad:d7:21:45:81:11:bc:09:24:09:04:ee:c6:
         bd:ed:eb:8e:76:87:01:6f:a0:80:c0:ff:25:a1:07:de:80:52:
         3e:e9:2b:6d:57:e5:c7:bd:ba:0e:18:4a:7b:47:ad:a6:7e:55:
         5e:50:2b:5e:e1:22:19:b2:00:66:4c:d5:1a:57:81:fd:04:6f:
         73:4a:a0:6b:4d:78:a7:59:d6:3f:f9:54:86:24:34:90:11:dc:
         04:8f:30:4a:a7:77:d3:67:23:e1:5e:ee:51:53:e7:c9:84:1f:
         da:d8:f3:ef:d2:f7:5e:65:46:fd:38:d0:a8:63:6b:26:84:79:
         fa:5f:ba:b8:8e:ed:ac:d4:29:09:24:5f:e8:5e:aa:2d:55:44:
         60:95:2e:fb:e0:9e:55:83:38:61:5c:d5:e5:22:44:3d:0e:2f:
         de:5b:f7:e9:57:ec:c4:96:0d:ef:91:23:9b:20:8b:80:a2:3a:
         33:e5:c9:b9:6b:0d:d5:44:69:41:5b:79:45:69:26:a8:ed:9a:
         1a:f9:33:9b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZSsFQYDnCBvMblZcFgXz9xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMTI4MDg0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTVhOWQzNDNmYmJmMjExOWMyYjcwZDI3M2I2NGExMWVhY2MxM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MrgkorH5jLXJUN0h1tYVnYatUMW
Dgv3RhqdBBal+p9Y5ayx5WxJRCRmhmqnnRk4zM9rHesI/YZZ+CzdDqgBCIhaR8/W
JHuX5ustwr4j36PP14M9sKaoGm9xLBiXkusNlRgb9hSfZuKRnjYINGzD/F80I/CQ
kMsQKxOBtUbmz1JDkDyTDWwWYG/gFSmi1RqQTJo+fhJLcd87D0nnbh4EK0Nol0uC
5l6hPkXLFnAdN8kc6KniCDDplzijqqqxWU6O+DN4Ho+lDhR60TjW23k6MZ3sFZpJ
rIVLUtBZb5jyA9sQWc0RMdeO/HRLXuoe+auVAh7KcVi2PrWUMBadHX7fAwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFEpanTQ/u/IRnCtw0nO2ShHqzBOwMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvU2xxZE5ELTc4aEdjSzNEU2M3WktFZXJNRTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBowQCAAEwgZwDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBABefEoDBAOG
WpADBAKwfegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADB
HAEDBADBHAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBADDQHYDBAHV
o/ADBALZxaQwIgQCAAIwHAMFACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJ
KoZIhvcNAQELBQADggEBACwJFNzeugn5IkMB0zL7cn92yKFR/rSJU0ALThW6m4BL
an+raIUTU9OGAkK1vJXjw058tHWWj9h2bVvxrdchRYERvAkkCQTuxr3t6452hwFv
oIDA/yWhB96AUj7pK21X5ce9ug4YSntHraZ+VV5QK17hIhmyAGZM1RpXgf0Eb3NK
oGtNeKdZ1j/5VIYkNJAR3ASPMEqnd9NnI+Fe7lFT58mEH9rY8+/S915lRv040Khj
ayaEefpfuriO7azUKQkkX+heqi1VRGCVLvvgnlWDOGFc1eUiRD0OL95b9+lX7MSW
De+RI5sgi4CiOjPlyblrDdVEaUFbeUVpJqjtmhr5M5s=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:43 2025 by rpki-client on console.sobornost.net