Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/108e6a-eafa-4f50-addc-25aed7a6398b/1/an13z-Ahcph-Q0yeFRtYyNE1l4g.roa
File:                     an13z-Ahcph-Q0yeFRtYyNE1l4g.roa (raw, json)
Hash identifier:          fYEoqORa+ltQC0gzsUR261MI5x/JiXhRh1h5PwqjzW4=
Subject key identifier:   6A:7D:77:CF:E0:21:72:98:7E:43:4C:9E:15:1B:58:C8:D1:35:97:88
Certificate issuer:       /CN=430d27a2a09d059315a2746ce5934b6cc91c1066
Certificate serial:       01870E189E32629887D264A0F10CC1B27435
Authority key identifier: 43:0D:27:A2:A0:9D:05:93:15:A2:74:6C:E5:93:4B:6C:C9:1C:10:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qw0noqCdBZMVonRs5ZNLbMkcEGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/108e6a-eafa-4f50-addc-25aed7a6398b/1/an13z-Ahcph-Q0yeFRtYyNE1l4g.roa
Signing time:             Thu 23 Mar 2023 10:51:47 +0000
ROA not before:           Thu 23 Mar 2023 10:51:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        146.19.247.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0e:18:9e:32:62:98:87:d2:64:a0:f1:0c:c1:b2:74:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=430d27a2a09d059315a2746ce5934b6cc91c1066
        Validity
            Not Before: Mar 23 10:51:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a7d77cfe02172987e434c9e151b58c8d1359788
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:97:82:46:67:8f:3f:54:14:d3:93:71:85:75:
                    92:c3:5a:0b:ce:e9:c0:28:f5:58:8e:2f:5d:6a:1c:
                    e9:3a:b6:6d:ff:88:0a:18:5e:dc:64:60:8e:13:79:
                    56:7f:e8:0f:37:83:a3:8e:4d:33:6e:57:3f:2a:2c:
                    74:84:82:05:93:c6:ea:3c:82:0f:c2:ae:29:59:24:
                    93:79:e1:1d:a2:28:58:9c:c4:dc:a0:da:22:b2:97:
                    d5:84:83:1b:f0:c0:9d:6e:de:09:9f:6c:36:d1:18:
                    18:f6:df:e0:66:0e:2a:8a:2f:bb:8a:8a:82:51:20:
                    d1:a2:00:3f:c1:b2:f2:03:0b:04:7e:90:2e:44:a3:
                    10:fc:64:34:00:24:26:4d:36:dd:c4:9d:a3:de:38:
                    50:18:36:21:96:73:d4:50:a9:62:cd:b6:68:cb:fc:
                    d0:66:2d:26:dd:a0:e2:a2:80:b3:ba:54:34:2d:c9:
                    ec:28:cd:02:2c:7d:89:57:e0:cc:f6:cb:a7:41:68:
                    6d:9c:95:37:2e:d9:d1:c0:3b:db:7e:c3:52:52:66:
                    b3:aa:c2:36:b9:da:5e:a0:00:85:53:f4:34:da:25:
                    c2:d5:e2:ed:c7:96:28:82:bd:75:0e:36:94:45:f1:
                    5d:28:54:ab:59:50:d5:2e:7f:d0:f8:bd:c2:b7:2f:
                    c4:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:7D:77:CF:E0:21:72:98:7E:43:4C:9E:15:1B:58:C8:D1:35:97:88
            X509v3 Authority Key Identifier:
                keyid:43:0D:27:A2:A0:9D:05:93:15:A2:74:6C:E5:93:4B:6C:C9:1C:10:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qw0noqCdBZMVonRs5ZNLbMkcEGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/108e6a-eafa-4f50-addc-25aed7a6398b/1/an13z-Ahcph-Q0yeFRtYyNE1l4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/108e6a-eafa-4f50-addc-25aed7a6398b/1/Qw0noqCdBZMVonRs5ZNLbMkcEGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:54:53:73:3b:b4:68:96:d7:c6:d2:55:71:ce:d7:cc:02:f3:
         67:5b:6c:f8:f5:12:11:35:fd:eb:cd:f7:11:16:98:22:76:1c:
         b9:22:06:f7:7d:2a:d6:13:8b:43:a1:4b:6e:08:12:d8:9c:66:
         87:53:4a:40:4c:1f:57:c4:8e:1c:bb:bb:64:bb:a1:fe:a7:32:
         3f:52:7d:d2:dd:67:22:fd:b7:07:d2:5e:fc:cd:24:2d:6a:82:
         79:c4:c0:0d:c9:c4:19:47:ee:be:d7:99:79:5b:8f:fe:8e:d6:
         2e:10:49:45:a0:eb:62:b0:68:00:90:6b:97:d9:80:39:cc:38:
         85:0d:22:f2:a9:16:78:9f:d0:7c:08:17:59:1f:f5:be:b0:47:
         ee:8a:c2:b8:19:c0:ed:0b:99:b3:ed:43:7a:0f:00:23:a7:07:
         5a:77:ca:8a:b6:a1:99:53:0a:9c:30:bc:a7:92:ef:43:d2:1b:
         35:99:c5:54:6a:c4:5a:a6:40:9e:4b:00:aa:5a:b4:e7:5f:b2:
         d6:c4:21:12:c1:f3:f6:a9:8b:7d:6f:8b:2d:cb:60:0a:cb:cb:
         2a:cc:a1:cb:2b:47:b6:0a:c1:11:30:51:db:89:48:78:20:4e:
         84:3b:c6:e9:9e:80:da:70:1e:c1:98:01:05:3e:de:89:28:c8:
         f2:3e:5b:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcOGJ4yYpiH0mSg8QzBsnQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMGQyN2EyYTA5ZDA1OTMxNWEyNzQ2Y2U1OTM0YjZjYzkx
YzEwNjYwHhcNMjMwMzIzMTA1MTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTdkNzdjZmUwMjE3Mjk4N2U0MzRjOWUxNTFiNThjOGQxMzU5Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZeCRmePP1QU05NxhXWSw1oLzunA
KPVYji9dahzpOrZt/4gKGF7cZGCOE3lWf+gPN4Ojjk0zblc/Kix0hIIFk8bqPIIP
wq4pWSSTeeEdoihYnMTcoNoispfVhIMb8MCdbt4Jn2w20RgY9t/gZg4qii+7ioqC
USDRogA/wbLyAwsEfpAuRKMQ/GQ0ACQmTTbdxJ2j3jhQGDYhlnPUUKlizbZoy/zQ
Zi0m3aDiooCzulQ0LcnsKM0CLH2JV+DM9sunQWhtnJU3LtnRwDvbfsNSUmazqsI2
udpeoACFU/Q02iXC1eLtx5Yogr11DjaURfFdKFSrWVDVLn/Q+L3Cty/ElQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGp9d8/gIXKYfkNMnhUbWMjRNZeIMB8GA1UdIwQY
MBaAFEMNJ6KgnQWTFaJ0bOWTS2zJHBBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXcwbm9xQ2RCWk1Wb25SczVaTkxiTWtjRUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMDhlNmEtZWFmYS00ZjUwLWFkZGMt
MjVhZWQ3YTYzOThiLzEvYW4xM3otQWhjcGgtUTB5ZUZSdFl5TkUxbDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMDhlNmEtZWFmYS00ZjUwLWFkZGMtMjVhZWQ3YTYzOThi
LzEvUXcwbm9xQ2RCWk1Wb25SczVaTkxiTWtjRUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP3MA0G
CSqGSIb3DQEBCwUAA4IBAQC1VFNzO7RoltfG0lVxztfMAvNnW2z49RIRNf3rzfcR
Fpgidhy5Igb3fSrWE4tDoUtuCBLYnGaHU0pATB9XxI4cu7tku6H+pzI/Un3S3Wci
/bcH0l78zSQtaoJ5xMANycQZR+6+15l5W4/+jtYuEElFoOtisGgAkGuX2YA5zDiF
DSLyqRZ4n9B8CBdZH/W+sEfuisK4GcDtC5mz7UN6DwAjpwdad8qKtqGZUwqcMLyn
ku9D0hs1mcVUasRapkCeSwCqWrTnX7LWxCESwfP2qYt9b4sty2AKy8sqzKHLK0e2
CsERMFHbiUh4IE6EO8bpnoDacB7BmAEFPt6JKMjyPluC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:04 2024 by rpki-client on console-fra.rpki-client.org