Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS203843/0/326131323a646434373a383065343a3a2f34382d3438203d3e20323033383433.roa
File:                     326131323a646434373a383065343a3a2f34382d3438203d3e20323033383433.roa (raw, json)
Hash identifier:          3nY8L3o5lR0Q16UI0AHDkhO/uXF+88Uvpro2HoVNJFg=
Subject key identifier:   46:80:AD:EB:EF:C3:0F:9F:18:96:4E:A2:7A:F3:B7:3E:38:39:39:0D
Certificate issuer:       /CN=CD672568EDAFD043ACC9C2B693C6F2BF9DF642FE
Certificate serial:       2E60063DD1B7BC62EC0A1393783B9148F8D09FD7
Authority key identifier: CD:67:25:68:ED:AF:D0:43:AC:C9:C2:B6:93:C6:F2:BF:9D:F6:42:FE
Authority info access:    rsync://rpki.co/repo/AS945/1/CD672568EDAFD043ACC9C2B693C6F2BF9DF642FE.cer
Subject info access:      rsync://rpki.co/repo/AS203843/0/326131323a646434373a383065343a3a2f34382d3438203d3e20323033383433.roa
Signing time:             Wed 20 Mar 2024 13:14:29 +0000
ROA not before:           Wed 20 Mar 2024 13:09:29 +0000
ROA not after:            Wed 19 Mar 2025 13:14:29 +0000
asID:                     203843
IP address blocks:        2a12:dd47:80e4::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:60:06:3d:d1:b7:bc:62:ec:0a:13:93:78:3b:91:48:f8:d0:9f:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CD672568EDAFD043ACC9C2B693C6F2BF9DF642FE
        Validity
            Not Before: Mar 20 13:09:29 2024 GMT
            Not After : Mar 19 13:14:29 2025 GMT
        Subject: CN=4680ADEBEFC30F9F18964EA27AF3B73E3839390D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:62:75:93:a9:72:82:f8:6b:d7:f8:32:d1:9a:
                    5d:c5:67:cf:d7:aa:f3:ad:8d:41:36:63:8c:ef:18:
                    0c:e6:b4:90:b5:d4:cd:a2:79:ba:29:fa:c5:f4:ba:
                    40:d7:03:8d:5f:a7:49:3c:b5:09:de:54:3c:0f:08:
                    04:33:d9:61:06:72:e4:1b:0b:56:23:d1:f1:bf:4e:
                    d8:37:4a:eb:47:26:14:9a:9f:93:06:df:d6:80:0d:
                    0c:6d:d0:19:e7:c8:f3:1c:93:89:1b:7f:04:00:5b:
                    56:05:25:cf:1e:ae:76:3f:b7:78:90:7b:1b:2b:6b:
                    ba:a5:34:07:92:12:f5:8d:ca:56:16:17:c4:1c:c6:
                    eb:f2:bf:06:41:95:bf:6d:85:34:9c:e5:f0:da:36:
                    5d:25:20:33:74:e5:eb:01:7c:20:94:71:c1:bb:36:
                    db:50:b7:14:2e:85:24:b3:2d:79:0a:8e:a3:02:0a:
                    5c:7f:fd:21:c2:8f:c3:3c:6c:95:a3:49:de:07:b0:
                    43:5a:9d:19:e2:ad:a3:47:da:05:a1:12:9a:74:02:
                    ba:83:ee:e4:07:7f:cc:09:1b:f2:f5:5b:a1:50:85:
                    06:c8:eb:7c:6f:34:64:7d:08:a1:eb:b6:24:3b:1e:
                    85:ba:6a:5f:fe:d2:e0:7a:ab:9e:95:57:25:6e:5a:
                    af:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:80:AD:EB:EF:C3:0F:9F:18:96:4E:A2:7A:F3:B7:3E:38:39:39:0D
            X509v3 Authority Key Identifier:
                keyid:CD:67:25:68:ED:AF:D0:43:AC:C9:C2:B6:93:C6:F2:BF:9D:F6:42:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS203843/0/CD672568EDAFD043ACC9C2B693C6F2BF9DF642FE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/CD672568EDAFD043ACC9C2B693C6F2BF9DF642FE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS203843/0/326131323a646434373a383065343a3a2f34382d3438203d3e20323033383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:80e4::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:64:81:4c:64:d1:4f:12:6e:d9:ed:ae:e6:13:48:7d:dc:56:
         c5:b0:aa:e3:5b:f6:a1:cf:77:d0:13:19:f8:5c:1d:d2:49:e5:
         a2:26:bb:f6:99:86:9f:4a:fb:ee:59:56:ca:e8:53:3d:46:aa:
         55:51:df:d1:3d:cc:63:cc:14:39:52:b5:7c:65:4a:5c:a7:3d:
         2b:05:a3:42:7f:3a:be:9e:e4:64:25:9d:46:8a:69:58:a9:61:
         05:f4:b3:b1:23:0e:48:fe:3b:d7:e7:62:ee:3f:75:b0:95:7b:
         22:08:18:b9:0f:f7:08:d6:c4:1d:19:25:73:21:56:e4:77:dc:
         bd:7d:ac:9e:8a:c8:97:5b:1e:04:2c:66:05:b5:b6:be:76:47:
         d9:bc:ba:ce:0e:f8:4a:22:58:1a:5d:df:4c:c2:a7:09:59:2c:
         08:58:f3:63:0f:f8:1b:78:c5:52:d4:4f:75:7a:3f:80:33:f5:
         34:0f:03:1e:5e:b0:34:3a:05:47:8a:5a:4a:87:4c:fa:11:71:
         5e:74:6c:e7:6c:6e:31:1a:0f:c2:e4:63:6f:75:1b:39:cb:37:
         ef:3d:41:1f:37:40:13:52:8c:3b:20:9b:89:b0:84:9c:9c:eb:
         a7:27:d1:8c:16:9f:1c:6d:fc:70:05:4c:5b:ea:d6:b9:36:e0:
         28:48:0f:85
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIULmAGPdG3vGLsChOTeDuRSPjQn9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0Q2NzI1NjhFREFGRDA0M0FDQzlDMkI2OTNDNkYyQkY5
REY2NDJGRTAeFw0yNDAzMjAxMzA5MjlaFw0yNTAzMTkxMzE0MjlaMDMxMTAvBgNV
BAMTKDQ2ODBBREVCRUZDMzBGOUYxODk2NEVBMjdBRjNCNzNFMzgzOTM5MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNYnWTqXKC+GvX+DLRml3FZ8/X
qvOtjUE2Y4zvGAzmtJC11M2iebop+sX0ukDXA41fp0k8tQneVDwPCAQz2WEGcuQb
C1Yj0fG/Ttg3SutHJhSan5MG39aADQxt0BnnyPMck4kbfwQAW1YFJc8ernY/t3iQ
exsra7qlNAeSEvWNylYWF8QcxuvyvwZBlb9thTSc5fDaNl0lIDN05esBfCCUccG7
NttQtxQuhSSzLXkKjqMCClx//SHCj8M8bJWjSd4HsENanRniraNH2gWhEpp0ArqD
7uQHf8wJG/L1W6FQhQbI63xvNGR9CKHrtiQ7HoW6al/+0uB6q56VVyVuWq9dAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQURoCt6+/DD58Ylk6ievO3Pjg5OQ0wHwYDVR0j
BBgwFoAUzWclaO2v0EOsycK2k8byv532Qv4wDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5jby9yZXBvL0FTMjAzODQzLzAvQ0Q2
NzI1NjhFREFGRDA0M0FDQzlDMkI2OTNDNkYyQkY5REY2NDJGRS5jcmwwZQYIKwYB
BQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28vcmVwby9BUzk0
NS8xL0NENjcyNTY4RURBRkQwNDNBQ0M5QzJCNjkzQzZGMkJGOURGNjQyRkUuY2Vy
MIGABggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5jby9y
ZXBvL0FTMjAzODQzLzAvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMwNjUzNDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzM4MzQzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeA
5DANBgkqhkiG9w0BAQsFAAOCAQEAY2SBTGTRTxJu2e2u5hNIfdxWxbCq41v2oc93
0BMZ+Fwd0knloia79pmGn0r77llWyuhTPUaqVVHf0T3MY8wUOVK1fGVKXKc9KwWj
Qn86vp7kZCWdRoppWKlhBfSzsSMOSP471+di7j91sJV7IggYuQ/3CNbEHRklcyFW
5HfcvX2snorIl1seBCxmBbW2vnZH2by6zg74SiJYGl3fTMKnCVksCFjzYw/4G3jF
UtRPdXo/gDP1NA8DHl6wNDoFR4paSodM+hFxXnRs52xuMRoPwuRjb3UbOcs37z1B
HzdAE1KMOyCbibCEnJzrpyfRjBafHG38cAVMW+rWuTbgKEgPhQ==
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:28:34 2024 by rpki-client on console-ams.rpki-client.org