Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/August/2/AS203888.roa
File:                     AS203888.roa (raw, json)
Hash identifier:          ST2sqAd2iP0vj94QJZSwyQc2cHuHmNnr3IAHAGf+/w0=
Subject key identifier:   DC:31:B8:04:D7:35:60:C3:CC:A5:11:38:59:1D:50:CA:BB:4A:04:D7
Certificate issuer:       /CN=9505B9F4CB411DD853C070AC476A01FEDA21C8D2
Certificate serial:       7302FCF4B4F8411B43FF24D41D20CADCFCF9A335
Authority key identifier: 95:05:B9:F4:CB:41:1D:D8:53:C0:70:AC:47:6A:01:FE:DA:21:C8:D2
Authority info access:    rsync://rpki.co/repo/HYSP/6/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.cer
Subject info access:      rsync://rpki.co/repo/August/2/AS203888.roa
Signing time:             Sat 08 Apr 2023 09:22:16 +0000
ROA not before:           Sat 08 Apr 2023 09:17:16 +0000
ROA not after:            Sat 06 Apr 2024 09:22:16 +0000
asID:                     203888
IP address blocks:        2a12:dd47:300::/40 maxlen: 40

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:02:fc:f4:b4:f8:41:1b:43:ff:24:d4:1d:20:ca:dc:fc:f9:a3:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9505B9F4CB411DD853C070AC476A01FEDA21C8D2
        Validity
            Not Before: Apr  8 09:17:16 2023 GMT
            Not After : Apr  6 09:22:16 2024 GMT
        Subject: CN=DC31B804D73560C3CCA51138591D50CABB4A04D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a5:c0:ce:ae:87:d7:ef:fb:dc:7e:0e:57:eb:
                    cb:e0:94:1d:a5:3c:82:46:f6:f8:46:b5:51:07:95:
                    9d:15:1a:51:82:25:af:a7:b6:20:8b:06:b2:69:32:
                    94:6b:ce:2e:71:db:e9:b3:fc:1b:ec:81:e6:f1:7d:
                    af:fa:67:9c:a7:34:47:70:a4:34:5f:36:8b:e6:4b:
                    46:54:b7:ec:a0:eb:91:4d:62:71:c7:5e:cf:2e:73:
                    17:19:70:70:b7:a4:06:21:d2:d1:b8:b5:30:8c:52:
                    a9:ac:4b:1e:de:f9:c3:bd:5f:fa:69:80:a4:bb:90:
                    da:2d:0b:3d:0d:67:9f:6f:a4:10:f6:0a:3f:3a:2a:
                    c0:8e:15:18:98:16:09:5e:28:f3:6a:ca:78:42:5c:
                    b5:65:a2:97:79:6f:0a:d8:a3:91:4c:99:91:fb:44:
                    d3:57:62:fd:0c:c4:9b:6b:72:da:cf:aa:48:71:05:
                    ed:45:1f:2d:72:a7:83:c8:18:79:e5:8d:11:47:20:
                    19:64:b3:d1:4e:27:04:26:0e:a0:8f:f6:1e:27:a4:
                    bd:8e:10:74:28:28:b7:14:40:36:31:96:ee:3c:17:
                    16:48:77:a6:2a:df:e3:58:81:5d:45:88:66:79:fd:
                    65:b5:4c:03:6c:8a:f2:6c:bc:0a:b0:69:1c:5e:4f:
                    3e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:31:B8:04:D7:35:60:C3:CC:A5:11:38:59:1D:50:CA:BB:4A:04:D7
            X509v3 Authority Key Identifier:
                keyid:95:05:B9:F4:CB:41:1D:D8:53:C0:70:AC:47:6A:01:FE:DA:21:C8:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/August/2/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/HYSP/6/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/August/2/AS203888.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         9f:ae:3f:fc:e3:43:8b:12:d2:4c:70:fe:f1:54:fa:91:65:10:
         d3:75:74:89:38:80:68:22:da:74:1e:b5:b7:fd:04:a8:95:66:
         40:b9:e9:b8:a3:cc:8a:b0:36:d5:4e:28:3d:82:eb:31:c4:d1:
         01:c8:de:ca:ff:52:d5:4b:65:48:1e:5b:27:4e:bf:47:2b:07:
         e5:d1:16:a1:26:bd:f3:3f:0e:79:43:ba:98:dc:b8:49:90:21:
         33:26:a0:e1:08:30:63:81:81:39:be:8e:3f:e4:6b:2a:b2:00:
         f6:4d:09:8b:2d:1c:53:f5:6f:1e:46:ff:50:19:58:26:5b:ad:
         fd:c5:6c:85:c7:16:bb:a3:c5:5b:89:ab:d9:4d:59:2c:09:00:
         0e:5c:41:0c:cb:8b:65:cc:2c:5a:2e:29:5e:b1:6e:3e:6a:4f:
         dd:db:ba:d3:92:61:d8:57:32:30:1c:68:12:2d:7e:6a:f2:ee:
         69:bb:58:ae:67:1d:42:29:1c:a6:fb:7f:61:81:6b:5d:44:a9:
         2b:e8:1a:82:74:d8:18:85:a4:a7:34:9d:8c:2b:38:31:7c:d3:
         91:3f:cb:eb:a1:05:b2:26:8f:35:80:19:7b:86:dc:d0:3e:e6:
         69:69:94:68:f1:0a:6b:ca:98:84:47:5b:17:58:54:c0:e3:a6:
         01:89:af:35
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIUcwL89LT4QRtD/yTUHSDK3Pz5ozUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTUwNUI5RjRDQjQxMUREODUzQzA3MEFDNDc2QTAxRkVE
QTIxQzhEMjAeFw0yMzA0MDgwOTE3MTZaFw0yNDA0MDYwOTIyMTZaMDMxMTAvBgNV
BAMTKERDMzFCODA0RDczNTYwQzNDQ0E1MTEzODU5MUQ1MENBQkI0QTA0RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3pcDOrofX7/vcfg5X68vglB2l
PIJG9vhGtVEHlZ0VGlGCJa+ntiCLBrJpMpRrzi5x2+mz/Bvsgebxfa/6Z5ynNEdw
pDRfNovmS0ZUt+yg65FNYnHHXs8ucxcZcHC3pAYh0tG4tTCMUqmsSx7e+cO9X/pp
gKS7kNotCz0NZ59vpBD2Cj86KsCOFRiYFgleKPNqynhCXLVlopd5bwrYo5FMmZH7
RNNXYv0MxJtrctrPqkhxBe1FHy1yp4PIGHnljRFHIBlks9FOJwQmDqCP9h4npL2O
EHQoKLcUQDYxlu48FxZId6Yq3+NYgV1FiGZ5/WW1TANsivJsvAqwaRxeTz6xAgMB
AAGjggGcMIIBmDAdBgNVHQ4EFgQU3DG4BNc1YMPMpRE4WR1QyrtKBNcwHwYDVR0j
BBgwFoAUlQW59MtBHdhTwHCsR2oB/tohyNIwDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL0F1Z3VzdC8yLzk1MDVC
OUY0Q0I0MTFERDg1M0MwNzBBQzQ3NkEwMUZFREEyMUM4RDIuY3JsMGQGCCsGAQUF
BwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmNvL3JlcG8vSFlTUC82
Lzk1MDVCOUY0Q0I0MTFERDg1M0MwNzBBQzQ3NkEwMUZFREEyMUM4RDIuY2VyMEYG
CCsGAQUFBwELBDowODA2BggrBgEFBQcwC4YqcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QXVndXN0LzIvQVMyMDM4ODgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1HAzANBgkqhkiG9w0BAQsF
AAOCAQEAn64//ONDixLSTHD+8VT6kWUQ03V0iTiAaCLadB61t/0EqJVmQLnpuKPM
irA21U4oPYLrMcTRAcjeyv9S1UtlSB5bJ06/RysH5dEWoSa98z8OeUO6mNy4SZAh
Myag4QgwY4GBOb6OP+RrKrIA9k0Jiy0cU/VvHkb/UBlYJlut/cVshccWu6PFW4mr
2U1ZLAkADlxBDMuLZcwsWi4pXrFuPmpP3du605Jh2FcyMBxoEi1+avLuabtYrmcd
Qikcpvt/YYFrXUSpK+gagnTYGIWkpzSdjCs4MXzTkT/L66EFsiaPNYAZe4bc0D7m
aWmUaPEKa8qYhEdbF1hUwOOmAYmvNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:29 2023 by rpki-client on console-fra.rpki-client.org