Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/August/2/AS212168.roa
File:                     AS212168.roa (raw, json)
Hash identifier:          8+IfgudCJgqhw6GSeuEfdoOn5KTgxDaWtJGeRGZuMM8=
Subject key identifier:   4C:B8:6F:12:1D:31:E2:7E:31:DF:5D:7E:AE:D9:DD:85:E9:2D:00:99
Certificate issuer:       /CN=9505B9F4CB411DD853C070AC476A01FEDA21C8D2
Certificate serial:       22901123D9C74A407443C980E34D8F0F07540279
Authority key identifier: 95:05:B9:F4:CB:41:1D:D8:53:C0:70:AC:47:6A:01:FE:DA:21:C8:D2
Authority info access:    rsync://rpki.co/repo/HYSP/6/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.cer
Subject info access:      rsync://rpki.co/repo/August/2/AS212168.roa
Signing time:             Sat 08 Apr 2023 09:22:09 +0000
ROA not before:           Sat 08 Apr 2023 09:17:09 +0000
ROA not after:            Sat 06 Apr 2024 09:22:09 +0000
asID:                     212168
IP address blocks:        2a12:dd47:5400::/38 maxlen: 48
                          2a12:dd47:5800::/38 maxlen: 48
                          2a12:dd47:f100::/44 maxlen: 44

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:90:11:23:d9:c7:4a:40:74:43:c9:80:e3:4d:8f:0f:07:54:02:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9505B9F4CB411DD853C070AC476A01FEDA21C8D2
        Validity
            Not Before: Apr  8 09:17:09 2023 GMT
            Not After : Apr  6 09:22:09 2024 GMT
        Subject: CN=4CB86F121D31E27E31DF5D7EAED9DD85E92D0099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:cd:2a:3c:50:8a:8d:3f:30:ad:c9:49:6a:c9:
                    a5:34:7f:92:ce:cb:13:93:63:3d:f2:16:76:a4:d6:
                    c5:ce:da:cf:1c:1b:6f:56:86:ae:8c:bd:dd:84:2a:
                    58:4b:32:27:23:5f:45:7a:66:58:35:e5:67:67:44:
                    9c:c2:c6:e8:10:a6:2f:a1:3f:bd:f1:a6:dd:46:f7:
                    33:e4:a9:68:93:9c:89:87:4e:f7:d1:68:bc:36:05:
                    ad:8e:bc:3b:1f:23:93:f6:d4:e6:47:34:38:7d:3c:
                    dc:b3:a8:5c:54:48:1c:39:73:7c:e8:8e:80:f8:2e:
                    2c:11:a1:2a:d5:64:35:fa:35:5d:b9:3e:6f:03:c4:
                    55:d7:81:7a:98:72:24:7f:df:6f:d4:1a:f8:13:4f:
                    08:aa:9a:0b:9e:af:c0:01:db:18:e3:a3:e5:e3:c3:
                    62:4e:cd:d1:8d:28:7a:a9:02:37:ad:dd:6c:a8:f7:
                    f4:dc:d9:67:c6:62:cc:43:36:00:02:74:52:d9:7c:
                    e7:6a:79:fd:b9:8f:b4:ef:2f:6b:77:f1:84:96:d9:
                    e6:7b:be:cd:71:9c:ca:c8:8f:06:1b:05:5a:02:e2:
                    66:f7:42:43:bb:35:16:45:6e:ce:dc:c5:0b:99:01:
                    0c:e4:3d:b9:48:d8:32:95:d8:52:0e:06:8e:ed:11:
                    06:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:B8:6F:12:1D:31:E2:7E:31:DF:5D:7E:AE:D9:DD:85:E9:2D:00:99
            X509v3 Authority Key Identifier:
                keyid:95:05:B9:F4:CB:41:1D:D8:53:C0:70:AC:47:6A:01:FE:DA:21:C8:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/August/2/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/HYSP/6/9505B9F4CB411DD853C070AC476A01FEDA21C8D2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/August/2/AS212168.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:5400::-2a12:dd47:5bff:ffff:ffff:ffff:ffff:ffff
                  2a12:dd47:f100::/44

    Signature Algorithm: sha256WithRSAEncryption
         03:71:7e:af:0b:55:fb:d8:8e:42:0d:a3:fb:33:13:43:90:38:
         fc:6c:ae:f5:05:da:a5:60:37:f1:9c:9b:5e:f2:d6:19:a6:20:
         1b:65:9e:4d:80:4a:82:bc:01:14:3d:8c:d5:e4:14:52:2d:eb:
         a7:12:09:ef:ac:94:cc:c2:db:f4:ba:f4:9a:ab:38:14:3a:87:
         af:f8:83:35:ad:bc:27:24:f6:c2:8f:0f:05:57:9d:f2:fa:66:
         88:c3:c2:6d:b9:ab:e4:d0:e9:79:e8:06:10:8a:c1:ee:c2:c0:
         f3:45:4a:88:80:d0:25:63:be:62:d3:e5:6f:4f:74:98:88:e9:
         52:72:2f:0b:54:6a:24:d0:c5:98:8b:30:fd:91:cb:4e:33:6c:
         9e:df:9c:59:bd:01:89:d8:05:59:5f:97:a7:59:9b:d5:d2:88:
         d7:76:d5:de:af:8e:c7:ec:77:1e:ba:1f:9e:2d:0b:78:7f:de:
         ce:0c:a5:42:59:11:01:ac:fe:01:2e:90:d0:da:cf:c5:0f:14:
         68:a7:e7:67:83:d3:30:8f:35:b6:15:ec:a3:b8:08:b0:50:e9:
         2d:b5:f2:4e:73:fa:2f:e5:2c:3c:03:2a:7e:79:30:37:37:05:
         28:36:bc:c1:2d:41:ac:54:c9:44:39:6a:79:2b:7d:4a:d3:75:
         27:28:95:6b
-----BEGIN CERTIFICATE-----
MIIEpTCCA42gAwIBAgIUIpARI9nHSkB0Q8mA402PDwdUAnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTUwNUI5RjRDQjQxMUREODUzQzA3MEFDNDc2QTAxRkVE
QTIxQzhEMjAeFw0yMzA0MDgwOTE3MDlaFw0yNDA0MDYwOTIyMDlaMDMxMTAvBgNV
BAMTKDRDQjg2RjEyMUQzMUUyN0UzMURGNUQ3RUFFRDlERDg1RTkyRDAwOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCezSo8UIqNPzCtyUlqyaU0f5LO
yxOTYz3yFnak1sXO2s8cG29Whq6Mvd2EKlhLMicjX0V6Zlg15WdnRJzCxugQpi+h
P73xpt1G9zPkqWiTnImHTvfRaLw2Ba2OvDsfI5P21OZHNDh9PNyzqFxUSBw5c3zo
joD4LiwRoSrVZDX6NV25Pm8DxFXXgXqYciR/32/UGvgTTwiqmguer8AB2xjjo+Xj
w2JOzdGNKHqpAjet3Wyo9/Tc2WfGYsxDNgACdFLZfOdqef25j7TvL2t38YSW2eZ7
vs1xnMrIjwYbBVoC4mb3QkO7NRZFbs7cxQuZAQzkPblI2DKV2FIOBo7tEQYvAgMB
AAGjggGvMIIBqzAdBgNVHQ4EFgQUTLhvEh0x4n4x311+rtndhektAJkwHwYDVR0j
BBgwFoAUlQW59MtBHdhTwHCsR2oB/tohyNIwDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL0F1Z3VzdC8yLzk1MDVC
OUY0Q0I0MTFERDg1M0MwNzBBQzQ3NkEwMUZFREEyMUM4RDIuY3JsMGQGCCsGAQUF
BwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmNvL3JlcG8vSFlTUC82
Lzk1MDVCOUY0Q0I0MTFERDg1M0MwNzBBQzQ3NkEwMUZFREEyMUM4RDIuY2VyMEYG
CCsGAQUFBwELBDowODA2BggrBgEFBQcwC4YqcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QXVndXN0LzIvQVMyMTIxNjgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMCEEAgACMBswEAMGAioS3UdUAwYCKhLdR1gDBwQq
Et1H8QAwDQYJKoZIhvcNAQELBQADggEBAANxfq8LVfvYjkINo/szE0OQOPxsrvUF
2qVgN/Gcm17y1hmmIBtlnk2ASoK8ARQ9jNXkFFIt66cSCe+slMzC2/S69JqrOBQ6
h6/4gzWtvCck9sKPDwVXnfL6ZojDwm25q+TQ6XnoBhCKwe7CwPNFSoiA0CVjvmLT
5W9PdJiI6VJyLwtUaiTQxZiLMP2Ry04zbJ7fnFm9AYnYBVlfl6dZm9XSiNd21d6v
jsfsdx66H54tC3h/3s4MpUJZEQGs/gEukNDaz8UPFGin52eD0zCPNbYV7KO4CLBQ
6S218k5z+i/lLDwDKn55MDc3BSg2vMEtQaxUyUQ5ankrfUrTdScolWs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:30 2023 by rpki-client on console-fra.rpki-client.org