Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Riffi/1/326131323a646434373a383730303a3a2f34302d3438203d3e20323033383638.roa
File:                     326131323a646434373a383730303a3a2f34302d3438203d3e20323033383638.roa (raw, json)
Hash identifier:          2Wh5hlf3CE2eoqpnrDOGkbGPepB3PkjHR7Zo2h4WjyU=
Subject key identifier:   0C:4D:04:5D:BB:C4:D5:F9:21:E3:1E:95:82:5F:D2:8B:6C:D6:C1:0B
Certificate issuer:       /CN=A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136
Certificate serial:       03C5AAE2BA2C76162D85D6E2868B4364C25D2264
Authority key identifier: A7:DB:DD:E4:5B:9B:ED:9C:17:CB:20:F2:AE:29:EC:70:3C:86:A1:36
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.cer
Subject info access:      rsync://rpki.co/repo/Riffi/1/326131323a646434373a383730303a3a2f34302d3438203d3e20323033383638.roa
Signing time:             Sun 30 Jun 2024 00:47:47 +0000
ROA not before:           Sun 30 Jun 2024 00:42:47 +0000
ROA not after:            Sun 29 Jun 2025 00:47:47 +0000
asID:                     203868
IP address blocks:        2a12:dd47:8700::/40 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c5:aa:e2:ba:2c:76:16:2d:85:d6:e2:86:8b:43:64:c2:5d:22:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136
        Validity
            Not Before: Jun 30 00:42:47 2024 GMT
            Not After : Jun 29 00:47:47 2025 GMT
        Subject: CN=0C4D045DBBC4D5F921E31E95825FD28B6CD6C10B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bb:2d:fe:fa:c4:e9:a2:79:66:6c:70:d1:c8:
                    22:95:6a:44:23:ed:c6:c6:c0:68:c8:ae:ba:81:36:
                    d9:01:3b:76:45:01:65:91:a4:a6:f0:d0:b8:b2:eb:
                    a4:7a:66:bb:04:7d:21:5d:94:5c:37:bf:c3:35:eb:
                    a4:15:d4:c8:0d:e3:47:45:b9:fe:3b:c8:7a:d9:68:
                    16:b6:7b:35:36:20:c8:e8:eb:22:50:c1:a7:86:43:
                    4a:83:4c:4b:39:7c:62:68:b1:87:6e:ac:cd:ab:98:
                    55:e2:44:00:d2:ed:8d:d5:42:29:a0:da:39:db:e5:
                    13:45:e3:e2:3f:58:64:c4:27:5e:08:ca:26:b6:58:
                    44:c9:e7:9a:8a:0d:11:e9:9e:1f:64:95:06:cb:46:
                    86:6a:5e:8c:af:72:45:b9:3e:e0:59:ad:be:c1:52:
                    49:b4:31:26:78:75:13:49:44:9a:4e:45:20:b7:96:
                    fe:59:b3:83:0e:fc:5d:bd:c5:ef:a8:9b:5e:cb:e5:
                    f6:b1:c5:98:90:2d:42:17:72:13:4b:c2:55:45:1b:
                    98:f6:e9:68:e9:d7:ff:af:b7:06:0f:25:49:c4:dc:
                    ca:76:f1:b4:8f:4c:31:b6:d8:55:5d:ab:f5:f8:62:
                    b3:8f:46:20:71:c5:39:b8:c8:18:a9:04:da:b1:de:
                    b4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:4D:04:5D:BB:C4:D5:F9:21:E3:1E:95:82:5F:D2:8B:6C:D6:C1:0B
            X509v3 Authority Key Identifier:
                keyid:A7:DB:DD:E4:5B:9B:ED:9C:17:CB:20:F2:AE:29:EC:70:3C:86:A1:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Riffi/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Riffi/1/326131323a646434373a383730303a3a2f34302d3438203d3e20323033383638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8700::/40

    Signature Algorithm: sha256WithRSAEncryption
         02:ae:f1:f8:7c:f5:72:f5:8e:fc:3c:46:83:e3:2c:2a:ec:61:
         7e:85:59:83:13:76:37:99:d5:4f:be:f1:40:61:8b:5a:de:68:
         f6:b7:b1:c2:11:d5:0d:37:bd:9b:f3:2c:81:ac:4c:85:1c:fa:
         90:a5:89:ed:3b:01:15:82:06:dd:ed:52:c1:f4:9f:d9:1e:c8:
         2c:7a:17:9b:76:36:63:09:61:ca:8b:a1:f0:3b:6f:f1:1a:e5:
         92:72:2b:70:75:e7:a8:8b:fe:85:9f:5c:5f:ec:17:0f:47:20:
         c5:d7:c2:cc:8a:f7:4f:74:1f:da:a0:29:61:e8:45:30:13:34:
         75:ad:f5:28:89:0b:cf:4e:d0:87:fe:dd:24:0a:cd:10:f3:72:
         73:38:21:36:aa:c8:27:71:25:89:5d:96:fb:d1:d4:2c:ba:35:
         83:db:0a:10:9e:82:1e:46:56:22:1b:30:31:e4:84:db:dc:eb:
         59:29:b9:03:fd:7a:d8:41:42:85:f8:09:e3:cd:ec:d9:e2:ad:
         59:7b:2d:cb:f3:2d:31:20:fe:b1:28:15:ae:28:04:dd:e4:43:
         e0:55:1e:eb:4f:fb:6f:69:55:9a:fd:93:17:94:a3:dd:ac:1f:
         8d:bd:30:f1:46:4f:15:06:9d:c5:2c:8e:a5:84:6a:5f:17:72:
         d4:98:0f:48
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIUA8Wq4rosdhYthdbihotDZMJdImQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTdEQkRERTQ1QjlCRUQ5QzE3Q0IyMEYyQUUyOUVDNzAz
Qzg2QTEzNjAeFw0yNDA2MzAwMDQyNDdaFw0yNTA2MjkwMDQ3NDdaMDMxMTAvBgNV
BAMTKDBDNEQwNDVEQkJDNEQ1RjkyMUUzMUU5NTgyNUZEMjhCNkNENkMxMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIuy3++sTponlmbHDRyCKVakQj
7cbGwGjIrrqBNtkBO3ZFAWWRpKbw0Liy66R6ZrsEfSFdlFw3v8M166QV1MgN40dF
uf47yHrZaBa2ezU2IMjo6yJQwaeGQ0qDTEs5fGJosYdurM2rmFXiRADS7Y3VQimg
2jnb5RNF4+I/WGTEJ14Iyia2WETJ55qKDRHpnh9klQbLRoZqXoyvckW5PuBZrb7B
Ukm0MSZ4dRNJRJpORSC3lv5Zs4MO/F29xe+om17L5faxxZiQLUIXchNLwlVFG5j2
6Wjp1/+vtwYPJUnE3Mp28bSPTDG22FVdq/X4YrOPRiBxxTm4yBipBNqx3rQpAgMB
AAGjggICMIIB/jAdBgNVHQ4EFgQUDE0EXbvE1fkh4x6Vgl/Si2zWwQswHwYDVR0j
BBgwFoAUp9vd5Fub7ZwXyyDyrinscDyGoTYwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL1JpZmZpLzEvQTdEQkRE
RTQ1QjlCRUQ5QzE3Q0IyMEYyQUUyOUVDNzAzQzg2QTEzNi5jcmwwgZMGCCsGAQUF
BwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmOGZkZWVjMGMwMTkwMzNkYmRlY2M0ZmE0LzEv
QTdEQkRERTQ1QjlCRUQ5QzE3Q0IyMEYyQUUyOUVDNzAzQzg2QTEzNi5jZXIwfQYI
KwYBBQUHAQsEcTBvMG0GCCsGAQUFBzALhmFyc3luYzovL3Jwa2kuY28vcmVwby9S
aWZmaS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhMzgzNzMwMzAzYTNhMmYzNDMwMmQz
NDM4MjAzZDNlMjAzMjMwMzMzODM2Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1HhzANBgkqhkiG
9w0BAQsFAAOCAQEAAq7x+Hz1cvWO/DxGg+MsKuxhfoVZgxN2N5nVT77xQGGLWt5o
9rexwhHVDTe9m/MsgaxMhRz6kKWJ7TsBFYIG3e1SwfSf2R7ILHoXm3Y2Ywlhyouh
8Dtv8RrlknIrcHXnqIv+hZ9cX+wXD0cgxdfCzIr3T3Qf2qApYehFMBM0da31KIkL
z07Qh/7dJArNEPNyczghNqrIJ3EliV2W+9HULLo1g9sKEJ6CHkZWIhswMeSE29zr
WSm5A/162EFChfgJ483s2eKtWXsty/MtMSD+sSgVrigE3eRD4FUe60/7b2lVmv2T
F5Sj3awfjb0w8UZPFQadxSyOpYRqXxdy1JgPSA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:15:39 2024 by rpki-client on console-ams.rpki-client.org