Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Riffi/1/326131323a646434373a643030303a3a2f34302d3438203d3e20323030353739.roa
File:                     326131323a646434373a643030303a3a2f34302d3438203d3e20323030353739.roa (raw, json)
Hash identifier:          2+FstKI96TqE7pUf6uo3GhnAUjflXzLpwsjYCxWfgy4=
Subject key identifier:   91:B2:76:41:C6:2D:FB:F6:57:CF:F8:68:EE:E2:0E:3E:37:78:9C:DB
Certificate issuer:       /CN=A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136
Certificate serial:       79084FC0151DFB51E56CF408A240F806DCFC2ABB
Authority key identifier: A7:DB:DD:E4:5B:9B:ED:9C:17:CB:20:F2:AE:29:EC:70:3C:86:A1:36
Authority info access:    rsync://rpki.co/repo/AS945/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.cer
Subject info access:      rsync://rpki.co/repo/Riffi/1/326131323a646434373a643030303a3a2f34302d3438203d3e20323030353739.roa
Signing time:             Thu 14 Mar 2024 08:14:06 +0000
ROA not before:           Thu 14 Mar 2024 08:09:06 +0000
ROA not after:            Thu 13 Mar 2025 08:14:06 +0000
asID:                     200579
IP address blocks:        2a12:dd47:d000::/40 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:08:4f:c0:15:1d:fb:51:e5:6c:f4:08:a2:40:f8:06:dc:fc:2a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136
        Validity
            Not Before: Mar 14 08:09:06 2024 GMT
            Not After : Mar 13 08:14:06 2025 GMT
        Subject: CN=91B27641C62DFBF657CFF868EEE20E3E37789CDB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:80:2b:38:ef:96:48:18:72:5b:04:af:35:fd:
                    2f:52:6d:29:38:c5:30:6a:2e:71:a9:0e:48:c0:1f:
                    72:83:56:99:37:fe:89:a5:19:37:30:49:7a:4d:10:
                    7b:9b:07:4c:0f:4e:a2:69:5e:0a:65:6e:89:d1:4e:
                    a4:9a:16:ce:e3:8e:0f:3e:aa:e1:67:7f:06:7b:c2:
                    80:53:10:7f:3a:7a:04:05:d1:e2:1a:ff:4f:4a:43:
                    ef:7e:04:f3:a1:33:40:e6:dd:83:47:d9:7e:02:15:
                    b6:32:81:f8:9a:48:7b:ed:e7:f0:17:0e:bf:43:c9:
                    d8:fa:46:74:f6:75:bf:f2:f1:b0:1f:ce:43:57:aa:
                    d4:ed:46:36:1a:9b:56:e9:66:a2:8d:3d:47:0b:be:
                    96:e0:60:06:58:45:81:ea:50:9a:02:48:60:cf:8a:
                    de:63:34:ec:cb:bb:c7:c6:43:94:e3:c6:a4:a9:53:
                    7d:64:06:52:ea:0e:9a:3d:20:f2:96:b1:f6:16:5b:
                    ea:5b:ca:3b:89:4b:63:95:c5:3d:23:7e:6f:cb:9a:
                    1c:8c:ae:cf:e1:bd:c7:fc:d5:f6:bd:50:3c:61:30:
                    17:38:22:2d:2e:8c:db:2f:3b:f3:fa:d7:c8:86:36:
                    af:ac:eb:51:d8:08:54:6f:62:e0:12:d1:e9:1e:78:
                    85:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:B2:76:41:C6:2D:FB:F6:57:CF:F8:68:EE:E2:0E:3E:37:78:9C:DB
            X509v3 Authority Key Identifier:
                keyid:A7:DB:DD:E4:5B:9B:ED:9C:17:CB:20:F2:AE:29:EC:70:3C:86:A1:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Riffi/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/A7DBDDE45B9BED9C17CB20F2AE29EC703C86A136.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Riffi/1/326131323a646434373a643030303a3a2f34302d3438203d3e20323030353739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:d000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b7:0b:3e:14:6b:d7:fb:03:c1:b9:06:0e:a7:e1:c7:b5:29:19:
         1c:fc:90:f6:77:4f:92:b9:e0:ae:ea:4c:57:41:a3:43:b7:85:
         46:bd:54:a3:32:a4:6a:74:a6:c8:d9:0a:85:b7:86:8c:d8:a1:
         91:d6:fd:d9:2e:8c:b6:d7:07:6c:ab:2d:70:a7:8c:6a:f8:28:
         cf:7f:c0:0f:a1:c4:62:cf:a8:22:f4:1c:f3:4a:11:21:6b:2c:
         af:35:26:25:67:f3:e1:75:5a:9e:13:eb:55:1a:9f:d9:48:be:
         5f:e0:30:5d:54:de:69:b6:b3:aa:98:6e:7a:26:3c:c8:54:52:
         78:fb:81:23:0a:60:1a:05:bf:c6:f4:65:6a:e7:eb:60:57:ff:
         a3:df:37:a4:81:7a:9e:2a:b8:5f:57:f8:e5:e2:80:5b:d2:6a:
         e4:44:bf:9d:f4:dc:04:31:80:ca:17:f4:cd:4e:bf:d2:df:c3:
         4e:9b:48:d6:95:16:04:3c:62:1f:60:a1:ec:60:6b:69:f8:b5:
         cc:c0:28:20:fb:07:90:2a:d5:52:dd:a6:c1:ac:b3:06:7e:da:
         02:12:d7:24:52:37:15:22:e8:f0:f4:fb:de:9b:06:1a:4e:f8:
         c5:9e:c1:29:ce:91:ac:8c:06:86:06:89:aa:e0:7f:d0:67:fb:
         bc:eb:15:6a
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUeQhPwBUd+1HlbPQIokD4Btz8KrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTdEQkRERTQ1QjlCRUQ5QzE3Q0IyMEYyQUUyOUVDNzAz
Qzg2QTEzNjAeFw0yNDAzMTQwODA5MDZaFw0yNTAzMTMwODE0MDZaMDMxMTAvBgNV
BAMTKDkxQjI3NjQxQzYyREZCRjY1N0NGRjg2OEVFRTIwRTNFMzc3ODlDREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEgCs475ZIGHJbBK81/S9SbSk4
xTBqLnGpDkjAH3KDVpk3/omlGTcwSXpNEHubB0wPTqJpXgplbonRTqSaFs7jjg8+
quFnfwZ7woBTEH86egQF0eIa/09KQ+9+BPOhM0Dm3YNH2X4CFbYygfiaSHvt5/AX
Dr9Dydj6RnT2db/y8bAfzkNXqtTtRjYam1bpZqKNPUcLvpbgYAZYRYHqUJoCSGDP
it5jNOzLu8fGQ5TjxqSpU31kBlLqDpo9IPKWsfYWW+pbyjuJS2OVxT0jfm/LmhyM
rs/hvcf81fa9UDxhMBc4Ii0ujNsvO/P618iGNq+s61HYCFRvYuAS0ekeeIUtAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUkbJ2QcYt+/ZXz/ho7uIOPjd4nNswHwYDVR0j
BBgwFoAUp9vd5Fub7ZwXyyDyrinscDyGoTYwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL1JpZmZpLzEvQTdEQkRE
RTQ1QjlCRUQ5QzE3Q0IyMEYyQUUyOUVDNzAzQzg2QTEzNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28vcmVwby9BUzk0NS8x
L0E3REJEREU0NUI5QkVEOUMxN0NCMjBGMkFFMjlFQzcwM0M4NkExMzYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
UmlmZmkvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY0MzAzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzIzMDMwMzUzNzM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR9AwDQYJKoZI
hvcNAQELBQADggEBALcLPhRr1/sDwbkGDqfhx7UpGRz8kPZ3T5K54K7qTFdBo0O3
hUa9VKMypGp0psjZCoW3hozYoZHW/dkujLbXB2yrLXCnjGr4KM9/wA+hxGLPqCL0
HPNKESFrLK81JiVn8+F1Wp4T61Uan9lIvl/gMF1U3mm2s6qYbnomPMhUUnj7gSMK
YBoFv8b0ZWrn62BX/6PfN6SBep4quF9X+OXigFvSauREv5303AQxgMoX9M1Ov9Lf
w06bSNaVFgQ8Yh9goexga2n4tczAKCD7B5Aq1VLdpsGsswZ+2gIS1yRSNxUi6PD0
+96bBhpO+MWewSnOkayMBoYGiargf9Bn+7zrFWo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:59:02 2024 by rpki-client on console-ams.rpki-client.org