Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/2c37b4-627f-4157-9b38-71d4651cc9e3/1/mVnZ7ToxLamMGzzsbO-e4DG444s.roa
File:                     mVnZ7ToxLamMGzzsbO-e4DG444s.roa (raw, json)
Hash identifier:          Ntl94SuVCXSc+QAvRf+qU5uJ+RK+Qkeh2mzTecfKtw4=
Subject key identifier:   99:59:D9:ED:3A:31:2D:A9:8C:1B:3C:EC:6C:EF:9E:E0:31:B8:E3:8B
Certificate issuer:       /CN=4456921693e31d6c96f671bea7341d0d58dfffe9
Certificate serial:       029B4A01
Authority key identifier: 44:56:92:16:93:E3:1D:6C:96:F6:71:BE:A7:34:1D:0D:58:DF:FF:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFaSFpPjHWyW9nG-pzQdDVjf_-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/2c37b4-627f-4157-9b38-71d4651cc9e3/1/mVnZ7ToxLamMGzzsbO-e4DG444s.roa
Signing time:             Sat 01 Jan 2022 05:53:35 +0000
ROA not before:           Sat 01 Jan 2022 05:53:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202709
IP address blocks:        185.253.53.0/24 maxlen: 24
                          2a10:b740::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43731457 (0x29b4a01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4456921693e31d6c96f671bea7341d0d58dfffe9
        Validity
            Not Before: Jan  1 05:53:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9959d9ed3a312da98c1b3cec6cef9ee031b8e38b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:91:76:cf:6d:98:ca:8e:24:f6:8e:92:29:41:
                    18:1b:7c:c6:7f:7b:c7:8e:f6:ec:f9:aa:39:57:29:
                    8f:39:c3:65:d5:e2:9a:61:3d:51:58:4c:c2:fe:b2:
                    1b:f9:4e:13:c9:f1:f5:08:28:12:ec:7a:9b:ce:dc:
                    d6:23:2c:26:a2:d7:0e:0d:06:13:97:cb:fd:5f:18:
                    db:0a:75:60:91:1b:0b:85:50:96:a0:97:ad:a9:cd:
                    81:c9:e9:98:c0:9c:46:17:73:3f:58:89:05:5d:27:
                    09:5f:e6:40:60:72:c7:79:28:d8:81:5b:68:3f:7b:
                    a5:58:48:a4:30:55:32:f6:1b:94:fe:6b:c5:71:56:
                    f3:88:08:6c:91:46:ce:a4:7f:d3:82:7d:7d:9d:88:
                    e6:b9:45:9b:42:d2:ba:15:85:65:d0:ee:4a:96:33:
                    aa:97:37:b0:e2:2f:9f:48:9e:bc:a1:cb:ae:52:d4:
                    83:e7:10:59:5a:05:18:d5:e9:80:89:a4:fc:a7:63:
                    a9:bc:07:17:ec:1d:3e:ba:73:59:d6:85:1d:f1:7a:
                    bc:84:16:bd:f2:02:22:ad:f7:06:05:1b:6d:93:44:
                    b7:88:2a:a5:02:fe:44:b1:c1:f5:30:8f:b4:92:83:
                    54:ed:ff:a9:61:36:60:51:69:65:92:85:e3:19:cd:
                    49:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:59:D9:ED:3A:31:2D:A9:8C:1B:3C:EC:6C:EF:9E:E0:31:B8:E3:8B
            X509v3 Authority Key Identifier:
                keyid:44:56:92:16:93:E3:1D:6C:96:F6:71:BE:A7:34:1D:0D:58:DF:FF:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFaSFpPjHWyW9nG-pzQdDVjf_-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2c37b4-627f-4157-9b38-71d4651cc9e3/1/mVnZ7ToxLamMGzzsbO-e4DG444s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2c37b4-627f-4157-9b38-71d4651cc9e3/1/RFaSFpPjHWyW9nG-pzQdDVjf_-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.53.0/24
                IPv6:
                  2a10:b740::/29

    Signature Algorithm: sha256WithRSAEncryption
         b1:ae:c3:8a:f2:f6:78:87:f7:4d:8c:ab:3f:9b:31:64:8e:a5:
         08:5a:7f:2d:ef:27:34:03:8f:ab:b8:90:3b:c2:54:9d:a3:7f:
         bc:c1:92:ed:ee:ca:c4:0e:32:37:74:03:7e:c9:74:ec:b9:f0:
         07:d3:61:b5:b9:5e:fd:68:d4:cc:57:db:79:28:75:af:4e:a0:
         3f:70:cf:53:7a:8d:2b:1d:85:c6:76:11:db:65:54:04:97:e8:
         a9:a3:e9:80:e4:20:37:77:65:35:fc:00:7c:2c:01:32:00:43:
         48:89:8c:5c:3e:ea:c0:73:c4:9c:4d:e1:1f:64:6e:51:c0:42:
         c6:a7:b7:e0:28:e8:de:8c:ab:0a:a0:48:4c:5a:df:17:c7:38:
         ee:dc:c8:1a:21:c8:f8:f5:f6:05:95:02:af:f0:7a:09:87:aa:
         a8:00:0e:1f:97:65:0b:ad:6e:b1:80:9a:7c:9d:9c:86:21:f9:
         29:e0:4f:96:49:1b:b1:2e:77:1a:a1:0f:83:df:97:19:6e:c3:
         e8:a5:c2:27:b2:4d:d0:f5:72:d7:bd:70:c1:b0:42:e1:d4:1b:
         1a:bf:3f:19:ed:48:64:15:44:18:74:eb:3e:a8:11:10:4c:88:
         be:41:d2:2f:52:c9:6b:11:06:77:58:a4:4d:4e:cd:70:bd:db:
         79:a9:99:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAptKATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU2OTIxNjkzZTMxZDZjOTZmNjcxYmVhNzM0MWQwZDU4ZGZmZmU5MB4XDTIyMDEw
MTA1NTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk1OWQ5ZWQzYTMx
MmRhOThjMWIzY2VjNmNlZjllZTAzMWI4ZTM4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2Rds9tmMqOJPaOkilBGBt8xn97x4727PmqOVcpjznDZdXi
mmE9UVhMwv6yG/lOE8nx9QgoEux6m87c1iMsJqLXDg0GE5fL/V8Y2wp1YJEbC4VQ
lqCXranNgcnpmMCcRhdzP1iJBV0nCV/mQGByx3ko2IFbaD97pVhIpDBVMvYblP5r
xXFW84gIbJFGzqR/04J9fZ2I5rlFm0LSuhWFZdDuSpYzqpc3sOIvn0ievKHLrlLU
g+cQWVoFGNXpgImk/KdjqbwHF+wdPrpzWdaFHfF6vIQWvfICIq33BgUbbZNEt4gq
pQL+RLHB9TCPtJKDVO3/qWE2YFFpZZKF4xnNSUECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSZWdntOjEtqYwbPOxs757gMbjjizAfBgNVHSMEGDAWgBREVpIWk+MdbJb2
cb6nNB0NWN//6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGYVNGcFBqSFd5VzluRy1welFkRFZqZl8tay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMmMzN2I0LTYyN2YtNDE1Ny05YjM4LTcxZDQ2NTFjYzllMy8x
L21Wblo3VG94TGFtTUd6enNiTy1lNERHNDQ0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MmMzN2I0LTYyN2YtNDE1Ny05YjM4LTcxZDQ2NTFjYzllMy8xL1JGYVNGcFBqSFd5
VzluRy1welFkRFZqZl8tay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALn9NTANBAIAAjAHAwUDKhC3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAsa7DivL2eIf3TYyrP5sxZI6lCFp/Le8nNAOPq7iQ
O8JUnaN/vMGS7e7KxA4yN3QDfsl07LnwB9Nhtble/WjUzFfbeSh1r06gP3DPU3qN
Kx2FxnYR22VUBJfoqaPpgOQgN3dlNfwAfCwBMgBDSImMXD7qwHPEnE3hH2RuUcBC
xqe34Cjo3oyrCqBITFrfF8c47tzIGiHI+PX2BZUCr/B6CYeqqAAOH5dlC61usYCa
fJ2chiH5KeBPlkkbsS53GqEPg9+XGW7D6KXCJ7JN0PVy171wwbBC4dQbGr8/Ge1I
ZBVEGHTrPqgREEyIvkHSL1LJaxEGd1ikTU7NcL3beamZ6w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-ams.rpki-client.org