Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/HNjsVT1hdeJ7yA5p8xzdDdPzyh8.roa
File:                     HNjsVT1hdeJ7yA5p8xzdDdPzyh8.roa (raw, json)
Hash identifier:          glQ+uUD9CAbHu9dxAED7+lkmIndtGd1noEmlzEdhPpk=
Subject key identifier:   1C:D8:EC:55:3D:61:75:E2:7B:C8:0E:69:F3:1C:DD:0D:D3:F3:CA:1F
Certificate issuer:       /CN=7e4c0e45307df8c8ec4c8d4ff0a324a325849c8c
Certificate serial:       F322E8
Authority key identifier: 7E:4C:0E:45:30:7D:F8:C8:EC:4C:8D:4F:F0:A3:24:A3:25:84:9C:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkwORTB9-MjsTI1P8KMkoyWEnIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/HNjsVT1hdeJ7yA5p8xzdDdPzyh8.roa
Signing time:             Wed 05 Jan 2022 15:21:38 +0000
ROA not before:           Wed 05 Jan 2022 15:21:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        213.232.238.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15934184 (0xf322e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e4c0e45307df8c8ec4c8d4ff0a324a325849c8c
        Validity
            Not Before: Jan  5 15:21:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cd8ec553d6175e27bc80e69f31cdd0dd3f3ca1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:0d:d0:71:a3:06:03:eb:b4:10:15:cf:eb:e1:
                    0d:e9:ca:fb:9b:dc:4b:65:86:cc:43:08:20:60:24:
                    14:02:ee:76:8e:06:fa:63:2d:75:7b:71:ac:27:d0:
                    e6:18:b0:ed:dc:80:2b:00:0e:d6:22:af:0f:34:a3:
                    0f:73:de:67:d6:5d:39:de:9d:99:d2:e0:ab:6c:6e:
                    fa:80:34:d6:37:ba:57:ed:6d:0a:4b:6c:2d:f5:93:
                    35:a7:56:85:4c:2b:b0:8f:53:a1:b2:91:e9:c1:28:
                    a4:79:e9:35:51:a3:ac:26:70:71:ed:21:81:ee:ee:
                    60:c6:0a:2d:b8:03:54:6d:b7:18:3d:b2:3b:f3:68:
                    23:f0:37:34:4d:ae:8f:42:9f:0b:c1:45:46:9b:a5:
                    11:9c:8a:53:de:69:a1:27:72:fc:b8:8b:4f:4e:5c:
                    9a:a3:90:2c:14:12:11:ee:91:07:cf:9a:60:b9:08:
                    a8:c2:dd:45:c2:cc:cf:3b:71:a1:29:26:0b:56:af:
                    c6:cd:b0:29:64:8e:f9:47:22:c6:39:93:d3:01:a4:
                    36:63:38:6a:10:e9:4b:3f:bb:20:b2:fe:da:8f:97:
                    29:21:1e:ea:9d:cd:ef:93:f1:66:41:e5:64:84:e1:
                    6f:c3:60:d9:e2:c0:03:eb:6c:36:b9:f9:f5:63:05:
                    09:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:D8:EC:55:3D:61:75:E2:7B:C8:0E:69:F3:1C:DD:0D:D3:F3:CA:1F
            X509v3 Authority Key Identifier:
                keyid:7E:4C:0E:45:30:7D:F8:C8:EC:4C:8D:4F:F0:A3:24:A3:25:84:9C:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkwORTB9-MjsTI1P8KMkoyWEnIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/HNjsVT1hdeJ7yA5p8xzdDdPzyh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/fkwORTB9-MjsTI1P8KMkoyWEnIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:26:ca:cd:c0:1a:54:72:1e:53:b4:6e:09:cc:e5:e3:5a:af:
         30:fa:fc:3a:fa:dc:60:08:d2:1b:74:16:b1:0a:34:51:d7:ae:
         d8:17:83:66:eb:fd:c8:00:0a:64:31:23:fe:c2:8c:41:04:2b:
         32:12:40:e7:64:b4:f3:a4:86:f9:d6:38:88:25:ae:7d:85:a7:
         5b:29:08:f3:82:c5:26:18:6c:e7:b1:f7:66:89:f0:57:29:11:
         56:f6:23:44:68:4a:6e:54:2f:9f:8c:0a:b5:01:43:cd:00:89:
         b1:da:1b:d4:53:ce:29:d8:35:69:33:6b:db:ab:e3:53:bb:ec:
         56:55:8d:a9:f2:bd:60:b1:44:44:e5:ec:92:e9:b4:10:b7:64:
         58:e7:32:3f:e5:e2:e5:56:1f:d2:4e:cf:13:89:6d:1d:a1:3b:
         b9:13:c9:3a:76:5b:45:5c:37:f0:36:1b:2c:00:15:6a:8c:01:
         aa:63:58:ab:3d:2b:bc:09:a7:f5:ae:f9:5f:00:2a:6c:73:30:
         c2:ad:4f:83:6e:f4:4c:34:63:9f:b2:71:68:37:2d:4c:d1:89:
         21:74:e3:f2:fb:aa:82:86:4e:89:86:a9:0b:15:70:32:23:95:
         4d:c4:be:83:e7:b9:c5:27:3b:45:2e:e1:20:71:d0:9a:e9:65:
         54:58:2e:47
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPMi6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTRjMGU0NTMwN2RmOGM4ZWM0YzhkNGZmMGEzMjRhMzI1ODQ5YzhjMB4XDTIyMDEw
NTE1MjEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNkOGVjNTUzZDYx
NzVlMjdiYzgwZTY5ZjMxY2RkMGRkM2YzY2ExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIN0HGjBgPrtBAVz+vhDenK+5vcS2WGzEMIIGAkFALudo4G
+mMtdXtxrCfQ5hiw7dyAKwAO1iKvDzSjD3PeZ9ZdOd6dmdLgq2xu+oA01je6V+1t
CktsLfWTNadWhUwrsI9TobKR6cEopHnpNVGjrCZwce0hge7uYMYKLbgDVG23GD2y
O/NoI/A3NE2uj0KfC8FFRpulEZyKU95poSdy/LiLT05cmqOQLBQSEe6RB8+aYLkI
qMLdRcLMzztxoSkmC1avxs2wKWSO+UcixjmT0wGkNmM4ahDpSz+7ILL+2o+XKSEe
6p3N75PxZkHlZIThb8Ng2eLAA+tsNrn59WMFCdsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQc2OxVPWF14nvIDmnzHN0N0/PKHzAfBgNVHSMEGDAWgBR+TA5FMH34yOxM
jU/woySjJYScjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Zrd09SVEI5LU1qc1RJMVA4S01rb3lXRW5Jdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYTQ1ODY3LTNmNWUtNDU0ZS1hYTFjLTllMTE2MWI0NDYyMi8x
L0hOanNWVDFoZGVKN3lBNXA4eHpkRGRQenloOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YTQ1ODY3LTNmNWUtNDU0ZS1hYTFjLTllMTE2MWI0NDYyMi8xL2Zrd09SVEI5LU1q
c1RJMVA4S01rb3lXRW5Jdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo7jANBgkqhkiG9w0BAQsFAAOC
AQEAjSbKzcAaVHIeU7RuCczl41qvMPr8OvrcYAjSG3QWsQo0Udeu2BeDZuv9yAAK
ZDEj/sKMQQQrMhJA52S086SG+dY4iCWufYWnWykI84LFJhhs57H3ZonwVykRVvYj
RGhKblQvn4wKtQFDzQCJsdob1FPOKdg1aTNr26vjU7vsVlWNqfK9YLFEROXskum0
ELdkWOcyP+Xi5VYf0k7PE4ltHaE7uRPJOnZbRVw38DYbLAAVaowBqmNYqz0rvAmn
9a75XwAqbHMwwq1Pg270TDRjn7JxaDctTNGJIXTj8vuqgoZOiYapCxVwMiOVTcS+
g+e5xSc7RS7hIHHQmullVFguRw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:47 2023 by rpki-client on console-ams.rpki-client.org