Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/MGKFIuVbq9VoqI5GfXLqiMPhDgc.roa
File:                     MGKFIuVbq9VoqI5GfXLqiMPhDgc.roa (raw, json)
Hash identifier:          3qEjThQCsZGZ9Jui17MJdfDXWI5DOqXqzjfjYnWsT9E=
Subject key identifier:   30:62:85:22:E5:5B:AB:D5:68:A8:8E:46:7D:72:EA:88:C3:E1:0E:07
Certificate issuer:       /CN=7e4c0e45307df8c8ec4c8d4ff0a324a325849c8c
Certificate serial:       012DB2C6
Authority key identifier: 7E:4C:0E:45:30:7D:F8:C8:EC:4C:8D:4F:F0:A3:24:A3:25:84:9C:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkwORTB9-MjsTI1P8KMkoyWEnIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/MGKFIuVbq9VoqI5GfXLqiMPhDgc.roa
Signing time:             Wed 02 Feb 2022 14:16:53 +0000
ROA not before:           Wed 02 Feb 2022 14:16:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        213.232.238.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19772102 (0x12db2c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e4c0e45307df8c8ec4c8d4ff0a324a325849c8c
        Validity
            Not Before: Feb  2 14:16:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=30628522e55babd568a88e467d72ea88c3e10e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:3d:24:22:6a:3f:ae:80:ba:e9:47:0d:74:a6:
                    ca:ff:8c:34:b0:fc:9d:cf:ca:65:d3:79:0c:a7:c3:
                    e2:0e:ee:96:74:55:22:62:aa:4a:ec:5e:98:5e:c7:
                    e5:ba:d7:cc:9b:37:46:7b:e0:18:6e:51:0d:a0:ec:
                    84:8b:8f:f1:e5:2c:20:55:13:00:03:97:ed:0a:71:
                    de:ba:20:fc:8b:2b:e7:7f:d2:2a:47:a7:02:16:6b:
                    27:86:74:2c:2c:04:45:94:79:a7:79:eb:9a:e3:b0:
                    cc:58:46:cb:df:30:00:01:a4:83:47:0d:00:97:31:
                    12:d9:8e:ee:17:89:8d:c4:29:40:c1:16:d0:82:6c:
                    06:aa:45:3f:28:e8:48:08:d7:b2:d8:fe:b9:41:36:
                    04:6f:a8:b5:0d:1a:74:e2:91:38:2b:66:8a:f0:f4:
                    dc:f3:ca:d3:78:00:f8:d8:0d:a2:ee:f4:92:9e:c2:
                    a1:cf:1f:32:09:5a:5a:9d:7f:db:78:92:2e:c1:81:
                    3d:51:ad:31:1c:4c:b4:2b:69:6d:b1:38:85:27:70:
                    65:2d:e9:0f:d6:f0:69:5e:61:d1:6b:cd:d0:30:e3:
                    3e:f4:24:6b:23:5a:78:c2:0d:38:d0:b5:ed:0e:93:
                    47:87:08:bb:d4:83:c3:6a:f2:c3:5c:4e:44:2a:9e:
                    d1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:62:85:22:E5:5B:AB:D5:68:A8:8E:46:7D:72:EA:88:C3:E1:0E:07
            X509v3 Authority Key Identifier:
                keyid:7E:4C:0E:45:30:7D:F8:C8:EC:4C:8D:4F:F0:A3:24:A3:25:84:9C:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkwORTB9-MjsTI1P8KMkoyWEnIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/MGKFIuVbq9VoqI5GfXLqiMPhDgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a45867-3f5e-454e-aa1c-9e1161b44622/1/fkwORTB9-MjsTI1P8KMkoyWEnIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:43:41:a8:85:63:9a:a6:4b:09:b4:6c:f9:13:74:24:ac:3d:
         97:a2:e2:37:9a:1d:d0:fa:73:7a:24:8e:f7:1d:85:91:7e:b7:
         c5:c4:58:83:a6:33:f8:82:74:29:91:59:ed:1a:8e:e5:8d:4b:
         cd:73:19:3d:9c:c7:9d:aa:38:94:1a:f9:42:4c:c6:47:e6:6a:
         40:f1:52:23:57:6a:bb:67:69:d7:2b:b1:55:3f:43:25:b1:17:
         98:61:41:30:01:8f:71:fc:ce:a6:0e:b7:74:cf:b0:1b:04:e1:
         c1:a1:65:8b:89:7c:c2:5f:63:61:c9:a8:bd:07:76:ee:87:69:
         9d:fe:b8:04:7a:9e:62:e4:d1:94:0c:f9:f1:2c:9d:44:8c:09:
         31:68:bd:57:6f:9c:ce:43:bc:e7:e8:a6:58:3f:bb:29:f5:fe:
         73:26:5c:1b:30:f5:10:30:b6:38:5c:2a:61:ed:c5:01:c6:38:
         12:04:57:df:ae:9c:44:e6:c3:19:0a:2f:bc:b7:2c:5f:a4:cc:
         f1:90:d3:46:2a:80:01:ea:a9:37:2f:82:d1:a5:de:e9:f7:0c:
         a8:7b:07:00:ce:f4:65:e0:7b:97:2b:35:23:04:39:b6:95:36:
         9c:36:69:28:f7:db:bf:5f:4f:cf:1b:a1:a6:b9:94:8f:ca:78:
         08:44:1e:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAS2yxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTRjMGU0NTMwN2RmOGM4ZWM0YzhkNGZmMGEzMjRhMzI1ODQ5YzhjMB4XDTIyMDIw
MjE0MTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA2Mjg1MjJlNTVi
YWJkNTY4YTg4ZTQ2N2Q3MmVhODhjM2UxMGUwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw9JCJqP66AuulHDXSmyv+MNLD8nc/KZdN5DKfD4g7ulnRV
ImKqSuxemF7H5brXzJs3RnvgGG5RDaDshIuP8eUsIFUTAAOX7Qpx3rog/Isr53/S
KkenAhZrJ4Z0LCwERZR5p3nrmuOwzFhGy98wAAGkg0cNAJcxEtmO7heJjcQpQMEW
0IJsBqpFPyjoSAjXstj+uUE2BG+otQ0adOKROCtmivD03PPK03gA+NgNou70kp7C
oc8fMglaWp1/23iSLsGBPVGtMRxMtCtpbbE4hSdwZS3pD9bwaV5h0WvN0DDjPvQk
ayNaeMINONC17Q6TR4cIu9SDw2ryw1xORCqe0ZECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwYoUi5Vur1WiojkZ9cuqIw+EOBzAfBgNVHSMEGDAWgBR+TA5FMH34yOxM
jU/woySjJYScjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Zrd09SVEI5LU1qc1RJMVA4S01rb3lXRW5Jdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYTQ1ODY3LTNmNWUtNDU0ZS1hYTFjLTllMTE2MWI0NDYyMi8x
L01HS0ZJdVZicTlWb3FJNUdmWExxaU1QaERnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YTQ1ODY3LTNmNWUtNDU0ZS1hYTFjLTllMTE2MWI0NDYyMi8xL2Zrd09SVEI5LU1q
c1RJMVA4S01rb3lXRW5Jdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo7jANBgkqhkiG9w0BAQsFAAOC
AQEAfUNBqIVjmqZLCbRs+RN0JKw9l6LiN5od0PpzeiSO9x2FkX63xcRYg6Yz+IJ0
KZFZ7RqO5Y1LzXMZPZzHnao4lBr5QkzGR+ZqQPFSI1dqu2dp1yuxVT9DJbEXmGFB
MAGPcfzOpg63dM+wGwThwaFli4l8wl9jYcmovQd27odpnf64BHqeYuTRlAz58Syd
RIwJMWi9V2+czkO85+imWD+7KfX+cyZcGzD1EDC2OFwqYe3FAcY4EgRX366cRObD
GQovvLcsX6TM8ZDTRiqAAeqpNy+C0aXe6fcMqHsHAM70ZeB7lys1IwQ5tpU2nDZp
KPfbv19PzxuhprmUj8p4CEQeKQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:52 2023 by rpki-client on console-fra.rpki-client.org