Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/f34a5b-e478-4d23-9c82-029f678d148d/1/Or48pchcW592Ec24ZY-XznZ2-4o.roa
File:                     Or48pchcW592Ec24ZY-XznZ2-4o.roa (raw, json)
Hash identifier:          /RldNHsomgVwcXqd11agc2pHKanJKcvh4t5UmoDeTmo=
Subject key identifier:   3A:BE:3C:A5:C8:5C:5B:9F:76:11:CD:B8:65:8F:97:CE:76:76:FB:8A
Certificate issuer:       /CN=948b09d6772a1417f17f60468ab33b3bb112f229
Certificate serial:       CA1377
Authority key identifier: 94:8B:09:D6:77:2A:14:17:F1:7F:60:46:8A:B3:3B:3B:B1:12:F2:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIsJ1ncqFBfxf2BGirM7O7ES8ik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/f34a5b-e478-4d23-9c82-029f678d148d/1/Or48pchcW592Ec24ZY-XznZ2-4o.roa
Signing time:             Sat 01 Jan 2022 03:54:59 +0000
ROA not before:           Sat 01 Jan 2022 03:54:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        188.244.127.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13243255 (0xca1377)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=948b09d6772a1417f17f60468ab33b3bb112f229
        Validity
            Not Before: Jan  1 03:54:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3abe3ca5c85c5b9f7611cdb8658f97ce7676fb8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:81:da:71:bc:ad:51:8e:f5:f7:e6:c1:4a:35:
                    9e:c8:85:d1:6a:3e:8e:d3:72:e4:42:3f:52:1a:a6:
                    6e:fd:5a:3b:45:a2:c3:41:f6:3b:e2:02:20:fc:e6:
                    54:8b:39:d9:a7:98:94:f9:45:56:84:58:25:1b:d5:
                    0d:c4:24:84:80:ed:9a:dc:e7:b2:21:5a:93:c5:ba:
                    73:cf:38:c0:fe:f7:f1:46:83:ab:36:ae:d2:c4:65:
                    ba:5f:88:fa:d4:bf:4c:dc:31:2b:1f:ad:0d:f3:f8:
                    5c:81:dc:ca:1f:4e:a5:ab:29:b1:80:76:31:72:84:
                    9d:42:38:18:5f:3f:18:a3:5f:eb:e1:92:d8:8e:87:
                    c8:51:98:31:0b:a5:bf:6b:fa:80:ae:e6:a7:cb:af:
                    95:08:49:b1:7a:7f:4b:28:69:33:bc:be:35:83:34:
                    59:70:d1:94:2d:42:24:a2:4d:5b:42:cd:39:15:e6:
                    dd:ef:64:9b:9c:8f:2a:ff:f5:f1:5d:95:97:cb:d2:
                    12:bf:b1:d0:ae:9d:dc:ff:ab:63:7c:a5:8b:73:7b:
                    c9:14:7e:3f:aa:89:3c:69:75:f1:1a:f4:a2:36:98:
                    42:3e:8d:46:80:9c:9e:cd:ce:27:57:6d:40:59:b2:
                    19:28:d1:26:6a:b2:7b:80:19:7e:24:2d:fa:29:ad:
                    9f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:BE:3C:A5:C8:5C:5B:9F:76:11:CD:B8:65:8F:97:CE:76:76:FB:8A
            X509v3 Authority Key Identifier:
                keyid:94:8B:09:D6:77:2A:14:17:F1:7F:60:46:8A:B3:3B:3B:B1:12:F2:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIsJ1ncqFBfxf2BGirM7O7ES8ik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f34a5b-e478-4d23-9c82-029f678d148d/1/Or48pchcW592Ec24ZY-XznZ2-4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f34a5b-e478-4d23-9c82-029f678d148d/1/lIsJ1ncqFBfxf2BGirM7O7ES8ik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:32:4b:91:93:8a:bc:33:ed:94:77:ff:f7:3d:f2:fd:95:91:
         0f:74:86:b9:23:dc:68:32:7e:57:08:07:e8:63:00:64:b5:b6:
         c4:11:bf:e7:54:57:94:fd:b3:1b:df:b4:ec:31:0e:a9:39:88:
         70:6d:b5:ca:60:a0:a9:a1:e6:5d:e8:cc:eb:31:ab:cb:a4:e3:
         c7:46:db:cc:d8:fc:84:0e:9e:4f:20:15:f2:af:1d:70:ae:f5:
         2c:05:e0:04:46:d2:98:6f:20:ea:dd:06:d9:b9:42:33:88:f6:
         52:f8:71:bb:37:88:63:2e:a4:f9:23:17:0b:74:31:9e:66:91:
         ac:d7:ef:67:c1:ce:76:4f:f7:aa:13:20:f2:07:24:70:3f:5e:
         9c:46:67:f8:5e:4a:3c:22:c5:42:a1:0d:d7:6e:88:ba:61:b3:
         89:75:ef:3f:dd:c2:41:b0:57:59:b0:31:2c:9c:af:27:3f:46:
         81:9d:74:cc:a6:ca:27:06:20:38:e9:78:89:82:c0:df:10:03:
         9b:6e:c9:69:07:cd:97:06:c5:41:04:44:d0:92:5c:3d:51:b9:
         24:28:8c:88:b7:f6:fb:ec:9c:53:0c:64:c2:78:b4:2e:1f:41:
         91:e5:65:3a:86:b5:aa:82:e1:d5:4d:4b:bc:db:b6:14:e2:48:
         3b:5b:ba:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMoTdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDhiMDlkNjc3MmExNDE3ZjE3ZjYwNDY4YWIzM2IzYmIxMTJmMjI5MB4XDTIyMDEw
MTAzNTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiZTNjYTVjODVj
NWI5Zjc2MTFjZGI4NjU4Zjk3Y2U3Njc2ZmI4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuB2nG8rVGO9ffmwUo1nsiF0Wo+jtNy5EI/Uhqmbv1aO0Wi
w0H2O+ICIPzmVIs52aeYlPlFVoRYJRvVDcQkhIDtmtznsiFak8W6c884wP738UaD
qzau0sRlul+I+tS/TNwxKx+tDfP4XIHcyh9OpaspsYB2MXKEnUI4GF8/GKNf6+GS
2I6HyFGYMQulv2v6gK7mp8uvlQhJsXp/SyhpM7y+NYM0WXDRlC1CJKJNW0LNORXm
3e9km5yPKv/18V2Vl8vSEr+x0K6d3P+rY3yli3N7yRR+P6qJPGl18Rr0ojaYQj6N
RoCcns3OJ1dtQFmyGSjRJmqye4AZfiQt+imtn7cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6vjylyFxbn3YRzbhlj5fOdnb7ijAfBgNVHSMEGDAWgBSUiwnWdyoUF/F/
YEaKszs7sRLyKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xJc0oxbmNxRkJmeGYyQkdpck03TzdFUzhpay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvZjM0YTViLWU0NzgtNGQyMy05YzgyLTAyOWY2NzhkMTQ4ZC8x
L09yNDhwY2hjVzU5MkVjMjRaWS1Yem5aMi00by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
ZjM0YTViLWU0NzgtNGQyMy05YzgyLTAyOWY2NzhkMTQ4ZC8xL2xJc0oxbmNxRkJm
eGYyQkdpck03TzdFUzhpay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALz0fzANBgkqhkiG9w0BAQsFAAOC
AQEAqTJLkZOKvDPtlHf/9z3y/ZWRD3SGuSPcaDJ+VwgH6GMAZLW2xBG/51RXlP2z
G9+07DEOqTmIcG21ymCgqaHmXejM6zGry6Tjx0bbzNj8hA6eTyAV8q8dcK71LAXg
BEbSmG8g6t0G2blCM4j2UvhxuzeIYy6k+SMXC3QxnmaRrNfvZ8HOdk/3qhMg8gck
cD9enEZn+F5KPCLFQqEN126IumGziXXvP93CQbBXWbAxLJyvJz9GgZ10zKbKJwYg
OOl4iYLA3xADm27JaQfNlwbFQQRE0JJcPVG5JCiMiLf2++ycUwxkwni0Lh9BkeVl
Ooa1qoLh1U1LvNu2FOJIO1u6mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org