Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/5cf307-650a-4384-a6b4-545d3068c666/1/GXemaBTsm9XDJjoRv66koqUOMVM.roa
File:                     GXemaBTsm9XDJjoRv66koqUOMVM.roa (raw, json)
Hash identifier:          lktSI+5JUpSAuqKlk2Svau2vbdpsFyHN3h1sCDXIiW4=
Subject key identifier:   19:77:A6:68:14:EC:9B:D5:C3:26:3A:11:BF:AE:A4:A2:A5:0E:31:53
Certificate issuer:       /CN=094895a071a3add9df3ec84e64547afdca6b62a3
Certificate serial:       01856E41DFA4CDB7293F10A38CEAFAC7FAA3
Authority key identifier: 09:48:95:A0:71:A3:AD:D9:DF:3E:C8:4E:64:54:7A:FD:CA:6B:62:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUiVoHGjrdnfPshOZFR6_cprYqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/5cf307-650a-4384-a6b4-545d3068c666/1/GXemaBTsm9XDJjoRv66koqUOMVM.roa
Signing time:             Sun 01 Jan 2023 16:54:48 +0000
ROA not before:           Sun 01 Jan 2023 16:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201333
IP address blocks:        45.11.116.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:41:df:a4:cd:b7:29:3f:10:a3:8c:ea:fa:c7:fa:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094895a071a3add9df3ec84e64547afdca6b62a3
        Validity
            Not Before: Jan  1 16:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1977a66814ec9bd5c3263a11bfaea4a2a50e3153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3f:ae:90:12:77:ef:19:06:54:13:54:c8:b8:
                    77:ed:3d:d5:50:3f:0b:23:a0:be:8b:73:f1:20:be:
                    90:8a:28:94:7b:ce:0e:97:9a:88:43:87:98:18:97:
                    00:12:3b:fd:36:52:70:ba:fc:e4:d4:48:14:7f:c6:
                    b7:8e:66:2b:9b:d7:4f:46:33:80:31:f6:36:41:c7:
                    da:a2:b3:86:29:38:ef:cf:db:71:4b:87:a9:4b:bd:
                    72:3b:26:c3:92:e9:ab:43:75:c8:4f:32:93:c4:ac:
                    96:7d:e2:f3:43:cf:0b:c2:92:31:4b:ba:78:71:fc:
                    ba:5a:8d:74:77:e8:cf:d7:6c:b3:6c:95:9d:1f:f7:
                    4f:4d:a9:8b:3d:cb:bf:a6:fe:2d:12:0e:94:3b:b7:
                    cd:3c:dd:06:eb:e5:6d:9a:b6:cd:00:1e:55:37:df:
                    b5:67:14:08:9d:93:9b:9f:5c:4d:6c:96:4e:44:f9:
                    3b:07:45:56:12:56:c9:56:87:20:28:b4:ad:00:ff:
                    a1:8a:78:e1:7f:97:ef:fb:de:70:92:de:ba:a1:51:
                    6e:68:d4:6f:c6:e3:c9:35:37:dc:a9:e1:2d:ef:f4:
                    8d:83:6b:54:5a:d8:52:2e:b3:fe:9b:ef:72:d9:6e:
                    d6:d7:23:ac:77:77:fb:e7:66:87:2e:09:51:e1:08:
                    0d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:77:A6:68:14:EC:9B:D5:C3:26:3A:11:BF:AE:A4:A2:A5:0E:31:53
            X509v3 Authority Key Identifier:
                keyid:09:48:95:A0:71:A3:AD:D9:DF:3E:C8:4E:64:54:7A:FD:CA:6B:62:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUiVoHGjrdnfPshOZFR6_cprYqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/5cf307-650a-4384-a6b4-545d3068c666/1/GXemaBTsm9XDJjoRv66koqUOMVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/5cf307-650a-4384-a6b4-545d3068c666/1/CUiVoHGjrdnfPshOZFR6_cprYqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:d2:09:bb:cc:c5:a4:df:99:d7:10:a5:44:6b:90:c9:95:fa:
         00:76:87:82:cc:48:d5:56:63:65:2f:ae:18:68:46:3b:af:90:
         55:c3:0f:ec:bd:2f:71:2f:ea:f0:b5:1d:f0:b8:ef:4d:5a:8c:
         be:b7:20:5a:7c:fe:99:0c:37:f4:5f:f5:9e:f3:16:49:3b:3c:
         8f:67:3d:95:62:e5:07:13:26:5b:30:66:f9:e2:ff:c8:47:82:
         7d:b3:6c:98:c5:09:74:b9:bd:39:e1:7f:0c:5a:01:b9:b1:91:
         72:6f:2c:88:6f:b5:73:82:98:0d:5d:94:77:c1:3e:a6:71:e8:
         02:63:7d:cc:20:f5:2d:f9:fa:95:7a:c5:b5:95:80:82:af:d4:
         fd:84:cc:98:ea:d7:7d:a9:1f:aa:8d:91:f0:43:2b:2e:74:b2:
         3c:86:2e:c7:3b:8e:1b:2f:f8:04:3c:40:12:83:7e:9e:5d:83:
         e2:a6:cc:ef:92:5a:07:3a:91:71:52:99:34:ce:bd:e0:ba:1b:
         ed:35:72:89:b7:cc:82:d6:d9:ec:15:a1:c0:88:fe:a5:37:30:
         67:0f:cd:21:b0:f8:69:2b:ff:80:08:ed:97:f1:6e:47:25:8e:
         00:0e:1e:40:26:4b:40:88:15:4e:76:a0:65:7c:62:7f:11:fa:
         4a:2a:8a:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQd+kzbcpPxCjjOr6x/qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDg5NWEwNzFhM2FkZDlkZjNlYzg0ZTY0NTQ3YWZkY2E2
YjYyYTMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTc3YTY2ODE0ZWM5YmQ1YzMyNjNhMTFiZmFlYTRhMmE1MGUzMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj+ukBJ37xkGVBNUyLh37T3VUD8L
I6C+i3PxIL6QiiiUe84Ol5qIQ4eYGJcAEjv9NlJwuvzk1EgUf8a3jmYrm9dPRjOA
MfY2QcfaorOGKTjvz9txS4epS71yOybDkumrQ3XITzKTxKyWfeLzQ88LwpIxS7p4
cfy6Wo10d+jP12yzbJWdH/dPTamLPcu/pv4tEg6UO7fNPN0G6+VtmrbNAB5VN9+1
ZxQInZObn1xNbJZORPk7B0VWElbJVocgKLStAP+hinjhf5fv+95wkt66oVFuaNRv
xuPJNTfcqeEt7/SNg2tUWthSLrP+m+9y2W7W1yOsd3f752aHLglR4QgNLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBl3pmgU7JvVwyY6Eb+upKKlDjFTMB8GA1UdIwQY
MBaAFAlIlaBxo63Z3z7ITmRUev3Ka2KjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VpVm9IR2pyZG5mUHNoT1pGUjZfY3ByWXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS81Y2YzMDctNjUwYS00Mzg0LWE2YjQt
NTQ1ZDMwNjhjNjY2LzEvR1hlbWFCVHNtOVhESmpvUnY2NmtvcVVPTVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS81Y2YzMDctNjUwYS00Mzg0LWE2YjQtNTQ1ZDMwNjhjNjY2
LzEvQ1VpVm9IR2pyZG5mUHNoT1pGUjZfY3ByWXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQt0MA0G
CSqGSIb3DQEBCwUAA4IBAQCg0gm7zMWk35nXEKVEa5DJlfoAdoeCzEjVVmNlL64Y
aEY7r5BVww/svS9xL+rwtR3wuO9NWoy+tyBafP6ZDDf0X/We8xZJOzyPZz2VYuUH
EyZbMGb54v/IR4J9s2yYxQl0ub054X8MWgG5sZFybyyIb7VzgpgNXZR3wT6mcegC
Y33MIPUt+fqVesW1lYCCr9T9hMyY6td9qR+qjZHwQysudLI8hi7HO44bL/gEPEAS
g36eXYPipszvkloHOpFxUpk0zr3guhvtNXKJt8yC1tnsFaHAiP6lNzBnD80hsPhp
K/+ACO2X8W5HJY4ADh5AJktAiBVOdqBlfGJ/EfpKKoq7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:09 2024 by rpki-client on console-ams.rpki-client.org