Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/QnLZwIpXxyEUjv5fDAGuY7DkuFk.roa
File:                     QnLZwIpXxyEUjv5fDAGuY7DkuFk.roa (raw, json)
Hash identifier:          vttUiHZGkGWcMP6mPALdd7Som8qJjeqy19+bHAu8cJs=
Subject key identifier:   42:72:D9:C0:8A:57:C7:21:14:8E:FE:5F:0C:01:AE:63:B0:E4:B8:59
Certificate issuer:       /CN=650c592db1fdfc8b4e6a0e7ba7564686373a6b5f
Certificate serial:       01856D01AD5CE6279D105D2B89CF0197E1E5
Authority key identifier: 65:0C:59:2D:B1:FD:FC:8B:4E:6A:0E:7B:A7:56:46:86:37:3A:6B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQxZLbH9_ItOag57p1ZGhjc6a18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/QnLZwIpXxyEUjv5fDAGuY7DkuFk.roa
Signing time:             Sun 01 Jan 2023 11:05:04 +0000
ROA not before:           Sun 01 Jan 2023 11:05:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0a:d880:102::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:ad:5c:e6:27:9d:10:5d:2b:89:cf:01:97:e1:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=650c592db1fdfc8b4e6a0e7ba7564686373a6b5f
        Validity
            Not Before: Jan  1 11:05:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4272d9c08a57c721148efe5f0c01ae63b0e4b859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:84:b1:e5:d9:8b:86:cb:d5:29:fd:8e:8e:54:
                    39:b5:fb:ef:12:4e:3e:86:5b:ce:d3:8d:9c:55:a4:
                    5a:92:ce:ad:cb:24:b1:0e:d5:bc:be:95:0e:70:4d:
                    e8:f2:33:ba:16:01:4a:6e:1c:61:6c:84:2e:f7:2c:
                    d4:5b:e1:72:79:21:52:b7:45:32:6b:df:8f:eb:0a:
                    50:b0:5e:88:b8:0e:33:93:3b:61:4b:e9:e4:56:5d:
                    58:69:2e:cb:66:db:4e:48:0c:23:1c:68:bb:11:ad:
                    6d:25:4d:aa:3c:bc:2e:0c:99:2b:0f:ce:63:d4:68:
                    91:91:9a:13:64:97:89:83:3d:87:29:e9:8e:e4:d4:
                    c8:0e:65:a8:6d:6f:aa:fe:0b:27:b0:97:62:ec:d7:
                    92:eb:01:f1:d0:84:ea:1a:d9:4a:40:09:36:2c:1a:
                    f0:95:bc:8f:b5:83:18:d7:38:71:f7:4a:7b:44:ad:
                    64:bc:f3:98:2c:2c:72:f2:16:10:fd:a2:97:75:46:
                    92:b3:e5:f5:07:f7:7a:23:a6:01:6c:c9:2b:c7:a3:
                    8f:41:bc:82:3b:b9:c7:0c:03:24:f6:a9:63:a5:a7:
                    26:ec:6b:e0:71:9b:a7:a3:9c:e3:38:44:38:62:e2:
                    0f:0b:7b:42:69:7e:6d:d4:b0:9b:88:f8:33:cf:0e:
                    4b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:72:D9:C0:8A:57:C7:21:14:8E:FE:5F:0C:01:AE:63:B0:E4:B8:59
            X509v3 Authority Key Identifier:
                keyid:65:0C:59:2D:B1:FD:FC:8B:4E:6A:0E:7B:A7:56:46:86:37:3A:6B:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQxZLbH9_ItOag57p1ZGhjc6a18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/QnLZwIpXxyEUjv5fDAGuY7DkuFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/ZQxZLbH9_ItOag57p1ZGhjc6a18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:d880:102::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:a2:cd:7b:a8:62:86:f5:58:ee:09:1d:b2:c9:dc:9a:64:09:
         05:f9:f9:fa:4d:fa:06:93:9f:b1:43:5c:c2:cc:72:81:31:fa:
         a6:05:21:5a:48:57:ef:d8:8e:4d:f1:d8:ba:79:8e:40:98:5b:
         24:a5:d1:5b:e4:0d:56:70:2e:3e:dd:e2:31:62:df:3d:49:43:
         42:7e:c8:56:33:b0:68:a6:0a:50:b6:cf:8a:8d:4d:53:f3:5d:
         a6:cb:10:66:2b:d7:cc:8e:91:37:7d:a8:09:4a:73:07:c2:3b:
         ac:c5:c9:2a:5b:af:39:70:78:aa:e0:46:37:0b:74:44:af:d0:
         f6:d2:54:b8:f4:55:83:3e:85:d5:9e:de:96:ee:50:63:df:cb:
         c0:61:de:f5:c7:fa:75:3d:0e:dc:60:ee:63:7e:62:f7:f7:cb:
         41:80:22:78:05:c2:c2:f8:c8:83:9e:32:5b:f8:20:6e:21:aa:
         80:f6:2b:b7:5c:a3:66:67:7b:5d:0e:ad:f5:3e:3e:a3:71:84:
         f9:15:d7:4f:89:38:e9:8b:d0:dd:fa:5e:87:23:70:18:69:99:
         ad:41:40:f5:a2:40:71:62:1b:9a:18:01:6c:05:d1:18:66:d8:
         8e:ff:a5:37:53:7c:29:82:10:dc:b0:d4:e7:0d:2e:e1:e8:9b:
         df:fc:a8:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAa1c5iedEF0ric8Bl+HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MGM1OTJkYjFmZGZjOGI0ZTZhMGU3YmE3NTY0Njg2Mzcz
YTZiNWYwHhcNMjMwMTAxMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcyZDljMDhhNTdjNzIxMTQ4ZWZlNWYwYzAxYWU2M2IwZTRiODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYSx5dmLhsvVKf2OjlQ5tfvvEk4+
hlvO042cVaRaks6tyySxDtW8vpUOcE3o8jO6FgFKbhxhbIQu9yzUW+FyeSFSt0Uy
a9+P6wpQsF6IuA4zkzthS+nkVl1YaS7LZttOSAwjHGi7Ea1tJU2qPLwuDJkrD85j
1GiRkZoTZJeJgz2HKemO5NTIDmWobW+q/gsnsJdi7NeS6wHx0ITqGtlKQAk2LBrw
lbyPtYMY1zhx90p7RK1kvPOYLCxy8hYQ/aKXdUaSs+X1B/d6I6YBbMkrx6OPQbyC
O7nHDAMk9qljpacm7GvgcZuno5zjOEQ4YuIPC3tCaX5t1LCbiPgzzw5LBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJy2cCKV8chFI7+XwwBrmOw5LhZMB8GA1UdIwQY
MBaAFGUMWS2x/fyLTmoOe6dWRoY3OmtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlF4WkxiSDlfSXRPYWc1N3AxWkdoamM2YTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xZDFiOGQtYzY3ZS00ZTlkLWIyZDQt
NGZkZmY0ZDc0YzkwLzEvUW5MWndJcFh4eUVVanY1ZkRBR3VZN0RrdUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xZDFiOGQtYzY3ZS00ZTlkLWIyZDQtNGZkZmY0ZDc0Yzkw
LzEvWlF4WkxiSDlfSXRPYWc1N3AxWkdoamM2YTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgrYgAEC
MA0GCSqGSIb3DQEBCwUAA4IBAQAxos17qGKG9VjuCR2yydyaZAkF+fn6TfoGk5+x
Q1zCzHKBMfqmBSFaSFfv2I5N8di6eY5AmFskpdFb5A1WcC4+3eIxYt89SUNCfshW
M7BopgpQts+KjU1T812myxBmK9fMjpE3fagJSnMHwjusxckqW685cHiq4EY3C3RE
r9D20lS49FWDPoXVnt6W7lBj38vAYd71x/p1PQ7cYO5jfmL398tBgCJ4BcLC+MiD
njJb+CBuIaqA9iu3XKNmZ3tdDq31Pj6jcYT5FddPiTjpi9Dd+l6HI3AYaZmtQUD1
okBxYhuaGAFsBdEYZtiO/6U3U3wpghDcsNTnDS7h6Jvf/Kh7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:17 2024 by rpki-client on console-ams.rpki-client.org