Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/mgPkVd2CRcFTY_nJJ9tnJEORz0s.roa
File:                     mgPkVd2CRcFTY_nJJ9tnJEORz0s.roa (raw, json)
Hash identifier:          kE3TQNWWLb8aoKFCrbIhvud+vBVHH19sMqxUzcXQFqo=
Subject key identifier:   9A:03:E4:55:DD:82:45:C1:53:63:F9:C9:27:DB:67:24:43:91:CF:4B
Certificate issuer:       /CN=650c592db1fdfc8b4e6a0e7ba7564686373a6b5f
Certificate serial:       01856D01AF401495EDCC4E19F2C9A81D7F9F
Authority key identifier: 65:0C:59:2D:B1:FD:FC:8B:4E:6A:0E:7B:A7:56:46:86:37:3A:6B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQxZLbH9_ItOag57p1ZGhjc6a18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/mgPkVd2CRcFTY_nJJ9tnJEORz0s.roa
Signing time:             Sun 01 Jan 2023 11:05:04 +0000
ROA not before:           Sun 01 Jan 2023 11:05:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211445
IP address blocks:        2a0a:d880:101::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:af:40:14:95:ed:cc:4e:19:f2:c9:a8:1d:7f:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=650c592db1fdfc8b4e6a0e7ba7564686373a6b5f
        Validity
            Not Before: Jan  1 11:05:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a03e455dd8245c15363f9c927db67244391cf4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d2:7a:df:eb:af:08:45:ff:1f:b2:f0:f8:6a:
                    30:a7:22:05:2b:78:e7:10:01:f3:50:a2:59:db:3f:
                    e6:20:8a:63:ed:44:ad:df:2c:76:1d:47:99:a3:25:
                    30:07:49:7c:e9:cf:b2:b6:fa:f3:66:d0:72:61:69:
                    a0:38:93:bc:8d:c2:f7:d8:ae:3b:27:12:a5:9a:05:
                    0c:1f:23:30:38:e5:a5:d1:f9:f7:b7:1e:b4:28:5b:
                    85:f1:65:6a:e0:8e:32:ee:8c:80:23:54:92:90:5b:
                    4d:38:1b:ac:1f:d3:df:1a:ec:52:1c:18:0b:68:a0:
                    f8:16:59:34:ed:25:48:5e:87:91:cf:58:ba:cc:e8:
                    dc:e4:bb:1b:1f:fc:fe:6b:d7:1f:7c:bf:6c:b3:33:
                    b7:8f:2f:d8:c7:0b:23:3a:6f:2c:84:b8:c0:46:25:
                    ef:ae:09:d4:56:12:81:00:89:10:84:c1:d9:6d:16:
                    43:5b:9c:5a:98:7d:af:8f:fb:7f:91:d0:c5:32:a4:
                    a7:2d:d3:52:6d:62:77:2d:6d:05:81:21:b6:f1:d4:
                    7c:6e:2d:90:2a:c2:90:7a:ab:bd:11:29:8a:0c:55:
                    53:c4:0b:15:a1:cf:4e:56:93:8a:42:e4:4e:d3:f5:
                    fb:9c:db:bc:ee:62:4e:8a:d4:e1:a7:b1:67:17:71:
                    7a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:03:E4:55:DD:82:45:C1:53:63:F9:C9:27:DB:67:24:43:91:CF:4B
            X509v3 Authority Key Identifier:
                keyid:65:0C:59:2D:B1:FD:FC:8B:4E:6A:0E:7B:A7:56:46:86:37:3A:6B:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQxZLbH9_ItOag57p1ZGhjc6a18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/mgPkVd2CRcFTY_nJJ9tnJEORz0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1d1b8d-c67e-4e9d-b2d4-4fdff4d74c90/1/ZQxZLbH9_ItOag57p1ZGhjc6a18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:d880:101::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:3b:25:b2:8c:42:94:87:96:d9:3e:aa:10:e1:63:fe:ea:5c:
         8c:02:c1:aa:69:53:81:ca:bd:c0:15:37:af:15:1e:40:bb:12:
         d8:c2:f5:47:4b:25:b9:d1:62:bc:a1:5b:08:68:2c:17:99:6e:
         2b:47:51:ba:b3:2a:1a:9b:1f:c4:74:17:78:9d:5b:ae:0c:cb:
         aa:45:99:70:9d:58:e7:12:88:41:80:79:b6:13:66:dd:bc:0f:
         8d:63:7e:71:0b:d8:6a:a7:ab:bb:c2:7d:c5:29:14:7a:a6:5a:
         e6:7b:3e:62:df:d2:a8:42:d9:46:3e:fa:3e:6a:fb:3a:c7:59:
         a5:b8:63:5c:96:f2:5b:64:4f:38:1f:d4:6c:7b:44:33:c5:b4:
         b2:35:7d:4d:ce:9b:3d:44:4e:b4:55:7c:d0:df:3a:ca:92:f4:
         83:ff:b0:8d:f2:d5:3c:ca:2e:15:b1:40:c3:98:0d:92:b2:f9:
         1f:af:c2:94:2e:99:bf:6e:38:be:07:3a:16:b5:50:a9:17:b4:
         e6:a5:e7:4c:f0:ee:ce:51:9a:fc:c4:0d:bb:b6:72:dc:cc:8a:
         d0:91:89:7c:df:06:c7:6f:63:06:f1:2b:94:bf:d2:f3:cd:f3:
         5c:b3:94:1c:1f:7d:9e:25:9b:ef:73:7e:ab:1c:8b:e7:4c:be:
         e9:ff:e7:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAa9AFJXtzE4Z8smoHX+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MGM1OTJkYjFmZGZjOGI0ZTZhMGU3YmE3NTY0Njg2Mzcz
YTZiNWYwHhcNMjMwMTAxMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAzZTQ1NWRkODI0NWMxNTM2M2Y5YzkyN2RiNjcyNDQzOTFjZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdJ63+uvCEX/H7Lw+GowpyIFK3jn
EAHzUKJZ2z/mIIpj7USt3yx2HUeZoyUwB0l86c+ytvrzZtByYWmgOJO8jcL32K47
JxKlmgUMHyMwOOWl0fn3tx60KFuF8WVq4I4y7oyAI1SSkFtNOBusH9PfGuxSHBgL
aKD4Flk07SVIXoeRz1i6zOjc5LsbH/z+a9cffL9sszO3jy/YxwsjOm8shLjARiXv
rgnUVhKBAIkQhMHZbRZDW5xamH2vj/t/kdDFMqSnLdNSbWJ3LW0FgSG28dR8bi2Q
KsKQequ9ESmKDFVTxAsVoc9OVpOKQuRO0/X7nNu87mJOitThp7FnF3F62QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJoD5FXdgkXBU2P5ySfbZyRDkc9LMB8GA1UdIwQY
MBaAFGUMWS2x/fyLTmoOe6dWRoY3OmtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlF4WkxiSDlfSXRPYWc1N3AxWkdoamM2YTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xZDFiOGQtYzY3ZS00ZTlkLWIyZDQt
NGZkZmY0ZDc0YzkwLzEvbWdQa1ZkMkNSY0ZUWV9uSko5dG5KRU9SejBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xZDFiOGQtYzY3ZS00ZTlkLWIyZDQtNGZkZmY0ZDc0Yzkw
LzEvWlF4WkxiSDlfSXRPYWc1N3AxWkdoamM2YTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgrYgAEB
MA0GCSqGSIb3DQEBCwUAA4IBAQBwOyWyjEKUh5bZPqoQ4WP+6lyMAsGqaVOByr3A
FTevFR5AuxLYwvVHSyW50WK8oVsIaCwXmW4rR1G6syoamx/EdBd4nVuuDMuqRZlw
nVjnEohBgHm2E2bdvA+NY35xC9hqp6u7wn3FKRR6plrmez5i39KoQtlGPvo+avs6
x1mluGNclvJbZE84H9Rse0QzxbSyNX1Nzps9RE60VXzQ3zrKkvSD/7CN8tU8yi4V
sUDDmA2Ssvkfr8KULpm/bji+BzoWtVCpF7TmpedM8O7OUZr8xA27tnLczIrQkYl8
3wbHb2MG8SuUv9LzzfNcs5QcH32eJZvvc36rHIvnTL7p/+cN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:41 2024 by rpki-client on console-fra.rpki-client.org