Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/4PjSl5mHejAVlc7a6KJnHn_cAMg.roa
File:                     4PjSl5mHejAVlc7a6KJnHn_cAMg.roa (raw, json)
Hash identifier:          NgYsyHH5hkIg+vWUYWXNeWdRoqdWhYen+iXUXNbtA30=
Subject key identifier:   E0:F8:D2:97:99:87:7A:30:15:95:CE:DA:E8:A2:67:1E:7F:DC:00:C8
Certificate issuer:       /CN=4e259d806139f953e47c350904aaceec6cc39a1f
Certificate serial:       027E38AA
Authority key identifier: 4E:25:9D:80:61:39:F9:53:E4:7C:35:09:04:AA:CE:EC:6C:C3:9A:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TiWdgGE5-VPkfDUJBKrO7GzDmh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/4PjSl5mHejAVlc7a6KJnHn_cAMg.roa
Signing time:             Fri 17 Jun 2022 09:09:49 +0000
ROA not before:           Fri 17 Jun 2022 09:09:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211432
IP address blocks:        178.255.221.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 41826474 (0x27e38aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e259d806139f953e47c350904aaceec6cc39a1f
        Validity
            Not Before: Jun 17 09:09:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0f8d29799877a301595cedae8a2671e7fdc00c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:69:be:80:83:70:b0:95:fc:1f:f2:c9:82:b7:
                    e4:11:89:27:42:84:f9:54:99:f9:7d:c3:2d:f4:e5:
                    b2:4b:d7:0d:a6:5f:62:ac:8e:d6:3c:44:be:ad:52:
                    88:01:51:0c:d2:12:d1:29:62:62:0d:b9:7e:aa:77:
                    0e:59:2f:07:fb:36:b3:c2:a6:1b:9f:c5:0e:2b:be:
                    ad:5e:b8:fe:ce:ef:41:ba:3c:28:25:03:f0:25:86:
                    73:50:54:e7:18:e5:27:64:57:87:74:37:32:48:0f:
                    9b:3d:ed:64:62:e9:ee:6a:b1:fb:01:5c:cf:e7:04:
                    32:f0:ac:dd:c8:b2:2f:4f:84:f6:37:24:44:2e:a6:
                    04:9c:9d:df:ec:c7:b0:18:1c:e0:a5:56:9b:97:0d:
                    19:b8:59:6c:fc:45:cb:52:20:d7:13:dd:62:6c:1c:
                    63:c7:d8:71:8d:e4:be:fc:21:5d:3d:20:22:c0:1e:
                    c9:b2:f0:9e:1e:b8:3e:45:a6:2e:1c:25:95:7d:86:
                    fa:c5:2e:2f:5b:2b:e6:50:92:33:fe:05:f1:02:71:
                    ac:d6:80:db:5d:f4:fe:8b:dd:55:54:ab:1d:90:05:
                    74:fb:07:62:5e:24:d6:ed:68:67:ae:5a:3c:ac:04:
                    7a:8d:5c:1e:ce:d7:91:36:62:50:06:cc:c8:6e:e6:
                    39:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F8:D2:97:99:87:7A:30:15:95:CE:DA:E8:A2:67:1E:7F:DC:00:C8
            X509v3 Authority Key Identifier:
                keyid:4E:25:9D:80:61:39:F9:53:E4:7C:35:09:04:AA:CE:EC:6C:C3:9A:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiWdgGE5-VPkfDUJBKrO7GzDmh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/4PjSl5mHejAVlc7a6KJnHn_cAMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/TiWdgGE5-VPkfDUJBKrO7GzDmh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:4f:35:2b:08:cc:78:d6:b9:eb:35:b8:8a:81:f1:fd:c3:6c:
         f7:8f:db:1a:cb:bf:41:59:72:36:ca:61:e6:a3:2f:ad:e0:d6:
         0a:d3:7c:eb:cd:cf:1d:b0:6e:10:df:8a:13:94:f0:f7:03:39:
         6f:0f:81:ed:46:db:3c:0b:cb:5d:37:1b:8b:a9:79:14:32:b6:
         b1:7c:cf:16:16:6d:47:5a:e3:fa:96:40:54:7e:e1:fa:27:f2:
         3d:4c:74:ac:82:cd:d0:ae:79:94:97:a7:a0:8a:56:d2:2c:30:
         64:9a:87:24:12:90:cd:62:ab:7c:79:7a:56:11:27:7c:cf:02:
         ee:15:0e:2e:02:ed:43:0b:37:0c:9b:db:e3:bd:3a:a7:7b:37:
         db:b3:d8:d2:9c:84:4e:51:b8:2b:2a:5c:a7:0c:a7:70:2a:01:
         c9:3f:ae:49:c0:e9:97:84:75:64:3a:45:42:c6:97:1f:34:d2:
         95:af:5a:0b:aa:a8:9b:d9:0a:b3:97:04:04:dd:24:6d:fe:78:
         c7:ae:d1:e5:e5:c9:56:4a:4c:57:c5:6e:ca:fa:34:3f:0b:d5:
         94:79:d6:03:0d:1f:49:8f:84:41:be:51:50:52:37:26:b3:af:
         d4:13:20:1f:d0:fe:fa:d1:f7:d3:63:36:ac:a9:5a:81:76:7c:
         5f:d0:95:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAn44qjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTI1OWQ4MDYxMzlmOTUzZTQ3YzM1MDkwNGFhY2VlYzZjYzM5YTFmMB4XDTIyMDYx
NzA5MDk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBmOGQyOTc5OTg3
N2EzMDE1OTVjZWRhZThhMjY3MWU3ZmRjMDBjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJpvoCDcLCV/B/yyYK35BGJJ0KE+VSZ+X3DLfTlskvXDaZf
YqyO1jxEvq1SiAFRDNIS0SliYg25fqp3DlkvB/s2s8KmG5/FDiu+rV64/s7vQbo8
KCUD8CWGc1BU5xjlJ2RXh3Q3MkgPmz3tZGLp7mqx+wFcz+cEMvCs3ciyL0+E9jck
RC6mBJyd3+zHsBgc4KVWm5cNGbhZbPxFy1Ig1xPdYmwcY8fYcY3kvvwhXT0gIsAe
ybLwnh64PkWmLhwllX2G+sUuL1sr5lCSM/4F8QJxrNaA2130/ovdVVSrHZAFdPsH
Yl4k1u1oZ65aPKwEeo1cHs7XkTZiUAbMyG7mOfECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTg+NKXmYd6MBWVztroomcef9wAyDAfBgNVHSMEGDAWgBROJZ2AYTn5U+R8
NQkEqs7sbMOaHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RpV2RnR0U1LVZQa2ZEVUpCS3JPN0d6RG1oOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvNzFjNWZkLWUzNmYtNDJmNi05MjZiLTU4YTI0NTdjNmZkNS8x
LzRQalNsNW1IZWpBVmxjN2E2S0puSG5fY0FNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
NzFjNWZkLWUzNmYtNDJmNi05MjZiLTU4YTI0NTdjNmZkNS8xL1RpV2RnR0U1LVZQ
a2ZEVUpCS3JPN0d6RG1oOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALL/3TANBgkqhkiG9w0BAQsFAAOC
AQEAe081KwjMeNa56zW4ioHx/cNs94/bGsu/QVlyNsph5qMvreDWCtN8683PHbBu
EN+KE5Tw9wM5bw+B7UbbPAvLXTcbi6l5FDK2sXzPFhZtR1rj+pZAVH7h+ifyPUx0
rILN0K55lJenoIpW0iwwZJqHJBKQzWKrfHl6VhEnfM8C7hUOLgLtQws3DJvb4706
p3s327PY0pyETlG4KypcpwyncCoByT+uScDpl4R1ZDpFQsaXHzTSla9aC6qom9kK
s5cEBN0kbf54x67R5eXJVkpMV8Vuyvo0PwvVlHnWAw0fSY+EQb5RUFI3JrOv1BMg
H9D++tH302M2rKlagXZ8X9CV5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:50 2024 by rpki-client on console-fra.rpki-client.org