Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e55fad-22ee-4aad-9bc6-1452c0181eb3/1/Vd8Px3Z_DRpjHROPMeJXXZTAYQs.roa
File:                     Vd8Px3Z_DRpjHROPMeJXXZTAYQs.roa (raw, json)
Hash identifier:          KNPu3BAjjzO5k8uJY7Kd9t5aJnDaZL2ttYdkgT6E2os=
Subject key identifier:   55:DF:0F:C7:76:7F:0D:1A:63:1D:13:8F:31:E2:57:5D:94:C0:61:0B
Certificate issuer:       /CN=975151222dc563076f931a41497eb87c6acfdfcd
Certificate serial:       0302934D
Authority key identifier: 97:51:51:22:2D:C5:63:07:6F:93:1A:41:49:7E:B8:7C:6A:CF:DF:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1FRIi3FYwdvkxpBSX64fGrP380.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e55fad-22ee-4aad-9bc6-1452c0181eb3/1/Vd8Px3Z_DRpjHROPMeJXXZTAYQs.roa
Signing time:             Sat 01 Jan 2022 06:53:58 +0000
ROA not before:           Sat 01 Jan 2022 06:53:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        185.168.168.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50500429 (0x302934d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=975151222dc563076f931a41497eb87c6acfdfcd
        Validity
            Not Before: Jan  1 06:53:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=55df0fc7767f0d1a631d138f31e2575d94c0610b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5b:85:61:27:f3:df:46:f5:36:c9:dd:87:c8:
                    6c:da:11:f1:bf:93:14:a8:1b:11:2e:80:2f:27:db:
                    43:c8:21:81:ec:7f:10:bf:4b:fb:22:a3:eb:57:ee:
                    6d:42:ee:8a:5c:d8:f7:89:d6:d2:e3:39:da:65:b2:
                    d9:9d:37:4f:24:65:d5:22:e0:d4:cd:7b:6e:76:49:
                    2e:99:81:38:d2:c5:40:de:90:eb:df:31:8c:d0:95:
                    fd:c6:12:22:2d:74:64:5b:25:f6:bd:bd:1c:59:5a:
                    2d:a9:70:3c:9d:aa:2d:b3:cd:fe:a1:28:a2:97:d5:
                    b9:51:03:23:62:3a:b5:8c:fd:f9:e9:58:51:cf:0a:
                    33:44:80:5a:80:fc:cf:04:f9:75:d2:34:f8:11:c9:
                    1a:53:c1:3a:dc:a1:cb:e1:23:11:50:40:39:55:68:
                    4c:26:0c:96:86:25:fe:57:37:ab:9f:57:e6:cd:7e:
                    d1:c5:cf:9c:e6:4b:1c:e7:05:b0:56:e9:b7:10:ec:
                    32:49:e5:33:2c:f9:7e:85:d5:9b:1b:53:ee:73:ac:
                    bd:1f:ca:fb:89:68:2b:f8:f1:cb:37:25:87:54:74:
                    22:b2:8a:4f:b4:b3:43:66:d3:37:8e:d5:f3:bc:42:
                    0b:d6:80:7f:65:0c:88:ae:4c:04:54:7e:1b:2e:9a:
                    80:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:DF:0F:C7:76:7F:0D:1A:63:1D:13:8F:31:E2:57:5D:94:C0:61:0B
            X509v3 Authority Key Identifier:
                keyid:97:51:51:22:2D:C5:63:07:6F:93:1A:41:49:7E:B8:7C:6A:CF:DF:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1FRIi3FYwdvkxpBSX64fGrP380.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e55fad-22ee-4aad-9bc6-1452c0181eb3/1/Vd8Px3Z_DRpjHROPMeJXXZTAYQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e55fad-22ee-4aad-9bc6-1452c0181eb3/1/l1FRIi3FYwdvkxpBSX64fGrP380.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.168.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:0d:1e:9d:f6:0b:96:70:dd:98:d0:f1:cb:6b:92:4c:a9:79:
         5d:5c:f2:c4:26:40:5d:f2:58:21:ad:13:84:30:68:7f:31:9e:
         b7:4e:7c:c1:e8:96:06:18:3b:25:df:e9:ff:1b:2f:79:35:dc:
         c1:b8:8c:e3:ca:d6:56:e5:c7:0d:04:bc:d1:10:f4:33:0a:2f:
         19:13:4e:f6:8f:11:12:45:02:0c:12:c3:d9:05:41:26:f7:3e:
         8d:1b:66:96:31:a7:7c:b4:f8:be:42:0f:8e:fd:ec:b2:e2:97:
         bf:ec:52:13:dc:14:de:57:27:ae:4d:8c:5e:fe:4d:05:1c:2f:
         96:86:b4:f2:84:9a:43:5e:23:73:25:66:75:6b:cb:2b:e6:25:
         48:ca:ae:9d:56:e6:14:9b:2c:c3:c5:4a:08:69:5b:0d:23:ec:
         ad:c0:bd:67:ca:85:b0:45:05:ca:44:52:0d:5e:a9:db:4c:d3:
         75:95:8b:b0:b5:71:72:de:ff:2c:27:2e:e6:5c:bd:51:7c:11:
         ed:03:8b:93:19:06:ec:52:bf:df:91:40:8a:10:f8:fb:69:60:
         28:8a:a0:91:53:f2:81:d5:f0:ef:61:0e:5a:a7:d0:4d:65:64:
         91:ce:74:f5:75:25:8e:73:fb:e0:5b:bd:ac:1e:ae:eb:5f:d1:
         2b:12:e0:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwKTTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzUxNTEyMjJkYzU2MzA3NmY5MzFhNDE0OTdlYjg3YzZhY2ZkZmNkMB4XDTIyMDEw
MTA2NTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTVkZjBmYzc3Njdm
MGQxYTYzMWQxMzhmMzFlMjU3NWQ5NGMwNjEwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhbhWEn899G9TbJ3YfIbNoR8b+TFKgbES6ALyfbQ8ghgex/
EL9L+yKj61fubULuilzY94nW0uM52mWy2Z03TyRl1SLg1M17bnZJLpmBONLFQN6Q
698xjNCV/cYSIi10ZFsl9r29HFlaLalwPJ2qLbPN/qEoopfVuVEDI2I6tYz9+elY
Uc8KM0SAWoD8zwT5ddI0+BHJGlPBOtyhy+EjEVBAOVVoTCYMloYl/lc3q59X5s1+
0cXPnOZLHOcFsFbptxDsMknlMyz5foXVmxtT7nOsvR/K+4loK/jxyzclh1R0IrKK
T7SzQ2bTN47V87xCC9aAf2UMiK5MBFR+Gy6agH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRV3w/Hdn8NGmMdE48x4lddlMBhCzAfBgNVHSMEGDAWgBSXUVEiLcVjB2+T
GkFJfrh8as/fzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2wxRlJJaTNGWXdkdmt4cEJTWDY0ZkdyUDM4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTU1ZmFkLTIyZWUtNGFhZC05YmM2LTE0NTJjMDE4MWViMy8x
L1ZkOFB4M1pfRFJwakhST1BNZUpYWFpUQVlRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTU1ZmFkLTIyZWUtNGFhZC05YmM2LTE0NTJjMDE4MWViMy8xL2wxRlJJaTNGWXdk
dmt4cEJTWDY0ZkdyUDM4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmoqDANBgkqhkiG9w0BAQsFAAOC
AQEABA0enfYLlnDdmNDxy2uSTKl5XVzyxCZAXfJYIa0ThDBofzGet058weiWBhg7
Jd/p/xsveTXcwbiM48rWVuXHDQS80RD0MwovGRNO9o8REkUCDBLD2QVBJvc+jRtm
ljGnfLT4vkIPjv3ssuKXv+xSE9wU3lcnrk2MXv5NBRwvloa08oSaQ14jcyVmdWvL
K+YlSMqunVbmFJssw8VKCGlbDSPsrcC9Z8qFsEUFykRSDV6p20zTdZWLsLVxct7/
LCcu5ly9UXwR7QOLkxkG7FK/35FAihD4+2lgKIqgkVPygdXw72EOWqfQTWVkkc50
9XUljnP74Fu9rB6u61/RKxLgIA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:00 2023 by rpki-client on console-ams.rpki-client.org