Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/ZKlVblglCRBhw7bFij4YLaf8tKI.roa
File:                     ZKlVblglCRBhw7bFij4YLaf8tKI.roa (raw, json)
Hash identifier:          RZSU6tOKZXbw4nZIREcB9opiiV1HUMCc+lo5CllP1tM=
Subject key identifier:   64:A9:55:6E:58:25:09:10:61:C3:B6:C5:8A:3E:18:2D:A7:FC:B4:A2
Certificate issuer:       /CN=703d48653b42b74647268926b3c4a497f9ef79bd
Certificate serial:       A7EC21
Authority key identifier: 70:3D:48:65:3B:42:B7:46:47:26:89:26:B3:C4:A4:97:F9:EF:79:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cD1IZTtCt0ZHJokms8Skl_nveb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/ZKlVblglCRBhw7bFij4YLaf8tKI.roa
Signing time:             Sat 01 Jan 2022 05:52:15 +0000
ROA not before:           Sat 01 Jan 2022 05:52:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41957
IP address blocks:        91.242.254.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11004961 (0xa7ec21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=703d48653b42b74647268926b3c4a497f9ef79bd
        Validity
            Not Before: Jan  1 05:52:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64a9556e5825091061c3b6c58a3e182da7fcb4a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:72:af:3d:7d:ba:18:4c:63:3b:84:4a:14:2f:
                    ce:ba:87:0c:f3:ae:43:c3:f0:16:f3:9e:65:bc:50:
                    49:c1:b7:17:56:d0:68:5d:26:7e:87:d5:ba:aa:c2:
                    80:78:55:f8:b5:49:87:24:8d:fc:e1:ab:74:31:3a:
                    ff:f1:e3:af:34:71:26:d6:d1:b7:06:18:64:aa:d1:
                    81:3a:77:56:8d:f8:8a:48:56:3c:c9:8f:6c:b1:88:
                    a9:85:80:8b:b2:72:3f:06:31:dc:4a:19:3c:08:4a:
                    9b:69:33:7c:98:5e:74:eb:f3:bd:4f:d7:86:54:e6:
                    1c:44:d9:c4:a0:83:72:62:87:3c:75:ad:b0:2c:dd:
                    ac:c5:99:2e:e1:f4:0e:fb:75:b8:cb:22:b9:a2:75:
                    af:a1:20:25:59:82:93:67:2e:02:c0:14:89:ce:17:
                    19:44:b9:30:6a:85:dc:28:83:9c:e4:4f:b3:10:8e:
                    ec:9b:6a:ee:47:00:ee:bd:56:c9:df:9f:48:7b:0d:
                    c2:35:8a:ff:3a:d4:6c:28:17:81:5a:80:e2:d0:ab:
                    79:75:d6:52:ee:40:53:d8:26:2d:de:84:b9:d1:14:
                    52:ed:61:43:1d:33:5b:27:64:ad:d7:66:dd:fa:17:
                    5c:cd:5e:ea:e6:94:2d:18:f4:2b:28:1d:d5:3d:36:
                    ee:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:A9:55:6E:58:25:09:10:61:C3:B6:C5:8A:3E:18:2D:A7:FC:B4:A2
            X509v3 Authority Key Identifier:
                keyid:70:3D:48:65:3B:42:B7:46:47:26:89:26:B3:C4:A4:97:F9:EF:79:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cD1IZTtCt0ZHJokms8Skl_nveb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/ZKlVblglCRBhw7bFij4YLaf8tKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/cD1IZTtCt0ZHJokms8Skl_nveb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:1d:74:97:a9:ff:42:fe:26:52:1f:33:c4:0d:db:41:ae:35:
         80:ab:2f:1e:84:15:30:0a:59:de:f3:74:04:d3:d0:63:0f:da:
         a1:1c:52:9a:60:4e:25:7d:0e:ca:af:58:13:cf:99:0c:64:e5:
         d6:5f:3b:da:dd:5c:49:86:bb:e0:72:c5:dd:5c:56:99:bd:6f:
         58:37:58:b1:9a:12:1a:84:dc:71:ff:97:7c:f8:9e:50:04:6a:
         b6:17:fd:5a:2d:c5:09:17:7b:5f:39:39:fa:86:a9:e5:eb:ce:
         00:33:21:7a:2f:c5:ec:29:90:cf:fa:9d:45:5e:b6:5a:c3:55:
         db:67:0d:df:6f:c9:5d:4d:6e:eb:c4:b6:8f:eb:5a:84:1c:84:
         a4:be:f3:b9:15:c9:d6:d4:f2:79:c2:bc:ae:8f:1c:ad:bf:48:
         2d:d8:e6:e5:07:8d:b8:b9:30:75:98:af:cc:b5:0a:14:41:86:
         da:65:8b:19:5c:39:40:79:67:79:08:ed:f4:6e:83:e5:a6:e9:
         7b:94:1b:3a:ea:da:3e:da:ad:ac:08:14:4d:7e:e8:87:14:5d:
         0d:ec:df:10:a3:42:65:01:6c:be:24:6f:e8:8d:15:34:2f:ab:
         0a:7c:3a:e8:8b:6a:23:b5:7b:5a:2b:fc:39:d5:c0:69:a8:72:
         25:e0:65:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKfsITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDNkNDg2NTNiNDJiNzQ2NDcyNjg5MjZiM2M0YTQ5N2Y5ZWY3OWJkMB4XDTIyMDEw
MTA1NTIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRhOTU1NmU1ODI1
MDkxMDYxYzNiNmM1OGEzZTE4MmRhN2ZjYjRhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdyrz19uhhMYzuEShQvzrqHDPOuQ8PwFvOeZbxQScG3F1bQ
aF0mfofVuqrCgHhV+LVJhySN/OGrdDE6//HjrzRxJtbRtwYYZKrRgTp3Vo34ikhW
PMmPbLGIqYWAi7JyPwYx3EoZPAhKm2kzfJhedOvzvU/XhlTmHETZxKCDcmKHPHWt
sCzdrMWZLuH0Dvt1uMsiuaJ1r6EgJVmCk2cuAsAUic4XGUS5MGqF3CiDnORPsxCO
7Jtq7kcA7r1Wyd+fSHsNwjWK/zrUbCgXgVqA4tCreXXWUu5AU9gmLd6EudEUUu1h
Qx0zWydkrddm3foXXM1e6uaULRj0Kygd1T027rMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkqVVuWCUJEGHDtsWKPhgtp/y0ojAfBgNVHSMEGDAWgBRwPUhlO0K3Rkcm
iSazxKSX+e95vTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NEMUlaVHRDdDBaSEpva21zOFNrbF9udmViMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvN2E0MDk0LTVlM2UtNDA0YS05OTA2LWU3MGVhNjMzMjM2NS8x
L1pLbFZibGdsQ1JCaHc3YkZpajRZTGFmOHRLSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
N2E0MDk0LTVlM2UtNDA0YS05OTA2LWU3MGVhNjMzMjM2NS8xL2NEMUlaVHRDdDBa
SEpva21zOFNrbF9udmViMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvy/jANBgkqhkiG9w0BAQsFAAOC
AQEAyx10l6n/Qv4mUh8zxA3bQa41gKsvHoQVMApZ3vN0BNPQYw/aoRxSmmBOJX0O
yq9YE8+ZDGTl1l872t1cSYa74HLF3VxWmb1vWDdYsZoSGoTccf+XfPieUARqthf9
Wi3FCRd7Xzk5+oap5evOADMhei/F7CmQz/qdRV62WsNV22cN32/JXU1u68S2j+ta
hByEpL7zuRXJ1tTyecK8ro8crb9ILdjm5QeNuLkwdZivzLUKFEGG2mWLGVw5QHln
eQjt9G6D5abpe5QbOuraPtqtrAgUTX7ohxRdDezfEKNCZQFsviRv6I0VNC+rCnw6
6ItqI7V7Wiv8OdXAaahyJeBlpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org