Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/CfPyKxF-riGUOPM7ltKJ6mTr3wE.roa
File:                     CfPyKxF-riGUOPM7ltKJ6mTr3wE.roa (raw, json)
Hash identifier:          JNydR+bWXbD3OZAfnsf8NdLbFov1Zog32syMf3Y+uto=
Subject key identifier:   09:F3:F2:2B:11:7E:AE:21:94:38:F3:3B:96:D2:89:EA:64:EB:DF:01
Certificate issuer:       /CN=07d0ba368232da095070a9fc7572465858f7af13
Certificate serial:       01E31EA9
Authority key identifier: 07:D0:BA:36:82:32:DA:09:50:70:A9:FC:75:72:46:58:58:F7:AF:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B9C6NoIy2glQcKn8dXJGWFj3rxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/CfPyKxF-riGUOPM7ltKJ6mTr3wE.roa
Signing time:             Thu 05 May 2022 12:29:42 +0000
ROA not before:           Thu 05 May 2022 12:29:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210661
IP address blocks:        2a11:5040::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31661737 (0x1e31ea9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07d0ba368232da095070a9fc7572465858f7af13
        Validity
            Not Before: May  5 12:29:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=09f3f22b117eae219438f33b96d289ea64ebdf01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ce:bb:40:20:bd:29:06:7c:01:17:8a:5a:f7:
                    a8:dd:5d:fd:57:23:23:fc:91:b3:fb:4f:ed:49:92:
                    96:9a:63:31:be:6c:10:0b:9a:64:e3:7e:e7:c6:eb:
                    06:dd:38:15:ec:35:89:51:ac:41:92:e2:ec:04:b2:
                    7d:95:26:73:25:2f:71:51:9c:6f:60:7b:ee:89:b6:
                    53:42:5c:dc:a4:63:ec:99:6e:e8:c3:05:68:23:ef:
                    75:5b:91:5e:9e:60:79:b9:da:9a:77:27:4d:bc:e4:
                    60:81:b3:15:ad:61:e2:83:c2:e0:68:9c:35:d3:7b:
                    1c:40:5a:f1:d7:c7:fd:ff:f2:07:df:20:a4:08:6e:
                    6c:86:b7:2a:44:f2:57:af:e3:04:40:8d:4a:b9:88:
                    d6:fa:ff:5a:93:bd:a8:66:3a:f6:aa:f7:c1:9e:99:
                    3d:47:51:7c:7a:2e:32:74:ac:70:11:24:fb:58:00:
                    ec:48:a2:f5:a1:1e:e0:05:63:b0:f5:20:eb:c9:6f:
                    1f:dc:4f:c6:3e:b3:79:b2:34:a8:7a:89:f2:ae:c0:
                    e4:31:ed:33:e8:b9:ee:af:c5:45:e9:b9:b6:ce:11:
                    cf:c1:8b:af:24:35:f4:f3:f4:fc:81:5a:9b:5f:4c:
                    2b:d0:f8:bc:83:72:ad:d5:53:61:57:86:8a:53:0c:
                    e1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F3:F2:2B:11:7E:AE:21:94:38:F3:3B:96:D2:89:EA:64:EB:DF:01
            X509v3 Authority Key Identifier:
                keyid:07:D0:BA:36:82:32:DA:09:50:70:A9:FC:75:72:46:58:58:F7:AF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9C6NoIy2glQcKn8dXJGWFj3rxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/CfPyKxF-riGUOPM7ltKJ6mTr3wE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/B9C6NoIy2glQcKn8dXJGWFj3rxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5040::/29

    Signature Algorithm: sha256WithRSAEncryption
         0a:d9:45:21:d1:e0:1e:d8:81:de:55:7f:b1:7f:1c:bf:1e:ce:
         00:60:ec:a7:4a:d9:5e:35:08:a4:b0:51:04:f0:4f:2e:d9:22:
         73:f4:65:20:ce:21:b1:43:f4:93:bf:39:c0:fc:9b:18:9d:1f:
         6f:aa:de:f2:af:18:30:96:75:86:27:60:65:1d:3e:b3:ac:5b:
         d0:f4:08:fb:d3:02:0a:39:a4:2f:29:fe:4b:8a:f4:05:71:33:
         64:f4:d1:cc:21:55:ac:e4:53:c8:6d:59:1d:d8:42:86:96:6a:
         04:ed:c7:0a:1e:de:80:b5:bf:0f:58:d3:cc:09:c3:60:f2:63:
         c2:ee:52:a0:b5:95:75:c5:8f:45:3c:b6:d1:a6:90:f2:be:5d:
         22:88:47:78:2f:23:a4:c4:f2:64:5e:0e:94:12:c3:31:87:32:
         fd:54:13:c7:d4:03:72:2a:73:79:4e:aa:51:f1:43:0b:d8:64:
         25:c7:3b:cc:f9:61:ca:73:8a:c9:6e:cf:fb:70:05:a5:4c:0d:
         6d:a2:7f:ca:2b:b4:a0:74:9e:d7:40:08:78:b6:a0:a6:ce:c1:
         0f:dc:81:68:85:77:e8:6d:ba:fb:8e:0e:ba:45:db:e2:2c:bb:
         c5:a7:ba:c6:f3:a2:b7:ca:b2:3b:bc:e2:05:18:69:0a:ff:a6:
         e3:c8:d6:2d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAeMeqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2QwYmEzNjgyMzJkYTA5NTA3MGE5ZmM3NTcyNDY1ODU4ZjdhZjEzMB4XDTIyMDUw
NTEyMjk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlmM2YyMmIxMTdl
YWUyMTk0MzhmMzNiOTZkMjg5ZWE2NGViZGYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXOu0AgvSkGfAEXilr3qN1d/VcjI/yRs/tP7UmSlppjMb5s
EAuaZON+58brBt04Few1iVGsQZLi7ASyfZUmcyUvcVGcb2B77om2U0Jc3KRj7Jlu
6MMFaCPvdVuRXp5gebnamncnTbzkYIGzFa1h4oPC4GicNdN7HEBa8dfH/f/yB98g
pAhubIa3KkTyV6/jBECNSrmI1vr/WpO9qGY69qr3wZ6ZPUdRfHouMnSscBEk+1gA
7Eii9aEe4AVjsPUg68lvH9xPxj6zebI0qHqJ8q7A5DHtM+i57q/FRem5ts4Rz8GL
ryQ19PP0/IFam19MK9D4vINyrdVTYVeGilMM4Y8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQJ8/IrEX6uIZQ48zuW0onqZOvfATAfBgNVHSMEGDAWgBQH0Lo2gjLaCVBw
qfx1ckZYWPevEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I5QzZOb0l5MmdsUWNLbjhkWEpHV0ZqM3J4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvZjcyZTQ3LTQyYWItNDNjYS1hNmYzLWY4ZTA2NDBlNTNkOC8x
L0NmUHlLeEYtcmlHVU9QTTdsdEtKNm1UcjN3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
ZjcyZTQ3LTQyYWItNDNjYS1hNmYzLWY4ZTA2NDBlNTNkOC8xL0I5QzZOb0l5Mmds
UWNLbjhkWEpHV0ZqM3J4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRUEAwDQYJKoZIhvcNAQELBQAD
ggEBAArZRSHR4B7Ygd5Vf7F/HL8ezgBg7KdK2V41CKSwUQTwTy7ZInP0ZSDOIbFD
9JO/OcD8mxidH2+q3vKvGDCWdYYnYGUdPrOsW9D0CPvTAgo5pC8p/kuK9AVxM2T0
0cwhVazkU8htWR3YQoaWagTtxwoe3oC1vw9Y08wJw2DyY8LuUqC1lXXFj0U8ttGm
kPK+XSKIR3gvI6TE8mReDpQSwzGHMv1UE8fUA3Iqc3lOqlHxQwvYZCXHO8z5Ycpz
isluz/twBaVMDW2if8ortKB0ntdACHi2oKbOwQ/cgWiFd+htuvuODrpF2+Isu8Wn
usbzorfKsju84gUYaQr/puPI1i0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:42 2024 by rpki-client on console-fra.rpki-client.org