Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/37d93c-aa71-46d8-a54c-43d796147d3c/1/cwbd-10-OJGuQPCKbf73OSNnFsQ.roa
File:                     cwbd-10-OJGuQPCKbf73OSNnFsQ.roa (raw, json)
Hash identifier:          P9fMn1gr3lV9R592D+ViGHfP3jMLqYa+0blrYckALd4=
Subject key identifier:   73:06:DD:FB:5D:3E:38:91:AE:40:F0:8A:6D:FE:F7:39:23:67:16:C4
Certificate issuer:       /CN=064aba015d2b652cb489da4bd992d14be07673c7
Certificate serial:       B494C0
Authority key identifier: 06:4A:BA:01:5D:2B:65:2C:B4:89:DA:4B:D9:92:D1:4B:E0:76:73:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bkq6AV0rZSy0idpL2ZLRS-B2c8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/37d93c-aa71-46d8-a54c-43d796147d3c/1/cwbd-10-OJGuQPCKbf73OSNnFsQ.roa
Signing time:             Sat 01 Jan 2022 07:00:05 +0000
ROA not before:           Sat 01 Jan 2022 07:00:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        2a11:aec0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11834560 (0xb494c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064aba015d2b652cb489da4bd992d14be07673c7
        Validity
            Not Before: Jan  1 07:00:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7306ddfb5d3e3891ae40f08a6dfef739236716c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d8:6e:8c:4f:65:11:aa:e9:99:eb:92:7d:c1:
                    f7:6d:6e:67:25:0c:9c:67:dc:4f:33:a0:76:69:96:
                    bc:4f:04:91:31:b4:9e:58:9a:e4:55:d6:97:8f:4b:
                    21:46:77:26:a4:36:86:bc:91:26:b4:f0:c4:d6:03:
                    b5:ff:34:dc:7a:4e:07:b2:e8:2d:80:a0:3b:b5:a9:
                    6c:75:58:bb:51:75:f6:8a:b5:2a:a6:03:b1:3e:9d:
                    1e:05:82:ab:2c:62:a0:0d:19:23:06:07:4d:a3:2e:
                    3f:64:c6:cc:54:85:81:60:b6:71:88:b4:4a:49:1d:
                    9b:d5:a5:5d:9c:f1:ab:8d:c2:64:1d:84:21:9c:4c:
                    e6:18:5e:33:27:2b:6c:bf:28:3a:84:6a:20:08:22:
                    bb:9f:a3:87:46:7c:7c:85:85:2e:ea:2c:b9:f8:ba:
                    4e:d6:6c:d5:d1:69:cc:62:88:33:f6:89:2e:06:b1:
                    e6:cd:85:0d:c8:f5:40:7a:45:69:25:35:c9:5f:ef:
                    59:23:33:eb:c9:e7:c7:1f:00:e4:51:ff:0d:b0:1a:
                    08:54:b7:92:10:3a:e3:19:b9:75:56:b8:1d:ac:cd:
                    50:81:c8:7f:9a:5f:8b:b9:57:e9:03:19:fb:dd:ef:
                    7a:f4:b6:47:43:21:8d:55:f5:cb:07:28:ba:4a:59:
                    e0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:06:DD:FB:5D:3E:38:91:AE:40:F0:8A:6D:FE:F7:39:23:67:16:C4
            X509v3 Authority Key Identifier:
                keyid:06:4A:BA:01:5D:2B:65:2C:B4:89:DA:4B:D9:92:D1:4B:E0:76:73:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bkq6AV0rZSy0idpL2ZLRS-B2c8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/37d93c-aa71-46d8-a54c-43d796147d3c/1/cwbd-10-OJGuQPCKbf73OSNnFsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/37d93c-aa71-46d8-a54c-43d796147d3c/1/Bkq6AV0rZSy0idpL2ZLRS-B2c8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:aec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         42:18:12:f7:23:95:d5:c2:50:74:6e:96:07:94:2a:e6:6d:e8:
         60:a0:8e:82:a0:c5:29:91:0f:c0:60:d4:d4:f1:e1:ea:5b:7f:
         39:96:d4:91:72:50:a8:a3:10:fc:42:e5:01:32:a3:67:fa:bf:
         29:b3:6a:63:5a:14:42:1a:bd:f8:c1:d3:c2:da:4b:17:9e:0d:
         fd:53:37:d1:85:b0:cc:d7:2a:b9:c5:51:cf:6c:b5:cb:e8:73:
         19:9b:0a:d2:fc:c1:5e:04:a6:6b:71:53:51:fc:e6:0b:75:8d:
         8d:79:e8:48:12:49:df:86:f7:a8:17:b1:d1:54:db:dc:c2:cf:
         5a:50:35:21:57:e2:08:40:25:26:f5:bb:c7:a0:fc:65:27:e5:
         ab:aa:a5:68:93:8c:45:2d:c7:0e:1a:38:5e:ef:60:b0:77:61:
         b7:76:a8:e9:35:14:18:d9:4b:e7:4d:57:88:d9:32:f4:99:2b:
         54:6a:97:51:c5:38:f1:65:ea:06:9e:58:c1:aa:fd:7e:78:eb:
         93:23:0e:7e:9c:af:bd:ac:18:6d:13:54:63:6d:5c:5e:6d:a6:
         dd:f5:d2:88:12:ad:80:37:59:9b:16:70:65:9b:98:45:eb:21:
         fa:0b:eb:1f:e9:3b:c6:8f:a3:65:8a:b0:c2:3a:34:61:d2:13:
         c3:41:00:5c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEALSUwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjRhYmEwMTVkMmI2NTJjYjQ4OWRhNGJkOTkyZDE0YmUwNzY3M2M3MB4XDTIyMDEw
MTA3MDAwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMwNmRkZmI1ZDNl
Mzg5MWFlNDBmMDhhNmRmZWY3MzkyMzY3MTZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/YboxPZRGq6Znrkn3B921uZyUMnGfcTzOgdmmWvE8EkTG0
nlia5FXWl49LIUZ3JqQ2hryRJrTwxNYDtf803HpOB7LoLYCgO7WpbHVYu1F19oq1
KqYDsT6dHgWCqyxioA0ZIwYHTaMuP2TGzFSFgWC2cYi0Skkdm9WlXZzxq43CZB2E
IZxM5hheMycrbL8oOoRqIAgiu5+jh0Z8fIWFLuosufi6TtZs1dFpzGKIM/aJLgax
5s2FDcj1QHpFaSU1yV/vWSMz68nnxx8A5FH/DbAaCFS3khA64xm5dVa4HazNUIHI
f5pfi7lX6QMZ+93vevS2R0MhjVX1ywcoukpZ4PsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRzBt37XT44ka5A8Ipt/vc5I2cWxDAfBgNVHSMEGDAWgBQGSroBXStlLLSJ
2kvZktFL4HZzxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JrcTZBVjByWlN5MGlkcEwyWkxSUy1CMmM4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzdkOTNjLWFhNzEtNDZkOC1hNTRjLTQzZDc5NjE0N2QzYy8x
L2N3YmQtMTAtT0pHdVFQQ0tiZjczT1NObkZzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzdkOTNjLWFhNzEtNDZkOC1hNTRjLTQzZDc5NjE0N2QzYy8xL0JrcTZBVjByWlN5
MGlkcEwyWkxSUy1CMmM4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRrsAwDQYJKoZIhvcNAQELBQAD
ggEBAEIYEvcjldXCUHRulgeUKuZt6GCgjoKgxSmRD8Bg1NTx4epbfzmW1JFyUKij
EPxC5QEyo2f6vymzamNaFEIavfjB08LaSxeeDf1TN9GFsMzXKrnFUc9stcvocxmb
CtL8wV4EpmtxU1H85gt1jY156EgSSd+G96gXsdFU29zCz1pQNSFX4ghAJSb1u8eg
/GUn5auqpWiTjEUtxw4aOF7vYLB3Ybd2qOk1FBjZS+dNV4jZMvSZK1Rql1HFOPFl
6gaeWMGq/X5465MjDn6cr72sGG0TVGNtXF5tpt310ogSrYA3WZsWcGWbmEXrIfoL
6x/pO8aPo2WKsMI6NGHSE8NBAFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:02 2024 by rpki-client on console-ams.rpki-client.org