Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/07dc14-932a-4cc3-badd-8157a1cbf139/1/rLhusgcK-fDjHKX0Mbx_Sa4bMX8.roa
File:                     rLhusgcK-fDjHKX0Mbx_Sa4bMX8.roa (raw, json)
Hash identifier:          H2Lni7SELSdLRqupwIjvW5k7mxhCqmTDJVydLQElUig=
Subject key identifier:   AC:B8:6E:B2:07:0A:F9:F0:E3:1C:A5:F4:31:BC:7F:49:AE:1B:31:7F
Certificate issuer:       /CN=e6cf91e7b949fd843d88ecfce2d1554d6ae981d9
Certificate serial:       B0CC12
Authority key identifier: E6:CF:91:E7:B9:49:FD:84:3D:88:EC:FC:E2:D1:55:4D:6A:E9:81:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5s-R57lJ_YQ9iOz84tFVTWrpgdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/07dc14-932a-4cc3-badd-8157a1cbf139/1/rLhusgcK-fDjHKX0Mbx_Sa4bMX8.roa
Signing time:             Sat 01 Jan 2022 01:51:23 +0000
ROA not before:           Sat 01 Jan 2022 01:51:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        91.242.236.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11586578 (0xb0cc12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6cf91e7b949fd843d88ecfce2d1554d6ae981d9
        Validity
            Not Before: Jan  1 01:51:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=acb86eb2070af9f0e31ca5f431bc7f49ae1b317f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:2e:3d:94:86:c4:f3:2f:21:57:70:58:3f:d4:
                    8b:36:9b:e0:4a:f2:9b:34:e8:bb:d1:fe:e8:b0:ae:
                    2b:fe:f3:4f:fd:75:e1:93:1b:77:72:c8:76:1f:b2:
                    2a:ef:08:1b:59:eb:c7:03:c3:84:32:f4:10:86:f0:
                    be:7d:b8:1e:cf:60:fb:7c:e6:d2:61:ef:8e:a4:74:
                    b1:16:68:46:a6:4b:c2:0d:5b:9b:5d:e2:01:23:23:
                    f4:d5:6e:a6:be:a7:21:d1:5c:e0:34:55:01:49:0b:
                    55:d6:a6:1e:56:f4:38:b6:c8:db:da:de:ec:f6:ee:
                    cc:04:79:46:59:2d:13:21:a4:ad:9c:a5:93:19:66:
                    1f:e8:fa:3e:0c:2f:0b:65:cc:a3:c9:a4:2d:10:44:
                    41:40:75:af:d9:8a:9b:5e:25:2c:9b:fb:f2:01:79:
                    cc:ca:b2:d8:37:06:44:4e:0e:63:df:e4:18:ed:a5:
                    e3:dc:86:0f:46:bf:ee:a0:5d:12:3d:f1:3d:f0:3e:
                    a5:76:9f:0f:4f:5c:1b:f2:58:a2:e2:52:dc:32:2a:
                    42:e7:21:6e:d2:dd:ec:a0:c1:d9:d6:ea:47:c0:82:
                    8b:90:af:96:78:58:16:fc:a5:d6:ae:be:b6:e4:da:
                    9d:5b:7d:46:67:1f:1c:1f:14:b8:55:2e:2a:63:6d:
                    c0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B8:6E:B2:07:0A:F9:F0:E3:1C:A5:F4:31:BC:7F:49:AE:1B:31:7F
            X509v3 Authority Key Identifier:
                keyid:E6:CF:91:E7:B9:49:FD:84:3D:88:EC:FC:E2:D1:55:4D:6A:E9:81:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5s-R57lJ_YQ9iOz84tFVTWrpgdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/07dc14-932a-4cc3-badd-8157a1cbf139/1/rLhusgcK-fDjHKX0Mbx_Sa4bMX8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/07dc14-932a-4cc3-badd-8157a1cbf139/1/5s-R57lJ_YQ9iOz84tFVTWrpgdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:c0:12:6a:2f:ca:eb:4f:4b:73:1d:93:2a:c0:a8:97:70:ca:
         ba:5d:e1:66:f8:4d:8d:a5:10:83:7c:af:4e:32:da:b2:86:b1:
         35:7a:c1:28:a9:0a:32:b9:cf:c5:1a:55:9c:07:9b:54:53:51:
         b0:fe:62:7a:75:1b:51:e0:53:a8:7b:50:94:7c:e3:ee:44:49:
         bc:20:86:6c:7c:af:3d:26:2e:14:ee:95:9e:39:e3:df:cc:90:
         ef:59:48:ae:e1:c1:66:49:5b:78:68:6f:8f:f7:55:30:ed:e7:
         78:3d:b6:e5:e2:76:eb:56:a2:64:aa:85:47:f1:01:91:2b:ca:
         e2:38:b6:49:2d:48:71:a8:93:1e:a9:cc:3c:b3:72:5a:64:f1:
         43:af:e2:45:83:e7:d9:cf:ea:1f:d8:c4:8c:fa:05:07:e7:be:
         c3:7f:d9:c7:90:93:c8:04:db:37:6f:b0:0e:59:30:90:54:74:
         3f:35:34:b9:e7:dc:cc:15:92:7c:c6:2f:1d:72:67:35:0f:16:
         c9:60:42:54:e0:2b:36:15:17:bc:05:85:e9:b5:6e:ad:ce:f3:
         0f:37:85:12:43:0d:1f:51:3c:e6:f5:53:f5:7c:6f:fe:c8:cf:
         4f:0b:53:d6:f6:59:c0:52:21:2c:a4:ac:32:28:98:4d:e4:bb:
         c9:78:15:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALDMEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NmNmOTFlN2I5NDlmZDg0M2Q4OGVjZmNlMmQxNTU0ZDZhZTk4MWQ5MB4XDTIyMDEw
MTAxNTEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNiODZlYjIwNzBh
ZjlmMGUzMWNhNWY0MzFiYzdmNDlhZTFiMzE3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJouPZSGxPMvIVdwWD/Uizab4ErymzTou9H+6LCuK/7zT/11
4ZMbd3LIdh+yKu8IG1nrxwPDhDL0EIbwvn24Hs9g+3zm0mHvjqR0sRZoRqZLwg1b
m13iASMj9NVupr6nIdFc4DRVAUkLVdamHlb0OLbI29re7PbuzAR5RlktEyGkrZyl
kxlmH+j6PgwvC2XMo8mkLRBEQUB1r9mKm14lLJv78gF5zMqy2DcGRE4OY9/kGO2l
49yGD0a/7qBdEj3xPfA+pXafD09cG/JYouJS3DIqQuchbtLd7KDB2dbqR8CCi5Cv
lnhYFvyl1q6+tuTanVt9RmcfHB8UuFUuKmNtwGcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsuG6yBwr58OMcpfQxvH9JrhsxfzAfBgNVHSMEGDAWgBTmz5HnuUn9hD2I
7Pzi0VVNaumB2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVzLVI1N2xKX1lROWlPejg0dEZWVFdycGdkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMDdkYzE0LTkzMmEtNGNjMy1iYWRkLTgxNTdhMWNiZjEzOS8x
L3JMaHVzZ2NLLWZEakhLWDBNYnhfU2E0Yk1YOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MDdkYzE0LTkzMmEtNGNjMy1iYWRkLTgxNTdhMWNiZjEzOS8xLzVzLVI1N2xKX1lR
OWlPejg0dEZWVFdycGdkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvy7DANBgkqhkiG9w0BAQsFAAOC
AQEAiMASai/K609Lcx2TKsCol3DKul3hZvhNjaUQg3yvTjLasoaxNXrBKKkKMrnP
xRpVnAebVFNRsP5ienUbUeBTqHtQlHzj7kRJvCCGbHyvPSYuFO6Vnjnj38yQ71lI
ruHBZklbeGhvj/dVMO3neD225eJ261aiZKqFR/EBkSvK4ji2SS1IcaiTHqnMPLNy
WmTxQ6/iRYPn2c/qH9jEjPoFB+e+w3/Zx5CTyATbN2+wDlkwkFR0PzU0uefczBWS
fMYvHXJnNQ8WyWBCVOArNhUXvAWF6bVurc7zDzeFEkMNH1E85vVT9Xxv/sjPTwtT
1vZZwFIhLKSsMiiYTeS7yXgVSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:11 2024 by rpki-client on console-ams.rpki-client.org