Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b085f3-fb11-4832-ba45-b3961750454a/1/PDnSWvqzrz0ivxWzUJvIuFEiUG0.roa
File:                     PDnSWvqzrz0ivxWzUJvIuFEiUG0.roa (raw, json)
Hash identifier:          NatkHVGmQKj6dwqXoiXl3zuymmuk1W7uREBGekSnOYw=
Subject key identifier:   3C:39:D2:5A:FA:B3:AF:3D:22:BF:15:B3:50:9B:C8:B8:51:22:50:6D
Certificate issuer:       /CN=41eedf650071ae8006e636cdbed4a7386dc87e44
Certificate serial:       AD2219
Authority key identifier: 41:EE:DF:65:00:71:AE:80:06:E6:36:CD:BE:D4:A7:38:6D:C8:7E:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qe7fZQBxroAG5jbNvtSnOG3IfkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b085f3-fb11-4832-ba45-b3961750454a/1/PDnSWvqzrz0ivxWzUJvIuFEiUG0.roa
Signing time:             Sat 01 Jan 2022 04:00:57 +0000
ROA not before:           Sat 01 Jan 2022 04:00:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48031
IP address blocks:        91.247.167.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11346457 (0xad2219)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41eedf650071ae8006e636cdbed4a7386dc87e44
        Validity
            Not Before: Jan  1 04:00:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c39d25afab3af3d22bf15b3509bc8b85122506d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cb:37:66:a8:f7:91:f5:17:12:75:0d:e7:66:
                    e2:d9:c1:76:a0:c5:f9:95:9c:da:68:4b:77:8e:af:
                    43:eb:87:0b:35:e8:e4:93:10:c8:96:60:1e:0e:c0:
                    1e:ca:28:e0:bc:86:4b:ca:12:68:81:d7:ce:b3:42:
                    28:b8:6a:e3:d7:e4:d4:1d:35:14:5a:59:24:cb:8c:
                    6c:a4:ed:7c:4a:9d:75:f8:13:b3:95:de:a3:1e:fc:
                    e4:d6:be:2c:92:06:d8:7e:cf:6b:0f:26:5a:6a:58:
                    02:03:a2:c2:c7:0b:6d:26:96:dd:34:7a:70:6d:4a:
                    7d:46:87:d7:e0:0b:c4:fd:83:53:32:34:e6:7e:9e:
                    f0:95:9c:8b:e8:48:d9:ff:80:be:8a:eb:0b:5b:38:
                    73:4d:20:8a:2c:3c:71:7c:83:b9:3b:84:5e:f5:31:
                    5b:18:52:50:17:5b:d5:4f:75:e9:85:da:54:0b:98:
                    6e:68:d7:d4:07:82:33:f1:ee:0f:2e:eb:2b:0c:6f:
                    63:a5:03:94:ee:04:1b:96:16:1d:74:53:ee:77:0f:
                    9b:a5:66:e1:64:7b:c0:1c:b0:dc:df:3f:d7:3b:23:
                    74:6b:55:52:99:48:1f:e5:87:1d:b1:c3:eb:b1:e2:
                    fe:0d:e3:f8:0b:29:d5:c0:96:91:a9:29:b6:a7:cc:
                    85:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:39:D2:5A:FA:B3:AF:3D:22:BF:15:B3:50:9B:C8:B8:51:22:50:6D
            X509v3 Authority Key Identifier:
                keyid:41:EE:DF:65:00:71:AE:80:06:E6:36:CD:BE:D4:A7:38:6D:C8:7E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qe7fZQBxroAG5jbNvtSnOG3IfkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b085f3-fb11-4832-ba45-b3961750454a/1/PDnSWvqzrz0ivxWzUJvIuFEiUG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b085f3-fb11-4832-ba45-b3961750454a/1/Qe7fZQBxroAG5jbNvtSnOG3IfkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.247.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:9f:97:eb:fb:8d:43:d4:8b:26:97:a4:eb:1c:82:0c:67:40:
         5e:11:b5:dd:96:76:a2:16:ae:8c:be:12:b7:de:a8:e2:f8:c4:
         ee:04:78:c2:13:0b:c8:5c:c0:04:0a:60:fd:bf:82:3b:28:ca:
         f6:1f:6d:ae:a1:df:2b:dc:ab:68:4e:77:9a:a9:d5:b8:57:66:
         e2:79:c9:04:22:1d:b3:dd:18:8a:76:86:16:d2:15:16:ad:01:
         90:49:1e:d7:36:2c:82:c1:b3:89:ef:3f:ab:80:36:4a:97:18:
         85:9a:22:d2:8a:3d:b4:ec:ba:4e:8b:7b:af:3c:54:bf:63:3b:
         5d:20:31:c1:27:76:69:c5:47:a2:1e:60:00:d4:64:50:3c:e5:
         b3:48:f6:2f:f0:38:3f:00:6d:ce:c5:93:63:9d:65:cb:42:98:
         d0:f0:a1:0b:8f:1e:71:80:ec:5b:52:f0:3e:00:79:b5:74:59:
         bc:7c:a5:f0:b4:08:ac:96:57:f2:9a:c4:64:e3:25:a2:54:e6:
         ad:9b:de:3b:c4:64:26:2b:2e:3d:f0:6b:ea:1f:0b:7b:a6:db:
         c1:1a:b7:a4:9e:30:0f:e5:16:97:2d:07:6b:76:55:e1:4d:d6:
         04:cf:3c:0a:4f:a2:fd:7c:6b:68:b2:d5:28:0f:2e:f9:32:7f:
         68:ff:bc:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAK0iGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWVlZGY2NTAwNzFhZTgwMDZlNjM2Y2RiZWQ0YTczODZkYzg3ZTQ0MB4XDTIyMDEw
MTA0MDA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MzOWQyNWFmYWIz
YWYzZDIyYmYxNWIzNTA5YmM4Yjg1MTIyNTA2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbLN2ao95H1FxJ1Dedm4tnBdqDF+ZWc2mhLd46vQ+uHCzXo
5JMQyJZgHg7AHsoo4LyGS8oSaIHXzrNCKLhq49fk1B01FFpZJMuMbKTtfEqddfgT
s5Xeox785Na+LJIG2H7Paw8mWmpYAgOiwscLbSaW3TR6cG1KfUaH1+ALxP2DUzI0
5n6e8JWci+hI2f+AvorrC1s4c00giiw8cXyDuTuEXvUxWxhSUBdb1U916YXaVAuY
bmjX1AeCM/HuDy7rKwxvY6UDlO4EG5YWHXRT7ncPm6Vm4WR7wByw3N8/1zsjdGtV
UplIH+WHHbHD67Hi/g3j+Asp1cCWkakptqfMhS8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8OdJa+rOvPSK/FbNQm8i4USJQbTAfBgNVHSMEGDAWgBRB7t9lAHGugAbm
Ns2+1Kc4bch+RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FlN2ZaUUJ4cm9BRzVqYk52dFNuT0czSWZrUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYjA4NWYzLWZiMTEtNDgzMi1iYTQ1LWIzOTYxNzUwNDU0YS8x
L1BEblNXdnF6cnowaXZ4V3pVSnZJdUZFaVVHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YjA4NWYzLWZiMTEtNDgzMi1iYTQ1LWIzOTYxNzUwNDU0YS8xL1FlN2ZaUUJ4cm9B
RzVqYk52dFNuT0czSWZrUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv3pzANBgkqhkiG9w0BAQsFAAOC
AQEAAJ+X6/uNQ9SLJpek6xyCDGdAXhG13ZZ2ohaujL4St96o4vjE7gR4whMLyFzA
BApg/b+COyjK9h9trqHfK9yraE53mqnVuFdm4nnJBCIds90YinaGFtIVFq0BkEke
1zYsgsGzie8/q4A2SpcYhZoi0oo9tOy6Tot7rzxUv2M7XSAxwSd2acVHoh5gANRk
UDzls0j2L/A4PwBtzsWTY51ly0KY0PChC48ecYDsW1LwPgB5tXRZvHyl8LQIrJZX
8prEZOMlolTmrZveO8RkJisuPfBr6h8Le6bbwRq3pJ4wD+UWly0Ha3ZV4U3WBM88
Ck+i/XxraLLVKA8u+TJ/aP+8uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:19 2024 by rpki-client on console-ams.rpki-client.org