Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/70f985-ce2a-481a-bc5d-83dcba2503d0/1/6MNDLLWJoWEvhREapRvZPQsCi5w.roa
File:                     6MNDLLWJoWEvhREapRvZPQsCi5w.roa (raw, json)
Hash identifier:          KE02ezzYwMxkhqcYNEcmlpzpVvVSLOLgggM68vVE4nA=
Subject key identifier:   E8:C3:43:2C:B5:89:A1:61:2F:85:11:1A:A5:1B:D9:3D:0B:02:8B:9C
Certificate issuer:       /CN=6deedc2210677512b9d728a891c1f2451d3d46aa
Certificate serial:       010EC547
Authority key identifier: 6D:EE:DC:22:10:67:75:12:B9:D7:28:A8:91:C1:F2:45:1D:3D:46:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/be7cIhBndRK51yiokcHyRR09Rqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/70f985-ce2a-481a-bc5d-83dcba2503d0/1/6MNDLLWJoWEvhREapRvZPQsCi5w.roa
Signing time:             Mon 07 Mar 2022 17:07:29 +0000
ROA not before:           Mon 07 Mar 2022 17:07:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396356
IP address blocks:        212.23.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17745223 (0x10ec547)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6deedc2210677512b9d728a891c1f2451d3d46aa
        Validity
            Not Before: Mar  7 17:07:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8c3432cb589a1612f85111aa51bd93d0b028b9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:da:f2:8c:d2:da:99:e5:7c:e8:08:eb:4c:7a:
                    41:98:6d:71:ef:d7:7a:93:20:68:dd:1d:4d:bc:c2:
                    5c:33:25:85:06:f3:c3:0f:b4:ed:3e:03:1e:83:91:
                    42:b8:1f:8f:cc:71:03:33:79:a9:5a:22:2e:67:ae:
                    66:6b:b6:cf:a3:ca:70:5d:47:22:b1:a8:34:d4:34:
                    59:70:78:6b:49:33:01:02:8c:0f:14:5a:a4:2a:a1:
                    e7:8b:86:a4:13:d8:4d:fc:92:d9:da:ed:6a:b7:cd:
                    78:c4:e2:b9:b2:1b:6c:67:fa:d0:b0:25:61:82:af:
                    ff:00:2f:0b:15:ba:d1:65:7f:ba:f3:1d:2f:a0:ba:
                    c3:27:f5:ff:82:f3:6e:15:a4:6d:7e:c7:73:bf:c6:
                    6a:69:23:e0:55:6e:86:2e:31:ab:c5:d5:8e:23:e8:
                    11:dc:b8:76:24:8d:f3:94:f4:14:56:ce:37:1b:ad:
                    24:07:a8:87:9e:cd:07:cd:5b:71:b2:d0:7c:0c:76:
                    27:28:1b:00:a0:9d:35:c0:05:88:9d:5a:ff:b0:07:
                    0a:21:4b:ae:ec:ff:3d:70:21:ef:d7:80:b6:1b:ef:
                    55:ba:62:13:65:91:90:36:2a:ab:fa:aa:f7:d7:80:
                    76:c5:d3:03:8c:0f:2f:52:e1:f3:88:de:db:b5:16:
                    25:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:C3:43:2C:B5:89:A1:61:2F:85:11:1A:A5:1B:D9:3D:0B:02:8B:9C
            X509v3 Authority Key Identifier:
                keyid:6D:EE:DC:22:10:67:75:12:B9:D7:28:A8:91:C1:F2:45:1D:3D:46:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/be7cIhBndRK51yiokcHyRR09Rqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/70f985-ce2a-481a-bc5d-83dcba2503d0/1/6MNDLLWJoWEvhREapRvZPQsCi5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/70f985-ce2a-481a-bc5d-83dcba2503d0/1/be7cIhBndRK51yiokcHyRR09Rqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:5e:54:79:45:4d:de:66:42:d2:e7:06:ec:a0:7c:8d:1b:78:
         82:67:d4:85:47:b5:dd:20:23:76:c2:58:ea:ad:3f:51:18:2d:
         75:e8:94:95:5d:49:cd:e9:ac:0b:dc:aa:07:fe:4d:0c:99:2b:
         01:db:f1:fb:c6:53:6c:42:1e:c0:e6:87:a6:28:17:62:29:83:
         61:35:c5:04:ea:cb:d3:c4:37:e0:98:f1:00:d2:bc:b5:f4:21:
         e8:06:6e:35:ea:60:16:64:cc:fe:1e:46:30:b1:ca:39:f4:f0:
         53:f5:86:ed:b2:66:0c:3e:9e:dd:f5:db:2e:e9:79:a3:ee:21:
         e1:b4:fb:b4:56:7d:8f:94:cc:d7:1e:9e:4a:e7:dd:60:6a:8a:
         66:2f:ae:ac:5e:11:8e:e5:42:49:05:0c:5c:b1:13:48:0a:fd:
         46:3b:02:c5:3e:a1:38:b5:e4:76:23:70:87:30:72:b1:1f:02:
         cd:ba:f5:0d:46:c2:56:6a:83:45:c3:b1:3b:37:b0:ea:7d:33:
         1a:fe:ac:c1:b6:1f:d8:2a:54:40:b1:c9:a2:3a:0d:f1:52:a7:
         35:05:6c:a4:6e:f5:f6:75:de:9a:83:56:f7:01:95:a9:43:4b:
         01:d7:17:15:00:d2:79:62:74:60:cc:ea:f2:dd:bb:7a:f2:18:
         ae:60:b0:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQ7FRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGVlZGMyMjEwNjc3NTEyYjlkNzI4YTg5MWMxZjI0NTFkM2Q0NmFhMB4XDTIyMDMw
NzE3MDcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThjMzQzMmNiNTg5
YTE2MTJmODUxMTFhYTUxYmQ5M2QwYjAyOGI5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3a8ozS2pnlfOgI60x6QZhtce/XepMgaN0dTbzCXDMlhQbz
ww+07T4DHoORQrgfj8xxAzN5qVoiLmeuZmu2z6PKcF1HIrGoNNQ0WXB4a0kzAQKM
DxRapCqh54uGpBPYTfyS2drtarfNeMTiubIbbGf60LAlYYKv/wAvCxW60WV/uvMd
L6C6wyf1/4LzbhWkbX7Hc7/Gamkj4FVuhi4xq8XVjiPoEdy4diSN85T0FFbONxut
JAeoh57NB81bcbLQfAx2JygbAKCdNcAFiJ1a/7AHCiFLruz/PXAh79eAthvvVbpi
E2WRkDYqq/qq99eAdsXTA4wPL1Lh84je27UWJesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTow0MstYmhYS+FERqlG9k9CwKLnDAfBgNVHSMEGDAWgBRt7twiEGd1ErnX
KKiRwfJFHT1GqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JlN2NJaEJuZFJLNTF5aW9rY0h5UlIwOVJxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvNzBmOTg1LWNlMmEtNDgxYS1iYzVkLTgzZGNiYTI1MDNkMC8x
LzZNTkRMTFdKb1dFdmhSRWFwUnZaUFFzQ2k1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
NzBmOTg1LWNlMmEtNDgxYS1iYzVkLTgzZGNiYTI1MDNkMC8xL2JlN2NJaEJuZFJL
NTF5aW9rY0h5UlIwOVJxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQX2zANBgkqhkiG9w0BAQsFAAOC
AQEAQV5UeUVN3mZC0ucG7KB8jRt4gmfUhUe13SAjdsJY6q0/URgtdeiUlV1Jzems
C9yqB/5NDJkrAdvx+8ZTbEIewOaHpigXYimDYTXFBOrL08Q34JjxANK8tfQh6AZu
NepgFmTM/h5GMLHKOfTwU/WG7bJmDD6e3fXbLul5o+4h4bT7tFZ9j5TM1x6eSufd
YGqKZi+urF4RjuVCSQUMXLETSAr9RjsCxT6hOLXkdiNwhzBysR8Czbr1DUbCVmqD
RcOxOzew6n0zGv6swbYf2CpUQLHJojoN8VKnNQVspG719nXemoNW9wGVqUNLAdcX
FQDSeWJ0YMzq8t27evIYrmCwdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org