Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/7468ff-2a6a-43cb-a67a-afbcd928b25b/1/UfAmGmwu983hTQ88RBjgQg9E8HA.roa
File:                     UfAmGmwu983hTQ88RBjgQg9E8HA.roa (raw, json)
Hash identifier:          nwaXpW3/z0jqYahpM67j6WWd9u/s/t9RJSEmrJ4X7/s=
Subject key identifier:   51:F0:26:1A:6C:2E:F7:CD:E1:4D:0F:3C:44:18:E0:42:0F:44:F0:70
Certificate issuer:       /CN=496a77608f1f4472f6fc30273c5560e967caf273
Certificate serial:       018220896427B8B974BC84FEDFBB5E3C0A2B
Authority key identifier: 49:6A:77:60:8F:1F:44:72:F6:FC:30:27:3C:55:60:E9:67:CA:F2:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SWp3YI8fRHL2_DAnPFVg6WfK8nM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/7468ff-2a6a-43cb-a67a-afbcd928b25b/1/UfAmGmwu983hTQ88RBjgQg9E8HA.roa
Signing time:             Thu 21 Jul 2022 11:34:11 +0000
ROA not before:           Thu 21 Jul 2022 11:34:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        91.246.50.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:20:89:64:27:b8:b9:74:bc:84:fe:df:bb:5e:3c:0a:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=496a77608f1f4472f6fc30273c5560e967caf273
        Validity
            Not Before: Jul 21 11:34:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51f0261a6c2ef7cde14d0f3c4418e0420f44f070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:66:68:c7:cd:44:9c:b7:f4:70:95:7c:22:8a:
                    66:5a:28:b1:fa:79:4d:04:28:89:a7:98:b0:99:c2:
                    20:59:bd:e4:97:f1:a0:d8:fe:20:fe:83:ea:aa:d7:
                    7c:fd:58:59:0f:80:c8:2f:65:72:85:8e:45:04:a7:
                    94:52:cd:fc:61:a7:d7:f2:ac:b3:c6:01:33:db:e0:
                    3e:21:15:a6:b9:29:f4:5d:ed:4d:5f:83:60:f2:aa:
                    5b:83:27:52:ce:18:7b:52:ca:78:f0:b5:5e:2b:ec:
                    4e:7f:55:08:97:c1:5d:53:22:f8:18:d9:20:5a:a6:
                    d7:65:44:b1:86:9e:05:fb:6a:bb:70:a5:ee:79:5c:
                    10:e2:72:13:ab:fa:60:1b:b1:c2:d8:cc:43:fe:65:
                    11:41:48:21:22:0d:9d:8f:45:6e:62:30:c4:62:de:
                    8a:e1:b3:51:89:b7:48:5f:68:c1:bd:63:35:16:69:
                    c6:5a:02:a1:24:d0:67:94:2e:56:ad:64:77:90:69:
                    dc:cf:90:9d:01:e4:79:75:3f:35:13:07:ac:23:aa:
                    cb:3e:79:11:61:ac:9c:66:98:8e:cf:d9:2a:ec:72:
                    57:7e:3d:82:44:2f:a0:a5:58:6b:65:12:b5:84:50:
                    e3:c4:d9:07:64:9f:3f:b7:56:6f:61:93:35:67:af:
                    34:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F0:26:1A:6C:2E:F7:CD:E1:4D:0F:3C:44:18:E0:42:0F:44:F0:70
            X509v3 Authority Key Identifier:
                keyid:49:6A:77:60:8F:1F:44:72:F6:FC:30:27:3C:55:60:E9:67:CA:F2:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SWp3YI8fRHL2_DAnPFVg6WfK8nM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/7468ff-2a6a-43cb-a67a-afbcd928b25b/1/UfAmGmwu983hTQ88RBjgQg9E8HA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/7468ff-2a6a-43cb-a67a-afbcd928b25b/1/SWp3YI8fRHL2_DAnPFVg6WfK8nM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:1d:7a:6d:83:a9:27:7a:c9:85:f5:68:dc:68:4d:68:d1:10:
         95:e4:66:d8:40:9e:91:d0:b8:e4:81:a7:97:22:01:9b:ac:51:
         92:13:4d:79:1f:6f:cf:01:8e:d5:66:72:53:f3:b9:06:53:b2:
         8e:05:05:5a:bc:12:8c:d2:b0:26:7b:b8:28:61:76:49:aa:ff:
         4e:cb:cd:91:19:46:3c:55:dc:4f:0c:cc:37:21:98:aa:2e:8c:
         df:39:0e:8d:91:e3:6c:66:9c:5b:ac:3a:0b:91:46:e6:67:5e:
         e9:b9:aa:fe:fb:22:32:7b:88:31:f6:6e:b8:2b:4d:bb:85:01:
         0c:28:13:09:cb:f9:2b:f4:b6:41:86:db:ac:d3:9f:2c:be:9b:
         ce:ff:9a:05:1f:5c:d6:ee:a0:47:ba:37:83:8d:c3:77:17:48:
         b1:4b:4a:c4:74:78:f8:27:5f:d7:da:96:02:b4:bd:9c:cb:15:
         70:fc:fd:ee:17:68:aa:94:c9:93:ac:f3:06:fd:5a:b7:9b:41:
         ab:06:44:6b:8f:ac:23:18:71:90:da:2a:d4:b5:16:8c:71:65:
         af:ed:f1:83:6c:d9:c8:3c:7d:36:53:c5:b4:af:2c:e0:34:e9:
         0a:fd:4d:9a:c5:63:c2:15:ec:cf:cf:41:16:e2:0b:c3:81:ee:
         e3:45:a3:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIgiWQnuLl0vIT+37tePAorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NmE3NzYwOGYxZjQ0NzJmNmZjMzAyNzNjNTU2MGU5Njdj
YWYyNzMwHhcNMjIwNzIxMTEzNDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWYwMjYxYTZjMmVmN2NkZTE0ZDBmM2M0NDE4ZTA0MjBmNDRmMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGZox81EnLf0cJV8IopmWiix+nlN
BCiJp5iwmcIgWb3kl/Gg2P4g/oPqqtd8/VhZD4DIL2VyhY5FBKeUUs38YafX8qyz
xgEz2+A+IRWmuSn0Xe1NX4Ng8qpbgydSzhh7Usp48LVeK+xOf1UIl8FdUyL4GNkg
WqbXZUSxhp4F+2q7cKXueVwQ4nITq/pgG7HC2MxD/mURQUghIg2dj0VuYjDEYt6K
4bNRibdIX2jBvWM1FmnGWgKhJNBnlC5WrWR3kGncz5CdAeR5dT81EwesI6rLPnkR
YaycZpiOz9kq7HJXfj2CRC+gpVhrZRK1hFDjxNkHZJ8/t1ZvYZM1Z680OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHwJhpsLvfN4U0PPEQY4EIPRPBwMB8GA1UdIwQY
MBaAFElqd2CPH0Ry9vwwJzxVYOlnyvJzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1dwM1lJOGZSSEwyX0RBblBGVmc2V2ZLOG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NDY4ZmYtMmE2YS00M2NiLWE2N2Et
YWZiY2Q5MjhiMjViLzEvVWZBbUdtd3U5ODNoVFE4OFJCamdRZzlFOEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NDY4ZmYtMmE2YS00M2NiLWE2N2EtYWZiY2Q5MjhiMjVi
LzEvU1dwM1lJOGZSSEwyX0RBblBGVmc2V2ZLOG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YyMA0G
CSqGSIb3DQEBCwUAA4IBAQC5HXptg6knesmF9WjcaE1o0RCV5GbYQJ6R0LjkgaeX
IgGbrFGSE015H2/PAY7VZnJT87kGU7KOBQVavBKM0rAme7goYXZJqv9Oy82RGUY8
VdxPDMw3IZiqLozfOQ6NkeNsZpxbrDoLkUbmZ17puar++yIye4gx9m64K027hQEM
KBMJy/kr9LZBhtus058svpvO/5oFH1zW7qBHujeDjcN3F0ixS0rEdHj4J1/X2pYC
tL2cyxVw/P3uF2iqlMmTrPMG/Vq3m0GrBkRrj6wjGHGQ2irUtRaMcWWv7fGDbNnI
PH02U8W0ryzgNOkK/U2axWPCFezPz0EW4gvDge7jRaOs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org