Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5aec25-216d-43a7-abe1-3879e33802e6/1/u1-kKU5kZkKnApVIAy8MJS6sIhY.roa
File:                     u1-kKU5kZkKnApVIAy8MJS6sIhY.roa (raw, json)
Hash identifier:          elQOfe+lClmlj4CTzpfU+H1GVFh9zYp7vEF6hTu38lQ=
Subject key identifier:   BB:5F:A4:29:4E:64:66:42:A7:02:95:48:03:2F:0C:25:2E:AC:22:16
Certificate issuer:       /CN=4dc3c18f47ea5edd7135df247868e117c681c87f
Certificate serial:       0186DFEDEFF962466485EC3429145BC1D071
Authority key identifier: 4D:C3:C1:8F:47:EA:5E:DD:71:35:DF:24:78:68:E1:17:C6:81:C8:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TcPBj0fqXt1xNd8keGjhF8aByH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/5aec25-216d-43a7-abe1-3879e33802e6/1/u1-kKU5kZkKnApVIAy8MJS6sIhY.roa
Signing time:             Tue 14 Mar 2023 11:42:37 +0000
ROA not before:           Tue 14 Mar 2023 11:42:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        190.92.168.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:ed:ef:f9:62:46:64:85:ec:34:29:14:5b:c1:d0:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dc3c18f47ea5edd7135df247868e117c681c87f
        Validity
            Not Before: Mar 14 11:42:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb5fa4294e646642a7029548032f0c252eac2216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:08:c3:eb:03:8d:93:91:c7:fa:0d:fc:60:10:
                    13:1c:c1:1d:d0:19:e9:90:f7:57:73:e5:d1:7b:08:
                    ff:eb:b2:a0:65:71:b0:26:5f:07:1f:66:02:f7:64:
                    a9:0d:82:58:04:fe:c9:e5:64:e2:0b:41:b2:37:9f:
                    6f:74:23:91:7d:75:47:c7:a6:9e:71:55:9e:d2:74:
                    f1:90:82:f2:9d:c4:76:fd:ee:d3:12:ba:98:7d:47:
                    50:6c:00:81:fe:39:c5:f4:fd:e6:ed:c3:52:6f:00:
                    ff:25:74:56:2e:54:5a:c6:49:70:47:17:c0:20:f5:
                    81:d1:69:2c:35:97:5a:17:ff:18:41:56:21:31:74:
                    8a:a7:23:37:7f:23:ef:6c:27:8c:0d:b3:b4:58:27:
                    11:20:be:2b:19:9e:c5:89:41:6f:2c:29:00:f9:b9:
                    8d:ec:6a:29:37:45:cf:e1:53:09:a0:aa:f1:28:32:
                    fa:43:b5:e4:60:ce:77:d5:e0:bc:79:a4:7f:2b:e4:
                    18:0b:67:cd:59:f2:d0:cb:a1:da:ff:7c:67:71:17:
                    d0:ce:c1:dc:01:b1:6f:68:37:db:69:3d:08:6d:33:
                    b5:94:62:6c:6b:57:41:1b:d5:4d:44:75:c6:ca:42:
                    f8:75:02:1f:d4:66:11:00:ff:83:b8:20:dc:87:39:
                    3e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:5F:A4:29:4E:64:66:42:A7:02:95:48:03:2F:0C:25:2E:AC:22:16
            X509v3 Authority Key Identifier:
                keyid:4D:C3:C1:8F:47:EA:5E:DD:71:35:DF:24:78:68:E1:17:C6:81:C8:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TcPBj0fqXt1xNd8keGjhF8aByH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5aec25-216d-43a7-abe1-3879e33802e6/1/u1-kKU5kZkKnApVIAy8MJS6sIhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5aec25-216d-43a7-abe1-3879e33802e6/1/TcPBj0fqXt1xNd8keGjhF8aByH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.92.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2a:ed:c2:03:bc:45:e2:c6:08:5a:98:75:09:10:44:2c:f7:54:
         0a:8e:23:67:3d:1b:4f:56:06:9b:30:d0:8a:0e:d5:51:01:e4:
         77:75:bf:ec:2b:a1:02:16:6a:b9:17:29:c2:c2:25:b0:27:26:
         49:04:64:f9:44:af:02:cc:f0:b7:be:f2:d5:63:b7:4e:85:df:
         f7:e2:64:fe:dc:85:38:54:dd:4d:8c:22:c0:0e:7a:85:1a:7b:
         1c:2a:1d:43:d1:d9:e8:74:6a:01:74:3e:72:7f:bf:72:2e:35:
         8c:ec:5f:27:8e:77:39:bb:ee:3b:25:ec:64:10:24:33:88:9e:
         4d:5e:6d:55:bb:91:70:5e:f3:76:12:52:74:e3:b5:22:fd:55:
         68:8c:39:e6:34:94:33:ca:d0:cc:96:c4:8f:ac:c3:8f:0e:02:
         a1:16:98:b8:56:5f:45:0f:a3:f4:af:2a:f7:be:1c:59:c9:17:
         5b:6a:e0:8c:d0:68:77:ce:85:fa:ab:fa:19:35:3a:67:ba:65:
         de:31:7b:c4:d1:7e:74:18:88:ce:34:59:bb:53:8f:1f:87:1b:
         0e:f0:58:56:0d:74:f2:82:8c:04:db:fc:af:e5:9d:f4:8c:9f:
         b6:85:be:c5:75:d3:4e:2f:aa:66:13:9d:41:76:2b:20:13:2d:
         77:32:19:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbf7e/5YkZkhew0KRRbwdBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYzNjMThmNDdlYTVlZGQ3MTM1ZGYyNDc4NjhlMTE3YzY4
MWM4N2YwHhcNMjMwMzE0MTE0MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjVmYTQyOTRlNjQ2NjQyYTcwMjk1NDgwMzJmMGMyNTJlYWMyMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAjD6wONk5HH+g38YBATHMEd0Bnp
kPdXc+XRewj/67KgZXGwJl8HH2YC92SpDYJYBP7J5WTiC0GyN59vdCORfXVHx6ae
cVWe0nTxkILyncR2/e7TErqYfUdQbACB/jnF9P3m7cNSbwD/JXRWLlRaxklwRxfA
IPWB0WksNZdaF/8YQVYhMXSKpyM3fyPvbCeMDbO0WCcRIL4rGZ7FiUFvLCkA+bmN
7GopN0XP4VMJoKrxKDL6Q7XkYM531eC8eaR/K+QYC2fNWfLQy6Ha/3xncRfQzsHc
AbFvaDfbaT0IbTO1lGJsa1dBG9VNRHXGykL4dQIf1GYRAP+DuCDchzk+eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtfpClOZGZCpwKVSAMvDCUurCIWMB8GA1UdIwQY
MBaAFE3DwY9H6l7dcTXfJHho4RfGgch/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGNQQmowZnFYdDF4TmQ4a2VHamhGOGFCeUg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi81YWVjMjUtMjE2ZC00M2E3LWFiZTEt
Mzg3OWUzMzgwMmU2LzEvdTEta0tVNWtaa0tuQXBWSUF5OE1KUzZzSWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi81YWVjMjUtMjE2ZC00M2E3LWFiZTEtMzg3OWUzMzgwMmU2
LzEvVGNQQmowZnFYdDF4TmQ4a2VHamhGOGFCeUg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvlyoMA0G
CSqGSIb3DQEBCwUAA4IBAQAq7cIDvEXixghamHUJEEQs91QKjiNnPRtPVgabMNCK
DtVRAeR3db/sK6ECFmq5FynCwiWwJyZJBGT5RK8CzPC3vvLVY7dOhd/34mT+3IU4
VN1NjCLADnqFGnscKh1D0dnodGoBdD5yf79yLjWM7F8njnc5u+47JexkECQziJ5N
Xm1Vu5FwXvN2ElJ047Ui/VVojDnmNJQzytDMlsSPrMOPDgKhFpi4Vl9FD6P0ryr3
vhxZyRdbauCM0Gh3zoX6q/oZNTpnumXeMXvE0X50GIjONFm7U48fhxsO8FhWDXTy
gowE2/yv5Z30jJ+2hb7FddNOL6pmE51BdisgEy13Mhn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:14 2024 by rpki-client on console-ams.rpki-client.org