Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3af81c-e93a-40ee-9683-2d611a20d6d9/1/wiDBXEHXvA2Bsbg7Vl0gRmHpGAg.roa
File:                     wiDBXEHXvA2Bsbg7Vl0gRmHpGAg.roa (raw, json)
Hash identifier:          xArxgcY9XR9K03gLArmoPVkn4obIIzuc6VRbIKCIQF4=
Subject key identifier:   C2:20:C1:5C:41:D7:BC:0D:81:B1:B8:3B:56:5D:20:46:61:E9:18:08
Certificate issuer:       /CN=9a8ea65f69616ef18c0b691f49bc25dd3085429b
Certificate serial:       C12498
Authority key identifier: 9A:8E:A6:5F:69:61:6E:F1:8C:0B:69:1F:49:BC:25:DD:30:85:42:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mo6mX2lhbvGMC2kfSbwl3TCFQps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3af81c-e93a-40ee-9683-2d611a20d6d9/1/wiDBXEHXvA2Bsbg7Vl0gRmHpGAg.roa
Signing time:             Fri 14 Jan 2022 18:05:26 +0000
ROA not before:           Fri 14 Jan 2022 18:05:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        2a11:a9c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12657816 (0xc12498)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a8ea65f69616ef18c0b691f49bc25dd3085429b
        Validity
            Not Before: Jan 14 18:05:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c220c15c41d7bc0d81b1b83b565d204661e91808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:11:58:fb:3a:a6:5b:e9:3a:c3:c3:d2:77:9d:
                    c2:34:56:2f:ea:ab:78:b0:48:69:1a:68:d5:22:ad:
                    17:60:89:2a:6b:f9:f7:f2:b3:9e:22:ca:21:c0:0b:
                    44:bf:ba:56:2a:de:9f:b4:ac:db:00:55:25:59:6f:
                    91:dd:73:b8:80:0f:a5:12:58:17:fd:64:f0:3d:3f:
                    e5:27:7e:8a:68:cf:12:0b:46:5b:f8:82:cc:5b:f4:
                    84:ff:5c:d1:0a:ff:cc:e6:b4:6b:40:9a:a1:7c:f3:
                    3e:ba:f8:f0:b8:09:1e:8c:bd:b1:62:78:df:e1:7a:
                    fa:f0:fa:e5:c4:be:0c:3c:cc:f8:d1:0b:1c:12:95:
                    41:d2:b7:32:a3:a2:31:d9:26:a8:24:60:30:7e:d0:
                    3f:1a:83:9b:74:7f:68:3e:fa:d5:c0:7f:f6:76:3f:
                    b8:81:95:f7:f1:71:0f:ab:11:99:ca:fd:e1:5b:da:
                    2c:23:8d:cf:4a:bb:83:b5:c9:51:1f:3e:cc:e5:4b:
                    3d:d8:46:49:2c:cd:75:5d:ae:28:5b:ea:a4:34:3f:
                    8f:03:dc:7a:8e:93:25:3d:3f:89:1d:1d:57:68:f1:
                    72:85:72:92:b3:56:13:f0:d8:d8:18:fa:63:0e:20:
                    d0:b4:83:ed:cc:f9:53:89:25:44:f1:3e:17:2f:d0:
                    e5:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:20:C1:5C:41:D7:BC:0D:81:B1:B8:3B:56:5D:20:46:61:E9:18:08
            X509v3 Authority Key Identifier:
                keyid:9A:8E:A6:5F:69:61:6E:F1:8C:0B:69:1F:49:BC:25:DD:30:85:42:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mo6mX2lhbvGMC2kfSbwl3TCFQps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3af81c-e93a-40ee-9683-2d611a20d6d9/1/wiDBXEHXvA2Bsbg7Vl0gRmHpGAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3af81c-e93a-40ee-9683-2d611a20d6d9/1/mo6mX2lhbvGMC2kfSbwl3TCFQps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:a9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:d7:d8:81:ea:83:5a:86:f0:ac:5e:86:3a:4a:3b:5f:d2:f7:
         76:9c:3b:af:12:18:93:90:a5:89:6e:8d:dd:ed:e8:d9:1a:98:
         3b:21:2a:bd:69:ac:d4:8c:30:fd:84:19:ae:94:9c:4b:b9:ea:
         b8:18:e8:64:a4:0f:70:e9:fd:0b:61:df:29:a4:bc:fa:6e:bf:
         57:b6:d3:3f:5c:6a:09:f3:d8:07:b1:3e:ee:e8:85:6f:20:a9:
         5f:5d:86:e9:b0:79:5a:d7:ea:fc:3b:20:95:27:df:2a:40:08:
         c0:68:13:d2:01:5e:50:e4:76:5c:f8:fd:f5:4d:bf:ea:9b:1c:
         fe:1d:11:d0:9b:e6:06:ef:31:89:d8:32:88:04:b3:41:e4:08:
         ad:47:12:52:c5:fc:1b:3c:c8:61:9d:48:91:81:f5:cb:da:92:
         4d:6b:4e:e5:08:7f:4a:7c:10:58:4f:a4:00:6f:4d:e2:7f:c7:
         40:04:d7:54:f5:e9:90:74:41:2b:b7:a5:d8:41:82:81:69:af:
         83:a6:06:be:9b:f1:4a:fe:90:96:28:24:86:b3:1e:b6:24:d4:
         20:b4:06:e1:e8:93:03:46:28:78:f7:b0:6d:98:73:10:1c:fd:
         f2:e1:92:a5:6e:ee:77:7d:2d:66:2c:0f:45:7a:ba:6d:21:f2:
         4a:ae:e9:fb
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAMEkmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YThlYTY1ZjY5NjE2ZWYxOGMwYjY5MWY0OWJjMjVkZDMwODU0MjliMB4XDTIyMDEx
NDE4MDUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIyMGMxNWM0MWQ3
YmMwZDgxYjFiODNiNTY1ZDIwNDY2MWU5MTgwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIRWPs6plvpOsPD0nedwjRWL+qreLBIaRpo1SKtF2CJKmv5
9/KzniLKIcALRL+6Viren7Ss2wBVJVlvkd1zuIAPpRJYF/1k8D0/5Sd+imjPEgtG
W/iCzFv0hP9c0Qr/zOa0a0CaoXzzPrr48LgJHoy9sWJ43+F6+vD65cS+DDzM+NEL
HBKVQdK3MqOiMdkmqCRgMH7QPxqDm3R/aD761cB/9nY/uIGV9/FxD6sRmcr94Vva
LCONz0q7g7XJUR8+zOVLPdhGSSzNdV2uKFvqpDQ/jwPceo6TJT0/iR0dV2jxcoVy
krNWE/DY2Bj6Yw4g0LSD7cz5U4klRPE+Fy/Q5dcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTCIMFcQde8DYGxuDtWXSBGYekYCDAfBgNVHSMEGDAWgBSajqZfaWFu8YwL
aR9JvCXdMIVCmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21vNm1YMmxoYnZHTUMya2ZTYndsM1RDRlFwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvM2FmODFjLWU5M2EtNDBlZS05NjgzLTJkNjExYTIwZDZkOS8x
L3dpREJYRUhYdkEyQnNiZzdWbDBnUm1IcEdBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
M2FmODFjLWU5M2EtNDBlZS05NjgzLTJkNjExYTIwZDZkOS8xL21vNm1YMmxoYnZH
TUMya2ZTYndsM1RDRlFwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRqcAwDQYJKoZIhvcNAQELBQAD
ggEBAG7X2IHqg1qG8KxehjpKO1/S93acO68SGJOQpYlujd3t6NkamDshKr1prNSM
MP2EGa6UnEu56rgY6GSkD3Dp/Qth3ymkvPpuv1e20z9cagnz2AexPu7ohW8gqV9d
humweVrX6vw7IJUn3ypACMBoE9IBXlDkdlz4/fVNv+qbHP4dEdCb5gbvMYnYMogE
s0HkCK1HElLF/Bs8yGGdSJGB9cvakk1rTuUIf0p8EFhPpABvTeJ/x0AE11T16ZB0
QSu3pdhBgoFpr4OmBr6b8Ur+kJYoJIazHrYk1CC0BuHokwNGKHj3sG2YcxAc/fLh
kqVu7nd9LWYsD0V6um0h8kqu6fs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:56 2024 by rpki-client on console-fra.rpki-client.org