Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba79a-73c4-4600-9239-66c9ff675711/1/sje0h1Ay2hfxRLENGtKKVCdc8xM.roa
File:                     sje0h1Ay2hfxRLENGtKKVCdc8xM.roa (raw, json)
Hash identifier:          iQEvRLH/tezZm/fpz6BGil4fpaZ2AhoMyxZalyJO8po=
Subject key identifier:   B2:37:B4:87:50:32:DA:17:F1:44:B1:0D:1A:D2:8A:54:27:5C:F3:13
Certificate issuer:       /CN=d49fe7b9eccdf99cea9c362e19ce77b0452289c7
Certificate serial:       FBE8AD
Authority key identifier: D4:9F:E7:B9:EC:CD:F9:9C:EA:9C:36:2E:19:CE:77:B0:45:22:89:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1J_nuezN-ZzqnDYuGc53sEUiicc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/4ba79a-73c4-4600-9239-66c9ff675711/1/sje0h1Ay2hfxRLENGtKKVCdc8xM.roa
Signing time:             Mon 07 Mar 2022 17:38:55 +0000
ROA not before:           Mon 07 Mar 2022 17:38:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59253
IP address blocks:        146.19.66.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16509101 (0xfbe8ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d49fe7b9eccdf99cea9c362e19ce77b0452289c7
        Validity
            Not Before: Mar  7 17:38:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b237b4875032da17f144b10d1ad28a54275cf313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:40:bb:16:d9:bc:31:5b:13:d9:f8:30:cb:a5:
                    9c:f3:50:60:3b:36:95:2f:9d:a6:53:c0:16:56:fc:
                    99:81:64:e5:37:a8:7f:21:ac:57:31:dd:e9:17:07:
                    74:87:ed:95:87:96:87:39:98:cd:d4:bf:3d:ae:b3:
                    d3:da:32:89:61:65:d5:e4:0d:a8:36:d9:3f:64:f4:
                    8b:6e:ff:43:31:c6:11:34:55:55:22:b7:4d:c1:39:
                    ea:bd:9a:65:3c:9e:7a:2e:89:8f:82:30:a9:b2:41:
                    31:ed:9f:95:27:81:ce:65:c1:91:d9:45:c1:f1:ea:
                    47:4e:7c:94:40:02:f7:e8:7e:f3:ee:a8:db:8a:c5:
                    52:43:57:12:db:e2:0e:bd:87:da:31:8d:75:b3:ed:
                    4c:7b:de:3c:b4:8b:4e:82:0f:fd:88:5b:7d:a7:6f:
                    73:ec:6c:72:f1:7e:99:d7:71:3a:0a:f4:22:67:75:
                    4d:e9:45:51:42:8e:d3:5c:fd:02:ec:70:5e:07:04:
                    95:60:d1:98:ed:91:e2:0c:a8:7d:14:ef:30:b2:cc:
                    2f:dd:1c:41:dd:d6:6b:31:32:c1:33:e5:c6:6b:63:
                    01:de:c5:48:07:92:03:e8:2c:4e:73:18:fc:ad:fd:
                    02:70:2d:9d:7e:31:0c:60:40:fc:92:d0:0c:6c:79:
                    b8:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:37:B4:87:50:32:DA:17:F1:44:B1:0D:1A:D2:8A:54:27:5C:F3:13
            X509v3 Authority Key Identifier:
                keyid:D4:9F:E7:B9:EC:CD:F9:9C:EA:9C:36:2E:19:CE:77:B0:45:22:89:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1J_nuezN-ZzqnDYuGc53sEUiicc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba79a-73c4-4600-9239-66c9ff675711/1/sje0h1Ay2hfxRLENGtKKVCdc8xM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba79a-73c4-4600-9239-66c9ff675711/1/1J_nuezN-ZzqnDYuGc53sEUiicc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:c1:ca:b7:3c:63:6f:79:55:56:7c:e2:46:55:f9:62:99:e6:
         1f:82:2c:36:0d:dc:a9:2b:ba:f4:c7:60:40:44:97:7b:fc:a3:
         4b:c8:ac:b3:a6:15:60:f1:69:62:19:5c:4e:3d:de:71:a1:92:
         30:a9:11:3f:c1:f4:60:7e:f2:cf:c9:af:cd:ca:17:f2:b3:52:
         db:9a:57:6e:60:5e:56:2a:3f:a9:97:78:08:a9:9b:94:20:95:
         60:6a:16:c0:4b:58:69:50:17:47:f2:31:ac:1a:55:cb:ae:4b:
         98:47:5b:5d:1a:94:31:89:c9:bb:af:75:7d:50:61:0e:8a:e4:
         64:99:85:7a:73:c3:1e:16:0a:67:c8:8e:47:20:dd:b2:48:85:
         1f:9a:9d:d7:cb:66:f4:c9:56:e7:61:de:2b:4c:9d:c0:da:a9:
         57:ed:a1:47:90:33:f2:20:bc:97:d9:0d:5e:87:00:69:ac:94:
         87:fb:95:04:1d:87:66:f7:c3:7a:7b:09:6d:34:2b:c4:12:fb:
         2e:1a:da:6b:87:0a:08:c4:79:9c:ea:11:9d:76:18:bc:38:db:
         c3:f7:87:57:f6:0d:18:c6:6b:0b:e4:ec:ea:96:9f:40:f9:57:
         d7:64:9f:2b:88:25:eb:a2:94:67:76:7b:1f:63:f2:c3:40:7f:
         1d:96:b8:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPvorTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDlmZTdiOWVjY2RmOTljZWE5YzM2MmUxOWNlNzdiMDQ1MjI4OWM3MB4XDTIyMDMw
NzE3Mzg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIzN2I0ODc1MDMy
ZGExN2YxNDRiMTBkMWFkMjhhNTQyNzVjZjMxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdAuxbZvDFbE9n4MMulnPNQYDs2lS+dplPAFlb8mYFk5Teo
fyGsVzHd6RcHdIftlYeWhzmYzdS/Pa6z09oyiWFl1eQNqDbZP2T0i27/QzHGETRV
VSK3TcE56r2aZTyeei6Jj4IwqbJBMe2flSeBzmXBkdlFwfHqR058lEAC9+h+8+6o
24rFUkNXEtviDr2H2jGNdbPtTHvePLSLToIP/Yhbfadvc+xscvF+mddxOgr0Imd1
TelFUUKO01z9AuxwXgcElWDRmO2R4gyofRTvMLLML90cQd3WazEywTPlxmtjAd7F
SAeSA+gsTnMY/K39AnAtnX4xDGBA/JLQDGx5uEkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyN7SHUDLaF/FEsQ0a0opUJ1zzEzAfBgNVHSMEGDAWgBTUn+e57M35nOqc
Ni4ZznewRSKJxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFKX251ZXpOLVp6cW5EWXVHYzUzc0VVaWljYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNGJhNzlhLTczYzQtNDYwMC05MjM5LTY2YzlmZjY3NTcxMS8x
L3NqZTBoMUF5MmhmeFJMRU5HdEtLVkNkYzh4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NGJhNzlhLTczYzQtNDYwMC05MjM5LTY2YzlmZjY3NTcxMS8xLzFKX251ZXpOLVp6
cW5EWXVHYzUzc0VVaWljYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITQjANBgkqhkiG9w0BAQsFAAOC
AQEAAsHKtzxjb3lVVnziRlX5YpnmH4IsNg3cqSu69MdgQESXe/yjS8iss6YVYPFp
YhlcTj3ecaGSMKkRP8H0YH7yz8mvzcoX8rNS25pXbmBeVio/qZd4CKmblCCVYGoW
wEtYaVAXR/IxrBpVy65LmEdbXRqUMYnJu691fVBhDorkZJmFenPDHhYKZ8iORyDd
skiFH5qd18tm9MlW52HeK0ydwNqpV+2hR5Az8iC8l9kNXocAaayUh/uVBB2HZvfD
ensJbTQrxBL7Lhraa4cKCMR5nOoRnXYYvDjbw/eHV/YNGMZrC+Ts6pafQPlX12Sf
K4gl66KUZ3Z7H2Pyw0B/HZa4Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:02 2024 by rpki-client on console-ams.rpki-client.org