Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d096ee-cb19-47af-b0fe-08cae50f0060/1/_chFmFCLJ7ro5iLZxj6HiWRhneQ.roa
File:                     _chFmFCLJ7ro5iLZxj6HiWRhneQ.roa (raw, json)
Hash identifier:          MOJclrUm7RvYOk1BQuUuCnID/qLQFFBySSUgxwL1++c=
Subject key identifier:   FD:C8:45:98:50:8B:27:BA:E8:E6:22:D9:C6:3E:87:89:64:61:9D:E4
Certificate issuer:       /CN=530a80cf6dbd0748ed117d56de533cc37fd1719f
Certificate serial:       018572B401C528E2CD53F93D03D4AE5A3167
Authority key identifier: 53:0A:80:CF:6D:BD:07:48:ED:11:7D:56:DE:53:3C:C3:7F:D1:71:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UwqAz229B0jtEX1W3lM8w3_RcZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d096ee-cb19-47af-b0fe-08cae50f0060/1/_chFmFCLJ7ro5iLZxj6HiWRhneQ.roa
Signing time:             Mon 02 Jan 2023 13:37:57 +0000
ROA not before:           Mon 02 Jan 2023 13:37:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206766
IP address blocks:        146.19.13.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:01:c5:28:e2:cd:53:f9:3d:03:d4:ae:5a:31:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=530a80cf6dbd0748ed117d56de533cc37fd1719f
        Validity
            Not Before: Jan  2 13:37:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdc84598508b27bae8e622d9c63e878964619de4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:37:6b:35:fa:a2:ca:04:8a:22:57:14:c1:67:
                    89:8a:1c:09:7b:36:a9:1f:6b:a3:e1:50:dd:c5:c2:
                    c3:d5:54:c4:51:95:b5:47:4a:27:ba:1b:c9:d4:6b:
                    7b:10:d4:f2:d3:9e:bb:38:38:9a:7c:c9:13:c9:16:
                    9d:38:96:3d:95:b3:11:0b:9b:61:d5:c8:51:52:4b:
                    0d:2b:38:7b:57:a0:77:fe:40:b6:b0:e0:6d:cf:4e:
                    83:75:d8:f7:e3:73:08:9a:0d:ec:a2:46:80:b8:f7:
                    5a:a6:dd:18:60:68:45:aa:10:f1:db:d8:20:bb:b2:
                    c0:51:4e:a4:9d:e1:f5:2e:a9:2b:8f:27:e9:df:ae:
                    3d:dc:8a:52:9d:d1:6f:8d:0d:e3:1b:8d:d2:90:b6:
                    0d:9d:9c:da:c1:f6:53:fa:b7:9a:0c:f1:d8:97:f9:
                    04:f5:29:45:4e:48:ab:a7:23:ab:7d:24:e1:62:5e:
                    7c:78:f6:54:a9:1b:bd:be:f5:eb:9a:71:eb:e9:b1:
                    e1:c0:a9:28:70:0e:bd:e1:fa:c6:f1:b0:4f:e8:15:
                    d3:96:de:d0:a3:f8:3a:bd:05:f7:3e:22:fa:82:b4:
                    fd:5a:35:d7:47:e5:c4:89:b1:6e:9e:10:91:fe:0f:
                    cb:98:cf:8d:66:7b:cc:56:6e:f9:f9:d7:42:61:6e:
                    05:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:C8:45:98:50:8B:27:BA:E8:E6:22:D9:C6:3E:87:89:64:61:9D:E4
            X509v3 Authority Key Identifier:
                keyid:53:0A:80:CF:6D:BD:07:48:ED:11:7D:56:DE:53:3C:C3:7F:D1:71:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwqAz229B0jtEX1W3lM8w3_RcZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d096ee-cb19-47af-b0fe-08cae50f0060/1/_chFmFCLJ7ro5iLZxj6HiWRhneQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d096ee-cb19-47af-b0fe-08cae50f0060/1/UwqAz229B0jtEX1W3lM8w3_RcZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:7e:5d:dc:7d:2d:d2:86:02:0f:6d:bc:18:2f:76:56:f0:e5:
         1d:60:8a:62:16:e9:91:56:53:3b:2d:ad:82:5e:58:bf:3b:db:
         44:cc:34:33:05:2e:cc:76:db:cf:af:1b:33:31:b4:16:8d:70:
         db:36:1d:17:1e:9d:61:79:73:70:bf:99:d1:1e:17:9f:7a:a2:
         bf:b1:6a:b1:ec:ce:05:9a:e1:6a:dd:8e:71:e9:6e:c6:92:9e:
         68:69:d1:e2:fa:62:ef:5f:1a:ef:49:ad:4d:a5:50:57:8b:3b:
         26:14:8e:03:30:41:a1:18:34:23:e1:d0:57:5c:1f:ad:62:c9:
         ec:a2:38:9b:cc:fa:7a:89:6a:c4:a2:a8:3f:02:80:c0:95:d7:
         08:c8:9f:24:bb:a7:76:52:04:a3:cf:35:fd:de:85:6f:ee:ef:
         67:10:26:ed:4a:52:82:5c:fb:54:9a:4c:6c:58:77:9d:bd:2a:
         c3:8f:60:39:84:ef:33:b0:46:5b:22:d2:0e:84:62:08:7b:61:
         41:d5:5a:68:d4:cf:51:30:23:a4:5b:18:bb:f3:b7:f2:4a:c1:
         e6:74:4f:12:dd:c3:3f:a5:bc:0d:7f:56:9f:b0:1b:41:bf:39:
         c8:f4:29:7c:1c:22:61:c7:d2:d6:ab:5b:e4:07:ec:5b:de:cc:
         e0:ae:b6:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytAHFKOLNU/k9A9SuWjFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMGE4MGNmNmRiZDA3NDhlZDExN2Q1NmRlNTMzY2MzN2Zk
MTcxOWYwHhcNMjMwMTAyMTMzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM4NDU5ODUwOGIyN2JhZThlNjIyZDljNjNlODc4OTY0NjE5ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TdrNfqiygSKIlcUwWeJihwJezap
H2uj4VDdxcLD1VTEUZW1R0onuhvJ1Gt7ENTy0567ODiafMkTyRadOJY9lbMRC5th
1chRUksNKzh7V6B3/kC2sOBtz06Dddj343MImg3sokaAuPdapt0YYGhFqhDx29gg
u7LAUU6kneH1Lqkrjyfp36493IpSndFvjQ3jG43SkLYNnZzawfZT+reaDPHYl/kE
9SlFTkirpyOrfSThYl58ePZUqRu9vvXrmnHr6bHhwKkocA694frG8bBP6BXTlt7Q
o/g6vQX3PiL6grT9WjXXR+XEibFunhCR/g/LmM+NZnvMVm75+ddCYW4FCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3IRZhQiye66OYi2cY+h4lkYZ3kMB8GA1UdIwQY
MBaAFFMKgM9tvQdI7RF9Vt5TPMN/0XGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdxQXoyMjlCMGp0RVgxVzNsTTh3M19SY1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMDk2ZWUtY2IxOS00N2FmLWIwZmUt
MDhjYWU1MGYwMDYwLzEvX2NoRm1GQ0xKN3JvNWlMWnhqNkhpV1JobmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMDk2ZWUtY2IxOS00N2FmLWIwZmUtMDhjYWU1MGYwMDYw
LzEvVXdxQXoyMjlCMGp0RVgxVzNsTTh3M19SY1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMNMA0G
CSqGSIb3DQEBCwUAA4IBAQBQfl3cfS3ShgIPbbwYL3ZW8OUdYIpiFumRVlM7La2C
Xli/O9tEzDQzBS7MdtvPrxszMbQWjXDbNh0XHp1heXNwv5nRHhefeqK/sWqx7M4F
muFq3Y5x6W7Gkp5oadHi+mLvXxrvSa1NpVBXizsmFI4DMEGhGDQj4dBXXB+tYsns
ojibzPp6iWrEoqg/AoDAldcIyJ8ku6d2UgSjzzX93oVv7u9nECbtSlKCXPtUmkxs
WHedvSrDj2A5hO8zsEZbItIOhGIIe2FB1Vpo1M9RMCOkWxi787fySsHmdE8S3cM/
pbwNf1afsBtBvznI9Cl8HCJhx9LWq1vkB+xb3szgrrbO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:37 2024 by rpki-client on console-ams.rpki-client.org