Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/jCUsyZcAQwE7r7SKNpBwmvPjwVM.roa
File:                     jCUsyZcAQwE7r7SKNpBwmvPjwVM.roa (raw, json)
Hash identifier:          ZpyMnUC+fzO5iGhByDFr77MVsTYXOOVzUVrQEQN7t7o=
Subject key identifier:   8C:25:2C:C9:97:00:43:01:3B:AF:B4:8A:36:90:70:9A:F3:E3:C1:53
Certificate issuer:       /CN=3bda90ce49ea0eae040d7588b86b22e2af3018ab
Certificate serial:       D8E517
Authority key identifier: 3B:DA:90:CE:49:EA:0E:AE:04:0D:75:88:B8:6B:22:E2:AF:30:18:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O9qQzknqDq4EDXWIuGsi4q8wGKs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/jCUsyZcAQwE7r7SKNpBwmvPjwVM.roa
Signing time:             Sun 13 Feb 2022 18:05:40 +0000
ROA not before:           Sun 13 Feb 2022 18:05:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        2a12:da00::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14214423 (0xd8e517)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bda90ce49ea0eae040d7588b86b22e2af3018ab
        Validity
            Not Before: Feb 13 18:05:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c252cc9970043013bafb48a3690709af3e3c153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1d:65:64:79:91:da:1c:fa:cb:53:01:7f:fc:
                    43:97:07:f2:c6:33:b9:7c:a0:e8:b2:2d:0f:65:39:
                    1f:9e:8f:9d:7c:21:3e:a5:64:67:b6:f7:40:06:bb:
                    46:55:c2:1a:27:4c:76:35:20:70:c2:be:e6:79:dc:
                    18:ae:82:78:09:a1:93:f2:05:9a:0a:bb:20:8a:38:
                    f4:91:5f:92:6a:36:bf:b9:61:bb:68:d0:ed:af:bb:
                    c6:57:91:0d:08:2e:84:af:39:fc:84:d2:f2:7e:41:
                    ed:e6:ef:f7:d9:23:0b:ed:7b:32:f7:41:a9:38:e4:
                    43:a4:ac:1c:4d:c0:c3:cd:a7:cf:e3:f9:88:0d:f5:
                    50:5c:96:59:0b:c9:d0:f5:e7:f5:53:4b:0b:86:b0:
                    40:fe:34:78:e4:ff:85:15:62:70:21:51:34:8a:db:
                    4e:92:7c:81:89:13:03:66:d1:f2:c6:42:fb:7d:5a:
                    13:69:6d:e9:b5:7d:f4:f6:85:d3:50:2d:f5:0f:e2:
                    af:9c:64:ad:36:49:12:80:c1:53:79:57:87:41:4e:
                    ed:46:e5:d0:6b:59:41:4a:42:de:08:99:d3:a7:92:
                    54:bd:a1:f8:bc:3f:8b:24:63:ef:6a:25:3f:b2:fb:
                    8f:cd:52:5d:e7:85:59:53:df:26:a1:ba:23:d8:71:
                    2d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:25:2C:C9:97:00:43:01:3B:AF:B4:8A:36:90:70:9A:F3:E3:C1:53
            X509v3 Authority Key Identifier:
                keyid:3B:DA:90:CE:49:EA:0E:AE:04:0D:75:88:B8:6B:22:E2:AF:30:18:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9qQzknqDq4EDXWIuGsi4q8wGKs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/jCUsyZcAQwE7r7SKNpBwmvPjwVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/9878bf-999b-4580-aa31-5b96133c6c2f/1/O9qQzknqDq4EDXWIuGsi4q8wGKs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:da00::/29

    Signature Algorithm: sha256WithRSAEncryption
         96:ce:af:7a:e8:11:ac:1d:ab:13:0b:c8:44:51:22:49:93:3a:
         f1:04:f6:b3:43:4e:2b:8b:3f:91:b5:e7:48:fb:b6:d0:49:9f:
         bf:f7:e9:3b:29:6e:31:4a:3c:68:9b:b0:12:46:60:80:c1:91:
         ad:7a:05:18:80:6c:45:54:dc:97:de:8b:da:6c:fa:51:90:22:
         39:20:c4:5f:5a:26:8c:64:bf:6f:36:6e:ac:ed:0b:15:2b:84:
         f2:cb:82:1a:7b:a4:09:57:90:c6:e2:79:bb:9d:f3:a8:f1:b1:
         0c:f3:73:fb:84:75:8b:5c:f0:99:ba:88:c5:fa:45:20:70:b9:
         6b:a9:38:f4:7a:21:27:ed:ce:5e:10:f9:3c:77:bb:7a:12:6d:
         7a:0c:45:bf:78:1b:ea:f2:0a:d4:12:6b:65:11:8d:29:19:4e:
         54:4f:76:66:e8:84:a5:6e:89:f5:d2:48:86:ee:3c:4b:29:54:
         f7:cd:07:c6:cd:0d:40:67:eb:99:0c:1d:a2:ff:85:e1:b4:e9:
         87:03:02:e6:fb:91:ca:bd:7b:80:ec:d7:80:18:20:1c:da:d3:
         a7:b3:a8:bb:13:af:8d:b1:24:c7:5a:aa:24:6b:52:f9:d6:1c:
         a2:ec:44:73:50:c7:0e:d6:14:90:b2:2e:3c:e0:c1:12:b3:4d:
         96:2a:f6:3e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEANjlFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmRhOTBjZTQ5ZWEwZWFlMDQwZDc1ODhiODZiMjJlMmFmMzAxOGFiMB4XDTIyMDIx
MzE4MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMyNTJjYzk5NzAw
NDMwMTNiYWZiNDhhMzY5MDcwOWFmM2UzYzE1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYdZWR5kdoc+stTAX/8Q5cH8sYzuXyg6LItD2U5H56PnXwh
PqVkZ7b3QAa7RlXCGidMdjUgcMK+5nncGK6CeAmhk/IFmgq7IIo49JFfkmo2v7lh
u2jQ7a+7xleRDQguhK85/ITS8n5B7ebv99kjC+17MvdBqTjkQ6SsHE3Aw82nz+P5
iA31UFyWWQvJ0PXn9VNLC4awQP40eOT/hRVicCFRNIrbTpJ8gYkTA2bR8sZC+31a
E2lt6bV99PaF01At9Q/ir5xkrTZJEoDBU3lXh0FO7Ubl0GtZQUpC3giZ06eSVL2h
+Lw/iyRj72olP7L7j81SXeeFWVPfJqG6I9hxLV8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSMJSzJlwBDATuvtIo2kHCa8+PBUzAfBgNVHSMEGDAWgBQ72pDOSeoOrgQN
dYi4ayLirzAYqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L085cVF6a25xRHE0RURYV0l1R3NpNHE4d0dLcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvOTg3OGJmLTk5OWItNDU4MC1hYTMxLTViOTYxMzNjNmMyZi8x
L2pDVXN5WmNBUXdFN3I3U0tOcEJ3bXZQandWTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
OTg3OGJmLTk5OWItNDU4MC1hYTMxLTViOTYxMzNjNmMyZi8xL085cVF6a25xRHE0
RURYV0l1R3NpNHE4d0dLcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoS2gAwDQYJKoZIhvcNAQELBQAD
ggEBAJbOr3roEawdqxMLyERRIkmTOvEE9rNDTiuLP5G150j7ttBJn7/36TspbjFK
PGibsBJGYIDBka16BRiAbEVU3Jfei9ps+lGQIjkgxF9aJoxkv282bqztCxUrhPLL
ghp7pAlXkMbiebud86jxsQzzc/uEdYtc8Jm6iMX6RSBwuWupOPR6ISftzl4Q+Tx3
u3oSbXoMRb94G+ryCtQSa2URjSkZTlRPdmbohKVuifXSSIbuPEspVPfNB8bNDUBn
65kMHaL/heG06YcDAub7kcq9e4Ds14AYIBza06ezqLsTr42xJMdaqiRrUvnWHKLs
RHNQxw7WFJCyLjzgwRKzTZYq9j4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:54 2024 by rpki-client on console-fra.rpki-client.org