Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c050ea-0e26-4ef2-9fb9-345554f65a24/1/sqhyvQG9wkt9zroKTZM9bUYSU_s.roa
File:                     sqhyvQG9wkt9zroKTZM9bUYSU_s.roa (raw, json)
Hash identifier:          rJLNZwIi/Q13jgQqiXLkq0F3xGG+Q3LwSj9eE+uiagQ=
Subject key identifier:   B2:A8:72:BD:01:BD:C2:4B:7D:CE:BA:0A:4D:93:3D:6D:46:12:53:FB
Certificate issuer:       /CN=f5145b1a2f681355028cb62ab65781181b18664a
Certificate serial:       01856FE724D29E91E49C87E54DB5231613DD
Authority key identifier: F5:14:5B:1A:2F:68:13:55:02:8C:B6:2A:B6:57:81:18:1B:18:66:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9RRbGi9oE1UCjLYqtleBGBsYZko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/c050ea-0e26-4ef2-9fb9-345554f65a24/1/sqhyvQG9wkt9zroKTZM9bUYSU_s.roa
Signing time:             Mon 02 Jan 2023 00:34:57 +0000
ROA not before:           Mon 02 Jan 2023 00:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42283
IP address blocks:        2001:4bc0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e7:24:d2:9e:91:e4:9c:87:e5:4d:b5:23:16:13:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5145b1a2f681355028cb62ab65781181b18664a
        Validity
            Not Before: Jan  2 00:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2a872bd01bdc24b7dceba0a4d933d6d461253fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a8:1c:ea:d6:27:e1:70:67:5f:c7:41:b2:ac:
                    d3:31:c8:ad:8c:b2:19:a2:94:95:0d:92:76:c7:2e:
                    6e:9e:a6:92:6b:18:e0:d4:00:9f:31:7b:9b:8a:63:
                    51:e4:51:45:63:f7:3d:32:de:e1:90:82:cc:19:d8:
                    f5:5a:27:10:82:c9:71:85:54:be:ec:5e:ad:79:9c:
                    ab:6a:01:3d:78:ab:7b:07:42:4f:98:bb:1f:28:e8:
                    e9:74:c9:97:b0:f6:46:3e:22:b6:81:16:e7:b0:cc:
                    3a:16:35:60:79:7d:9a:87:1d:b4:af:80:32:5e:69:
                    22:23:69:9f:9b:4d:e9:51:50:c7:8c:f3:22:59:42:
                    b6:be:0b:14:17:4b:be:4a:ca:78:cd:53:e3:38:6c:
                    15:2c:6a:9f:b8:4b:ec:bc:1e:cc:7b:40:f1:f3:21:
                    32:98:19:80:49:dc:df:be:b5:d9:9f:17:a8:f2:4c:
                    64:f5:aa:99:0f:63:17:a0:af:1e:62:94:f6:4c:04:
                    a8:2f:83:5f:4b:34:1b:e2:7e:a2:30:ab:d5:1b:7d:
                    06:93:b5:53:32:1c:ac:a6:9c:36:cb:f7:98:85:71:
                    78:38:2c:7e:31:11:1f:6c:e5:3b:98:0b:a0:29:c9:
                    42:f8:b4:5b:ef:42:93:8f:29:77:82:52:ce:d2:13:
                    39:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:A8:72:BD:01:BD:C2:4B:7D:CE:BA:0A:4D:93:3D:6D:46:12:53:FB
            X509v3 Authority Key Identifier:
                keyid:F5:14:5B:1A:2F:68:13:55:02:8C:B6:2A:B6:57:81:18:1B:18:66:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RRbGi9oE1UCjLYqtleBGBsYZko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c050ea-0e26-4ef2-9fb9-345554f65a24/1/sqhyvQG9wkt9zroKTZM9bUYSU_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c050ea-0e26-4ef2-9fb9-345554f65a24/1/9RRbGi9oE1UCjLYqtleBGBsYZko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4bc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:c9:12:77:7e:e3:a2:e8:00:d2:0f:38:f5:6d:f6:e5:e8:03:
         a2:00:3b:0b:e9:cd:10:c3:fb:64:41:b2:19:ae:6e:68:56:13:
         da:34:ce:1b:40:fa:4f:f8:95:75:0d:72:8b:a5:05:51:8a:98:
         cc:f6:7e:9c:3c:51:af:8a:ab:e6:69:fd:8e:5f:ac:f8:44:45:
         7d:2f:0f:25:a6:95:5b:05:f5:2e:8f:b9:de:5c:5a:73:6f:82:
         7a:cc:90:fb:c1:77:67:ec:16:08:a7:c9:5c:d9:bb:e1:d1:e8:
         a6:b1:7d:80:bc:0b:d9:ca:85:d4:0e:56:de:66:70:10:42:7d:
         90:1e:70:c3:68:ac:55:97:90:8c:2c:48:97:10:ac:4b:34:6a:
         88:52:0b:ce:c8:6e:77:46:b5:a2:29:68:70:cb:e5:5f:13:eb:
         58:68:7d:a4:a5:db:67:34:c9:7a:22:96:17:0e:f8:df:97:66:
         ff:ba:1a:ed:e9:d0:1c:79:2d:0c:29:bd:a3:13:3e:cd:83:bb:
         4b:57:bb:3c:74:84:96:52:7c:44:ad:26:23:93:bc:b4:f7:91:
         30:e7:e7:a9:97:a2:65:61:37:6b:d3:89:ca:c0:cb:21:51:35:
         6e:5c:4c:a7:e5:1d:d2:21:c9:a8:20:ce:88:92:5e:96:d7:b4:
         00:a2:b7:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv5yTSnpHknIflTbUjFhPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTQ1YjFhMmY2ODEzNTUwMjhjYjYyYWI2NTc4MTE4MWIx
ODY2NGEwHhcNMjMwMTAyMDAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE4NzJiZDAxYmRjMjRiN2RjZWJhMGE0ZDkzM2Q2ZDQ2MTI1M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kgc6tYn4XBnX8dBsqzTMcitjLIZ
opSVDZJ2xy5unqaSaxjg1ACfMXubimNR5FFFY/c9Mt7hkILMGdj1WicQgslxhVS+
7F6teZyragE9eKt7B0JPmLsfKOjpdMmXsPZGPiK2gRbnsMw6FjVgeX2ahx20r4Ay
XmkiI2mfm03pUVDHjPMiWUK2vgsUF0u+Ssp4zVPjOGwVLGqfuEvsvB7Me0Dx8yEy
mBmASdzfvrXZnxeo8kxk9aqZD2MXoK8eYpT2TASoL4NfSzQb4n6iMKvVG30Gk7VT
Mhysppw2y/eYhXF4OCx+MREfbOU7mAugKclC+LRb70KTjyl3glLO0hM5OwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLKocr0BvcJLfc66Ck2TPW1GElP7MB8GA1UdIwQY
MBaAFPUUWxovaBNVAoy2KrZXgRgbGGZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJSYkdpOW9FMVVDakxZcXRsZUJHQnNZWmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jMDUwZWEtMGUyNi00ZWYyLTlmYjkt
MzQ1NTU0ZjY1YTI0LzEvc3FoeXZRRzl3a3Q5enJvS1RaTTliVVlTVV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jMDUwZWEtMGUyNi00ZWYyLTlmYjktMzQ1NTU0ZjY1YTI0
LzEvOVJSYkdpOW9FMVVDakxZcXRsZUJHQnNZWmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAFLwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGckSd37jougA0g849W325egDogA7C+nNEMP7ZEGy
Ga5uaFYT2jTOG0D6T/iVdQ1yi6UFUYqYzPZ+nDxRr4qr5mn9jl+s+ERFfS8PJaaV
WwX1Lo+53lxac2+CesyQ+8F3Z+wWCKfJXNm74dHoprF9gLwL2cqF1A5W3mZwEEJ9
kB5ww2isVZeQjCxIlxCsSzRqiFILzshud0a1oilocMvlXxPrWGh9pKXbZzTJeiKW
Fw7435dm/7oa7enQHHktDCm9oxM+zYO7S1e7PHSEllJ8RK0mI5O8tPeRMOfnqZei
ZWE3a9OJysDLIVE1blxMp+Ud0iHJqCDOiJJelte0AKK3ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:56 2024 by rpki-client on console-fra.rpki-client.org