Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/44ce44-e71c-42a4-b6ce-8830bbb4321b/1/msAxc7YOiPElPcVwh-pvd95z5nI.roa
File:                     msAxc7YOiPElPcVwh-pvd95z5nI.roa (raw, json)
Hash identifier:          qdNV3HGdRHwKWk5DG3RLU+deIgAusYf9Ax2JZmBsgjw=
Subject key identifier:   9A:C0:31:73:B6:0E:88:F1:25:3D:C5:70:87:EA:6F:77:DE:73:E6:72
Certificate issuer:       /CN=ba9614d1d5f1cc5d6e1ec530aa048ab247abfe88
Certificate serial:       67E32F
Authority key identifier: BA:96:14:D1:D5:F1:CC:5D:6E:1E:C5:30:AA:04:8A:B2:47:AB:FE:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upYU0dXxzF1uHsUwqgSKsker_og.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/44ce44-e71c-42a4-b6ce-8830bbb4321b/1/msAxc7YOiPElPcVwh-pvd95z5nI.roa
Signing time:             Sat 01 Jan 2022 03:53:15 +0000
ROA not before:           Sat 01 Jan 2022 03:53:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        146.19.148.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6808367 (0x67e32f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9614d1d5f1cc5d6e1ec530aa048ab247abfe88
        Validity
            Not Before: Jan  1 03:53:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ac03173b60e88f1253dc57087ea6f77de73e672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:89:01:40:66:9e:47:1e:74:5b:18:8c:16:f5:
                    57:24:17:04:80:31:5a:6b:98:88:6b:eb:1e:ff:dd:
                    d5:17:f6:cc:5a:69:92:2d:58:88:67:8b:44:15:aa:
                    c8:b4:47:c8:14:9a:5d:79:7c:63:b7:b6:ef:10:6b:
                    fd:a3:f0:58:36:ce:12:ce:dd:55:51:fc:61:8a:9a:
                    4d:03:ed:cf:4a:f4:c4:48:9c:9a:a0:32:14:0d:50:
                    49:7d:3a:8e:6d:b2:14:db:bb:3a:44:23:69:3e:a3:
                    02:df:1e:d8:53:82:cf:33:29:86:5a:78:c6:20:65:
                    f0:5a:a3:35:67:f6:65:c9:f2:42:c2:d5:12:ea:72:
                    ac:b2:5a:29:39:70:33:48:b6:7e:a1:9e:42:24:57:
                    f2:5b:a1:93:0d:b0:dd:23:b1:bc:a6:d4:8e:f6:62:
                    2e:f1:99:13:ba:50:14:f4:bc:2f:64:89:e0:2f:5c:
                    8e:be:8e:bd:a3:cc:fb:49:c8:1f:1f:60:14:58:bf:
                    4e:dc:82:9e:5a:dc:8f:16:34:a0:c6:d5:ee:74:ce:
                    0f:38:e8:d0:d0:4c:2c:98:c3:ad:0c:49:3a:93:46:
                    35:15:4f:8d:c7:7a:69:a9:85:e8:41:46:bc:d5:e4:
                    c4:f3:b7:60:61:f6:16:5e:88:61:5d:e2:26:a9:97:
                    f6:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:C0:31:73:B6:0E:88:F1:25:3D:C5:70:87:EA:6F:77:DE:73:E6:72
            X509v3 Authority Key Identifier:
                keyid:BA:96:14:D1:D5:F1:CC:5D:6E:1E:C5:30:AA:04:8A:B2:47:AB:FE:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upYU0dXxzF1uHsUwqgSKsker_og.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44ce44-e71c-42a4-b6ce-8830bbb4321b/1/msAxc7YOiPElPcVwh-pvd95z5nI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44ce44-e71c-42a4-b6ce-8830bbb4321b/1/upYU0dXxzF1uHsUwqgSKsker_og.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:db:10:99:60:66:1c:c2:9b:2b:da:ba:85:e3:e0:70:b5:2c:
         b2:db:68:9a:eb:83:df:59:35:37:53:ff:f4:d0:93:68:b9:92:
         a9:2c:09:4c:01:97:40:2f:b7:07:7a:87:e3:21:25:a8:1f:b9:
         90:5d:3a:e9:35:99:03:4b:40:d0:9b:64:a0:7b:04:06:6b:a8:
         8b:b6:68:24:1d:52:ea:30:5b:23:b1:5c:22:a3:eb:8a:2e:19:
         08:5e:07:0f:ed:02:f1:50:29:0f:04:26:ba:ba:b9:b3:43:50:
         e9:de:ef:85:2b:a4:35:d7:e8:07:88:4c:19:5a:30:60:9c:50:
         47:ab:e5:41:cd:78:df:58:fd:3e:f0:38:d4:ed:77:0a:09:9a:
         c2:a8:cf:5f:e3:da:7e:92:25:93:66:6e:3a:61:c1:ae:1b:e6:
         c7:aa:e6:d8:d5:0a:bc:da:e3:48:69:bd:ec:6b:ab:c0:6e:55:
         bb:1f:c2:56:c0:62:25:19:3a:bf:05:58:b4:87:bb:51:c8:0a:
         29:6c:32:14:6a:69:7e:4c:91:c5:81:f9:b3:81:ac:d7:ef:5d:
         28:e6:ae:ec:02:82:84:7d:92:57:e2:e5:07:f8:96:59:51:28:
         80:4c:e4:6e:58:d5:12:a5:9b:15:97:32:29:6e:bf:4f:a5:21:
         f1:12:59:5c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDZ+MvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
OTYxNGQxZDVmMWNjNWQ2ZTFlYzUzMGFhMDQ4YWIyNDdhYmZlODgwHhcNMjIwMTAx
MDM1MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YWMwMzE3M2I2MGU4
OGYxMjUzZGM1NzA4N2VhNmY3N2RlNzNlNjcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqIkBQGaeRx50WxiMFvVXJBcEgDFaa5iIa+se/93VF/bMWmmS
LViIZ4tEFarItEfIFJpdeXxjt7bvEGv9o/BYNs4Szt1VUfxhippNA+3PSvTESJya
oDIUDVBJfTqObbIU27s6RCNpPqMC3x7YU4LPMymGWnjGIGXwWqM1Z/ZlyfJCwtUS
6nKsslopOXAzSLZ+oZ5CJFfyW6GTDbDdI7G8ptSO9mIu8ZkTulAU9LwvZIngL1yO
vo69o8z7ScgfH2AUWL9O3IKeWtyPFjSgxtXudM4POOjQ0EwsmMOtDEk6k0Y1FU+N
x3ppqYXoQUa81eTE87dgYfYWXohhXeImqZf2TQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJrAMXO2DojxJT3FcIfqb3fec+ZyMB8GA1UdIwQYMBaAFLqWFNHV8cxdbh7F
MKoEirJHq/6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dXBZVTBkWHh6RjF1SHNVd3FnU0tza2VyX29nLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xYS80NGNlNDQtZTcxYy00MmE0LWI2Y2UtODgzMGJiYjQzMjFiLzEv
bXNBeGM3WU9pUEVsUGNWd2gtcHZkOTV6NW5JLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80
NGNlNDQtZTcxYy00MmE0LWI2Y2UtODgzMGJiYjQzMjFiLzEvdXBZVTBkWHh6RjF1
SHNVd3FnU0tza2VyX29nLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOUMA0GCSqGSIb3DQEBCwUAA4IB
AQAk2xCZYGYcwpsr2rqF4+BwtSyy22ia64PfWTU3U//00JNouZKpLAlMAZdAL7cH
eofjISWoH7mQXTrpNZkDS0DQm2SgewQGa6iLtmgkHVLqMFsjsVwio+uKLhkIXgcP
7QLxUCkPBCa6urmzQ1Dp3u+FK6Q11+gHiEwZWjBgnFBHq+VBzXjfWP0+8DjU7XcK
CZrCqM9f49p+kiWTZm46YcGuG+bHqubY1Qq82uNIab3sa6vAblW7H8JWwGIlGTq/
BVi0h7tRyAopbDIUaml+TJHFgfmzgazX710o5q7sAoKEfZJX4uUH+JZZUSiATORu
WNUSpZsVlzIpbr9PpSHxEllc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org