Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/wQktIpkFfFgtaazIjQ666l8xIOY.roa
File:                     wQktIpkFfFgtaazIjQ666l8xIOY.roa (raw, json)
Hash identifier:          tPpOXW4MElE8cDinA/8m5nP041n383511U7bi0Ux3BQ=
Subject key identifier:   C1:09:2D:22:99:05:7C:58:2D:69:AC:C8:8D:0E:BA:EA:5F:31:20:E6
Certificate issuer:       /CN=226bcc0f87b32f74b838dc1f24d28e5823f60ff7
Certificate serial:       01857039A49B7A59131062723F23782E5F2E
Authority key identifier: 22:6B:CC:0F:87:B3:2F:74:B8:38:DC:1F:24:D2:8E:58:23:F6:0F:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ImvMD4ezL3S4ONwfJNKOWCP2D_c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/wQktIpkFfFgtaazIjQ666l8xIOY.roa
Signing time:             Mon 02 Jan 2023 02:05:03 +0000
ROA not before:           Mon 02 Jan 2023 02:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:b8c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:a4:9b:7a:59:13:10:62:72:3f:23:78:2e:5f:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=226bcc0f87b32f74b838dc1f24d28e5823f60ff7
        Validity
            Not Before: Jan  2 02:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1092d2299057c582d69acc88d0ebaea5f3120e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b2:ff:96:16:b0:f0:c9:79:42:8f:fe:0c:a9:
                    ab:19:3c:43:a7:06:6a:59:2b:4b:4d:aa:5f:1f:84:
                    2b:f7:f7:c6:fb:a9:c9:bd:8b:bf:7b:a2:83:80:31:
                    ac:c9:29:89:c8:31:96:ca:dc:ad:a5:a6:96:9b:80:
                    32:cd:2f:77:34:68:6a:78:f3:8f:f9:22:fb:77:f3:
                    a9:7c:0a:92:df:92:cd:56:22:d5:f4:89:71:b0:a1:
                    e8:15:21:aa:66:4b:d9:3c:a2:74:48:22:80:f3:63:
                    22:75:29:55:9d:d0:2c:3c:8b:d0:bb:0e:5c:8d:c6:
                    aa:60:52:a9:81:4e:95:f3:d9:72:f7:fb:d2:d1:93:
                    c0:1b:72:61:13:61:ef:83:18:e9:13:fe:11:7b:85:
                    33:c9:4c:98:b0:93:c2:49:53:a8:25:26:f3:44:ee:
                    ae:cb:0e:20:b3:92:c6:ad:90:22:9b:e1:10:24:96:
                    d2:f1:80:08:0a:c6:00:fe:b1:90:89:14:e2:bc:5f:
                    ea:03:e8:de:59:8c:2a:68:67:02:92:61:bc:49:b2:
                    0d:01:ab:00:9e:3b:39:e7:26:2d:22:ef:3e:97:61:
                    36:26:ea:32:ce:df:c8:0f:7e:b8:3f:17:7a:ad:18:
                    81:8f:d2:a5:c1:df:c6:33:52:82:38:cf:e5:b4:4c:
                    8a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:09:2D:22:99:05:7C:58:2D:69:AC:C8:8D:0E:BA:EA:5F:31:20:E6
            X509v3 Authority Key Identifier:
                keyid:22:6B:CC:0F:87:B3:2F:74:B8:38:DC:1F:24:D2:8E:58:23:F6:0F:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ImvMD4ezL3S4ONwfJNKOWCP2D_c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/wQktIpkFfFgtaazIjQ666l8xIOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/ImvMD4ezL3S4ONwfJNKOWCP2D_c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:b8c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7a:4b:8d:81:d3:3c:6f:d5:12:d6:20:91:d8:8e:b5:73:a1:27:
         ea:fb:0e:2c:d5:a1:09:2c:21:40:8f:59:e8:f0:c6:ca:4b:4e:
         8e:8f:cb:f7:8d:c0:cd:5b:f8:64:b7:db:1d:e2:05:1d:e5:2d:
         11:07:6f:8c:4b:69:86:ee:91:87:82:35:56:9e:45:6e:78:59:
         84:86:95:52:2a:df:e8:c7:c4:a2:55:fd:9e:92:98:b5:e6:52:
         f2:41:16:b5:ae:11:97:81:6b:a6:0e:5b:0f:d7:95:37:61:db:
         82:f8:72:c1:9f:31:fe:33:78:5b:28:75:bd:71:71:89:f6:c9:
         ff:a0:00:27:81:45:72:c6:2b:16:44:b9:59:92:2d:2a:ee:06:
         bd:7b:80:6b:d3:35:ef:76:7c:77:2a:28:de:c5:76:ca:38:97:
         9b:5f:c9:8d:d9:a8:c0:d8:14:ea:97:a0:de:e6:ba:3c:86:44:
         16:6c:d4:6f:bc:7a:a5:01:a1:34:18:8f:b2:41:2a:3a:0b:59:
         64:04:a6:8f:6b:39:4e:25:fa:77:d8:a1:a7:00:19:80:1c:4c:
         3b:9c:b7:ca:45:43:cd:84:21:d8:66:93:54:48:d8:ec:06:95:
         51:6c:39:91:1c:39:4d:ae:61:9a:48:e9:21:5c:c0:eb:f7:21:
         86:2d:38:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwOaSbelkTEGJyPyN4Ll8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNmJjYzBmODdiMzJmNzRiODM4ZGMxZjI0ZDI4ZTU4MjNm
NjBmZjcwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA5MmQyMjk5MDU3YzU4MmQ2OWFjYzg4ZDBlYmFlYTVmMzEyMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbL/lhaw8Ml5Qo/+DKmrGTxDpwZq
WStLTapfH4Qr9/fG+6nJvYu/e6KDgDGsySmJyDGWytytpaaWm4AyzS93NGhqePOP
+SL7d/OpfAqS35LNViLV9IlxsKHoFSGqZkvZPKJ0SCKA82MidSlVndAsPIvQuw5c
jcaqYFKpgU6V89ly9/vS0ZPAG3JhE2HvgxjpE/4Re4UzyUyYsJPCSVOoJSbzRO6u
yw4gs5LGrZAim+EQJJbS8YAICsYA/rGQiRTivF/qA+jeWYwqaGcCkmG8SbINAasA
njs55yYtIu8+l2E2Juoyzt/ID364Pxd6rRiBj9Klwd/GM1KCOM/ltEyKcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMEJLSKZBXxYLWmsyI0OuupfMSDmMB8GA1UdIwQY
MBaAFCJrzA+Hsy90uDjcHyTSjlgj9g/3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW12TUQ0ZXpMM1M0T053ZkpOS09XQ1AyRF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9mZTg5ODQtMjIxOC00MWJiLWI1ZmEt
NDNlNDJhZWQwOWU5LzEvd1FrdElwa0ZmRmd0YWF6SWpRNjY2bDh4SU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9mZTg5ODQtMjIxOC00MWJiLWI1ZmEtNDNlNDJhZWQwOWU5
LzEvSW12TUQ0ZXpMM1M0T053ZkpOS09XQ1AyRF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhG4wDAN
BgkqhkiG9w0BAQsFAAOCAQEAekuNgdM8b9US1iCR2I61c6En6vsOLNWhCSwhQI9Z
6PDGyktOjo/L943AzVv4ZLfbHeIFHeUtEQdvjEtphu6Rh4I1Vp5FbnhZhIaVUirf
6MfEolX9npKYteZS8kEWta4Rl4Frpg5bD9eVN2HbgvhywZ8x/jN4Wyh1vXFxifbJ
/6AAJ4FFcsYrFkS5WZItKu4GvXuAa9M173Z8dyoo3sV2yjiXm1/JjdmowNgU6peg
3ua6PIZEFmzUb7x6pQGhNBiPskEqOgtZZASmj2s5TiX6d9ihpwAZgBxMO5y3ykVD
zYQh2GaTVEjY7AaVUWw5kRw5Ta5hmkjpIVzA6/chhi041g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:53 2024 by rpki-client on console-ams.rpki-client.org