Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/15b08a-0299-401a-947f-69967100f868/1/MH_kWZMqGUevIMvYqoMzGv1m7Uk.roa
File:                     MH_kWZMqGUevIMvYqoMzGv1m7Uk.roa (raw, json)
Hash identifier:          HnUICbbCAitDNfgijh02+tkk1pabsYCXTERFHO6coiQ=
Subject key identifier:   30:7F:E4:59:93:2A:19:47:AF:20:CB:D8:AA:83:33:1A:FD:66:ED:49
Certificate issuer:       /CN=e4adcd7a10cea1b5bd27ac8582e7d8062620dae7
Certificate serial:       01856C0124654CEF7646E9560C4878316417
Authority key identifier: E4:AD:CD:7A:10:CE:A1:B5:BD:27:AC:85:82:E7:D8:06:26:20:DA:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5K3NehDOobW9J6yFgufYBiYg2uc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/15b08a-0299-401a-947f-69967100f868/1/MH_kWZMqGUevIMvYqoMzGv1m7Uk.roa
Signing time:             Sun 01 Jan 2023 06:24:52 +0000
ROA not before:           Sun 01 Jan 2023 06:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        62.204.57.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:01:24:65:4c:ef:76:46:e9:56:0c:48:78:31:64:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4adcd7a10cea1b5bd27ac8582e7d8062620dae7
        Validity
            Not Before: Jan  1 06:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=307fe459932a1947af20cbd8aa83331afd66ed49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:81:8e:1c:52:7d:3c:26:57:50:e4:1c:7b:3c:
                    da:82:13:5a:43:7c:b1:af:dd:77:b7:86:ed:c0:e8:
                    b6:13:e7:1c:89:99:05:9d:54:04:e1:39:fc:42:07:
                    cc:52:8e:1e:7c:ab:41:c6:bd:2c:b1:50:b2:f9:6a:
                    13:3c:ad:5d:f2:c5:b1:22:29:17:cc:75:21:01:93:
                    4e:7c:65:a3:3a:f1:eb:9e:f6:a8:22:be:15:a7:da:
                    35:46:9a:70:a5:4b:8b:a1:ee:aa:53:d5:b4:dc:b8:
                    a3:a0:68:55:90:c0:a6:50:32:c2:9a:a4:95:93:c6:
                    fb:38:4b:41:12:3b:a2:46:be:29:a4:fb:20:27:0c:
                    c6:10:64:44:c8:33:9e:ad:bb:67:bb:90:f3:62:e4:
                    91:6b:ca:33:dc:fc:14:1c:ac:c3:59:fc:e9:0e:bf:
                    2e:82:8a:35:23:f8:a2:9a:be:fb:3f:af:9a:62:4b:
                    95:a5:71:2e:3b:73:bc:b8:81:6f:26:a7:64:e3:fb:
                    dd:6c:e4:bc:fc:69:2b:21:73:1e:e5:84:cb:53:f3:
                    7e:f3:24:44:68:49:fc:cf:57:0f:e3:ca:6f:ee:13:
                    d3:87:4e:c1:ef:83:92:39:12:bd:3d:fd:bf:b5:24:
                    ee:30:51:85:e9:63:db:48:e8:5e:c7:61:57:cc:f5:
                    e6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:7F:E4:59:93:2A:19:47:AF:20:CB:D8:AA:83:33:1A:FD:66:ED:49
            X509v3 Authority Key Identifier:
                keyid:E4:AD:CD:7A:10:CE:A1:B5:BD:27:AC:85:82:E7:D8:06:26:20:DA:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5K3NehDOobW9J6yFgufYBiYg2uc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/15b08a-0299-401a-947f-69967100f868/1/MH_kWZMqGUevIMvYqoMzGv1m7Uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/15b08a-0299-401a-947f-69967100f868/1/5K3NehDOobW9J6yFgufYBiYg2uc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:ed:f3:84:62:c1:14:60:0b:4c:5e:d4:19:3d:87:2e:d8:17:
         cb:60:39:b9:c6:01:37:36:af:af:2b:7b:71:d1:bb:79:1f:44:
         d0:2c:25:f0:4e:e9:9a:1a:7c:05:f1:1e:d8:86:e2:4b:93:b9:
         bd:0f:6f:52:1b:7c:63:fc:93:b2:bc:2a:d2:5f:4a:0f:8a:0a:
         b1:45:76:18:56:96:1a:b2:06:ea:9d:55:50:20:28:9b:a8:86:
         0b:99:1c:0f:e8:ea:1f:ac:93:ed:aa:50:b6:e1:47:c6:e4:08:
         7c:67:81:8c:4a:13:38:77:9d:53:b3:ca:32:18:f8:92:0a:e1:
         22:93:ec:24:e2:06:37:75:f1:68:8d:5b:d8:d3:2e:18:65:58:
         fa:c8:45:e2:e1:62:78:40:65:0f:24:b9:4c:e0:4b:0f:f6:bb:
         eb:93:14:12:66:5c:cf:3f:09:02:88:c7:23:34:11:88:33:bb:
         16:e5:e3:2e:05:24:5f:b2:f4:51:e5:b4:4b:d3:f1:cf:f0:2f:
         98:4a:74:fe:e2:94:16:e9:b2:10:29:dd:01:a1:13:e6:6d:53:
         05:ea:5b:75:62:3f:3f:bd:46:6d:e6:ad:52:b5:18:ab:7a:fa:
         b5:c9:1a:b9:66:5d:9f:60:a5:98:1f:97:98:e8:ca:6e:21:9e:
         f7:fd:30:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsASRlTO92RulWDEh4MWQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YWRjZDdhMTBjZWExYjViZDI3YWM4NTgyZTdkODA2MjYy
MGRhZTcwHhcNMjMwMTAxMDYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdmZTQ1OTkzMmExOTQ3YWYyMGNiZDhhYTgzMzMxYWZkNjZlZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroGOHFJ9PCZXUOQcezzaghNaQ3yx
r913t4btwOi2E+cciZkFnVQE4Tn8QgfMUo4efKtBxr0ssVCy+WoTPK1d8sWxIikX
zHUhAZNOfGWjOvHrnvaoIr4Vp9o1RppwpUuLoe6qU9W03LijoGhVkMCmUDLCmqSV
k8b7OEtBEjuiRr4ppPsgJwzGEGREyDOerbtnu5DzYuSRa8oz3PwUHKzDWfzpDr8u
goo1I/iimr77P6+aYkuVpXEuO3O8uIFvJqdk4/vdbOS8/GkrIXMe5YTLU/N+8yRE
aEn8z1cP48pv7hPTh07B74OSORK9Pf2/tSTuMFGF6WPbSOhex2FXzPXmZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDB/5FmTKhlHryDL2KqDMxr9Zu1JMB8GA1UdIwQY
MBaAFOStzXoQzqG1vSeshYLn2AYmINrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUszTmVoRE9vYlc5SjZ5Rmd1ZllCaVlnMnVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xNWIwOGEtMDI5OS00MDFhLTk0N2Yt
Njk5NjcxMDBmODY4LzEvTUhfa1daTXFHVWV2SU12WXFvTXpHdjFtN1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xNWIwOGEtMDI5OS00MDFhLTk0N2YtNjk5NjcxMDBmODY4
LzEvNUszTmVoRE9vYlc5SjZ5Rmd1ZllCaVlnMnVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPsw5MA0G
CSqGSIb3DQEBCwUAA4IBAQCB7fOEYsEUYAtMXtQZPYcu2BfLYDm5xgE3Nq+vK3tx
0bt5H0TQLCXwTumaGnwF8R7YhuJLk7m9D29SG3xj/JOyvCrSX0oPigqxRXYYVpYa
sgbqnVVQICibqIYLmRwP6OofrJPtqlC24UfG5Ah8Z4GMShM4d51Ts8oyGPiSCuEi
k+wk4gY3dfFojVvY0y4YZVj6yEXi4WJ4QGUPJLlM4EsP9rvrkxQSZlzPPwkCiMcj
NBGIM7sW5eMuBSRfsvRR5bRL0/HP8C+YSnT+4pQW6bIQKd0BoRPmbVMF6lt1Yj8/
vUZt5q1StRirevq1yRq5Zl2fYKWYH5eY6MpuIZ73/TCQ
-----END CERTIFICATE-----
Generated at Fri Oct 20 07:44:25 2023 by rpki-client on console-ams.rpki-client.org