Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/1c9743-546b-4c6d-807d-e3ea6998d42a/1/2MWypcHzupdDRbNDT5fczr8X4fE.roa
File:                     2MWypcHzupdDRbNDT5fczr8X4fE.roa (raw, json)
Hash identifier:          MOq+o+h30UhFUD9gH9FZr/Y82Aa0grl+ODowKbPdlpo=
Subject key identifier:   D8:C5:B2:A5:C1:F3:BA:97:43:45:B3:43:4F:97:DC:CE:BF:17:E1:F1
Certificate issuer:       /CN=f7a0fdd85292aee4f8e41ae95a7027a40c0f544a
Certificate serial:       01857094F9E471AEC50F3390CB954822D2ED
Authority key identifier: F7:A0:FD:D8:52:92:AE:E4:F8:E4:1A:E9:5A:70:27:A4:0C:0F:54:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/96D92FKSruT45BrpWnAnpAwPVEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/1c9743-546b-4c6d-807d-e3ea6998d42a/1/2MWypcHzupdDRbNDT5fczr8X4fE.roa
Signing time:             Mon 02 Jan 2023 03:44:49 +0000
ROA not before:           Mon 02 Jan 2023 03:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        84.246.85.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:f9:e4:71:ae:c5:0f:33:90:cb:95:48:22:d2:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7a0fdd85292aee4f8e41ae95a7027a40c0f544a
        Validity
            Not Before: Jan  2 03:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8c5b2a5c1f3ba974345b3434f97dccebf17e1f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:26:ba:b6:03:dd:4d:ce:10:4c:18:15:19:7a:
                    3d:95:3e:63:3a:a2:f9:ed:19:65:27:22:83:db:f6:
                    90:33:f4:55:2c:20:ee:0b:99:5f:12:35:3c:38:6c:
                    be:a3:5e:fe:f9:8b:65:48:78:48:66:0b:58:c6:9d:
                    96:73:6a:7a:4a:84:e3:8a:e4:77:60:e2:67:10:34:
                    96:a4:54:61:5c:5a:bd:dc:46:0a:ae:19:3b:56:e3:
                    c3:ac:24:6c:ef:2c:fe:cd:6e:ea:26:9e:93:d6:a7:
                    b1:60:06:7f:11:49:54:35:d5:79:57:72:c6:7e:fd:
                    e1:d9:fa:02:5a:a6:1a:3e:0c:c9:ee:51:7f:89:25:
                    c2:11:61:b0:7b:6c:90:12:88:3c:24:fb:1d:b7:a8:
                    eb:ed:c1:7d:8f:64:57:06:6f:f9:3d:aa:c5:a0:ae:
                    68:11:f8:d3:c1:7f:fa:f0:dc:84:79:1c:51:85:1d:
                    5a:51:d2:0c:16:40:ea:fa:af:79:69:5b:cb:85:0d:
                    09:0c:06:f0:a8:2f:c8:ae:74:86:4c:ab:17:9c:58:
                    d9:7b:f7:11:2a:52:2e:e3:08:70:80:10:88:cc:54:
                    e5:73:67:c5:86:7a:51:9d:cf:f3:b3:1f:5d:c7:cc:
                    09:35:c0:8f:e3:63:1a:1b:8d:bf:fb:73:c9:e0:24:
                    48:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:C5:B2:A5:C1:F3:BA:97:43:45:B3:43:4F:97:DC:CE:BF:17:E1:F1
            X509v3 Authority Key Identifier:
                keyid:F7:A0:FD:D8:52:92:AE:E4:F8:E4:1A:E9:5A:70:27:A4:0C:0F:54:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96D92FKSruT45BrpWnAnpAwPVEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/1c9743-546b-4c6d-807d-e3ea6998d42a/1/2MWypcHzupdDRbNDT5fczr8X4fE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/1c9743-546b-4c6d-807d-e3ea6998d42a/1/96D92FKSruT45BrpWnAnpAwPVEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.246.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:11:09:5f:86:1a:a4:c5:ea:ea:4c:35:8a:8f:00:3a:3c:19:
         0f:43:71:60:87:cc:40:f5:65:6e:6b:83:10:41:42:99:35:9d:
         20:11:93:e4:b0:bd:4b:d1:10:f3:a3:f9:e5:3e:ca:42:77:4b:
         04:e6:59:f7:37:99:ab:03:99:fc:15:6b:b1:e2:70:0f:d2:0e:
         1a:b9:9a:9f:e6:5a:a6:f0:92:23:19:e8:84:32:89:99:bb:6d:
         61:bd:f2:5f:79:71:18:a8:8e:91:a4:76:08:5e:20:54:dd:3a:
         31:02:ed:7e:d5:56:12:fc:2b:4c:0f:5b:16:d8:d6:9b:3b:91:
         0b:e5:47:3a:94:ff:07:65:14:45:1e:5c:88:c7:c8:35:7b:6d:
         7e:00:a9:4b:39:10:15:14:6c:3b:0a:38:c7:29:3a:fc:73:81:
         ea:02:bd:a5:a3:8a:2a:ab:c8:81:f2:73:6f:55:cb:10:8a:16:
         c8:8f:1c:49:c5:b8:74:51:a1:a9:7d:be:9c:08:e6:38:1d:58:
         ee:2e:c1:17:7b:5c:be:88:cb:af:2d:3b:dc:e3:30:61:67:87:
         64:53:0c:8d:53:c0:dc:1b:4a:95:db:a6:d5:f5:6d:4c:3d:ba:
         93:00:08:09:b7:a6:04:55:d4:c7:76:31:af:94:a2:ae:bb:3d:
         54:83:22:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlPnkca7FDzOQy5VIItLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YTBmZGQ4NTI5MmFlZTRmOGU0MWFlOTVhNzAyN2E0MGMw
ZjU0NGEwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM1YjJhNWMxZjNiYTk3NDM0NWIzNDM0Zjk3ZGNjZWJmMTdlMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCa6tgPdTc4QTBgVGXo9lT5jOqL5
7RllJyKD2/aQM/RVLCDuC5lfEjU8OGy+o17++YtlSHhIZgtYxp2Wc2p6SoTjiuR3
YOJnEDSWpFRhXFq93EYKrhk7VuPDrCRs7yz+zW7qJp6T1qexYAZ/EUlUNdV5V3LG
fv3h2foCWqYaPgzJ7lF/iSXCEWGwe2yQEog8JPsdt6jr7cF9j2RXBm/5ParFoK5o
EfjTwX/68NyEeRxRhR1aUdIMFkDq+q95aVvLhQ0JDAbwqC/IrnSGTKsXnFjZe/cR
KlIu4whwgBCIzFTlc2fFhnpRnc/zsx9dx8wJNcCP42MaG42/+3PJ4CRI4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjFsqXB87qXQ0WzQ0+X3M6/F+HxMB8GA1UdIwQY
MBaAFPeg/dhSkq7k+OQa6VpwJ6QMD1RKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZEOTJGS1NydVQ0NUJycFduQW5wQXdQVkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8xYzk3NDMtNTQ2Yi00YzZkLTgwN2Qt
ZTNlYTY5OThkNDJhLzEvMk1XeXBjSHp1cGREUmJORFQ1ZmN6cjhYNGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8xYzk3NDMtNTQ2Yi00YzZkLTgwN2QtZTNlYTY5OThkNDJh
LzEvOTZEOTJGS1NydVQ0NUJycFduQW5wQXdQVkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPZVMA0G
CSqGSIb3DQEBCwUAA4IBAQBPEQlfhhqkxerqTDWKjwA6PBkPQ3Fgh8xA9WVua4MQ
QUKZNZ0gEZPksL1L0RDzo/nlPspCd0sE5ln3N5mrA5n8FWux4nAP0g4auZqf5lqm
8JIjGeiEMomZu21hvfJfeXEYqI6RpHYIXiBU3ToxAu1+1VYS/CtMD1sW2NabO5EL
5Uc6lP8HZRRFHlyIx8g1e21+AKlLORAVFGw7CjjHKTr8c4HqAr2lo4oqq8iB8nNv
VcsQihbIjxxJxbh0UaGpfb6cCOY4HVjuLsEXe1y+iMuvLTvc4zBhZ4dkUwyNU8Dc
G0qV26bV9W1MPbqTAAgJt6YEVdTHdjGvlKKuuz1UgyKP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org