Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/M47juI1TOAF6gzhBCIKPeNp1fQo.roa
File:                     M47juI1TOAF6gzhBCIKPeNp1fQo.roa (raw, json)
Hash identifier:          B4/+M4M3rd3LzIMaaZYMYQjVOYkAQzwajXKsU0mjYN0=
Subject key identifier:   33:8E:E3:B8:8D:53:38:01:7A:83:38:41:08:82:8F:78:DA:75:7D:0A
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       018679AF9B7B47603FACE1FC824097B34BF1
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/M47juI1TOAF6gzhBCIKPeNp1fQo.roa
Signing time:             Wed 22 Feb 2023 15:13:17 +0000
ROA not before:           Wed 22 Feb 2023 15:13:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        45.155.64.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:79:af:9b:7b:47:60:3f:ac:e1:fc:82:40:97:b3:4b:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Feb 22 15:13:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=338ee3b88d5338017a83384108828f78da757d0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bf:5d:63:ca:e4:bd:d0:d1:1b:5e:1f:70:3e:
                    a2:bf:76:14:73:bf:2b:5c:bd:3c:70:cb:80:ba:6a:
                    90:8e:e5:3e:9e:29:92:19:6a:8f:bd:3a:f4:1f:b4:
                    61:33:5a:ac:88:fb:7e:61:1f:d4:27:ac:ec:57:c3:
                    4e:be:13:13:de:47:60:d0:36:37:4a:cc:6e:89:36:
                    54:e0:1f:61:f2:ba:2a:43:ca:b1:fe:50:e3:41:6e:
                    41:6d:8b:32:48:d0:10:46:59:1a:d8:4f:f9:ed:19:
                    b0:7c:e2:6b:ae:9f:f9:42:0e:85:e1:53:6c:02:80:
                    fd:60:6f:6e:41:5e:04:5e:78:aa:7d:a3:7e:63:82:
                    19:e5:33:7c:3f:76:4f:a9:f1:43:76:3b:2e:46:fd:
                    0b:a0:a7:25:e0:3f:9d:7b:b3:a5:48:92:cc:97:45:
                    11:76:80:f3:89:67:80:ed:da:a0:7f:70:88:08:92:
                    03:79:6d:14:da:c4:ff:25:9a:f1:78:57:cf:c5:3f:
                    a1:fb:88:da:7a:5e:14:22:ef:53:dc:cd:b5:72:2b:
                    b2:dd:e6:55:b8:1a:3c:85:57:1e:d7:fe:9e:40:72:
                    a4:d9:4c:e9:67:ef:06:97:f2:99:ab:2a:80:4a:a3:
                    06:1c:d0:dc:74:de:5e:15:7b:c0:c4:ed:ff:90:45:
                    5a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:8E:E3:B8:8D:53:38:01:7A:83:38:41:08:82:8F:78:DA:75:7D:0A
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/M47juI1TOAF6gzhBCIKPeNp1fQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:eb:7e:b2:7d:67:b1:79:31:be:47:d3:63:0d:10:82:2b:b5:
         3d:b9:0c:23:7a:7d:0c:2e:90:f6:be:f8:76:16:2c:b6:db:74:
         49:fc:04:48:b1:e6:c5:d7:e0:86:ae:36:d8:4e:d4:28:3c:6d:
         68:15:de:70:00:5f:c8:a1:0b:22:bb:d7:bc:e1:40:66:fa:52:
         76:94:76:96:98:0b:52:29:09:d4:ca:e3:6c:89:a3:1c:93:38:
         00:2f:0a:66:a8:e9:da:ae:42:74:ef:f1:6d:a9:c5:b7:05:67:
         0d:39:d6:ec:c5:70:2a:61:67:3f:9e:45:69:c3:6d:ca:d9:fd:
         aa:5d:7a:4b:c5:c8:d8:db:ef:d8:24:e3:2f:09:ce:7f:07:24:
         95:b8:6c:50:93:a5:ba:e0:b5:45:8b:6f:29:f9:35:ef:54:3e:
         8a:9b:1e:79:94:05:89:f1:23:e7:97:fe:99:34:af:f0:ce:c7:
         57:56:0c:5d:b9:0a:13:48:cd:c7:eb:2d:da:c7:98:84:9c:52:
         e1:a1:89:2f:e0:cf:69:58:7e:f5:a8:95:3b:c5:48:8e:ee:26:
         2e:15:ad:5d:45:70:39:b9:48:02:dc:44:45:bb:2c:29:1b:92:
         ec:b9:34:98:75:c8:41:81:dc:21:3f:f0:62:f7:be:2a:e4:02:
         87:5a:25:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ5r5t7R2A/rOH8gkCXs0vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwMjIyMTUxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhlZTNiODhkNTMzODAxN2E4MzM4NDEwODgyOGY3OGRhNzU3ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs79dY8rkvdDRG14fcD6iv3YUc78r
XL08cMuAumqQjuU+nimSGWqPvTr0H7RhM1qsiPt+YR/UJ6zsV8NOvhMT3kdg0DY3
SsxuiTZU4B9h8roqQ8qx/lDjQW5BbYsySNAQRlka2E/57RmwfOJrrp/5Qg6F4VNs
AoD9YG9uQV4EXniqfaN+Y4IZ5TN8P3ZPqfFDdjsuRv0LoKcl4D+de7OlSJLMl0UR
doDziWeA7dqgf3CICJIDeW0U2sT/JZrxeFfPxT+h+4jael4UIu9T3M21ciuy3eZV
uBo8hVce1/6eQHKk2UzpZ+8Gl/KZqyqASqMGHNDcdN5eFXvAxO3/kEVaJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDOO47iNUzgBeoM4QQiCj3jadX0KMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvTTQ3anVJMVRPQUY2Z3poQkNJS1BlTnAxZlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZtAMA0G
CSqGSIb3DQEBCwUAA4IBAQBB636yfWexeTG+R9NjDRCCK7U9uQwjen0MLpD2vvh2
Fiy223RJ/ARIsebF1+CGrjbYTtQoPG1oFd5wAF/IoQsiu9e84UBm+lJ2lHaWmAtS
KQnUyuNsiaMckzgALwpmqOnarkJ07/FtqcW3BWcNOdbsxXAqYWc/nkVpw23K2f2q
XXpLxcjY2+/YJOMvCc5/BySVuGxQk6W64LVFi28p+TXvVD6Kmx55lAWJ8SPnl/6Z
NK/wzsdXVgxduQoTSM3H6y3ax5iEnFLhoYkv4M9pWH71qJU7xUiO7iYuFa1dRXA5
uUgC3ERFuywpG5LsuTSYdchBgdwhP/Bi974q5AKHWiUU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org