Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RFtrtdazVNN252E3eE3Tqnnnkg4.roa
File:                     RFtrtdazVNN252E3eE3Tqnnnkg4.roa (raw, json)
Hash identifier:          A5RggaXkQi0pzot/Fp6dGL7PHUaOIvfkxX7rFBVzJ5U=
Subject key identifier:   44:5B:6B:B5:D6:B3:54:D3:76:E7:61:37:78:4D:D3:AA:79:E7:92:0E
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       01824D52B96CBB990219F72E712C562864BF
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RFtrtdazVNN252E3eE3Tqnnnkg4.roa
Signing time:             Sat 30 Jul 2022 04:17:23 +0000
ROA not before:           Sat 30 Jul 2022 04:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399641
IP address blocks:        45.155.67.0/24 maxlen: 24
                          45.155.66.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4d:52:b9:6c:bb:99:02:19:f7:2e:71:2c:56:28:64:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Jul 30 04:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=445b6bb5d6b354d376e76137784dd3aa79e7920e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ea:35:92:02:c6:ef:5a:99:47:6e:ca:6c:23:
                    a0:fc:55:cc:c9:47:83:2f:23:ce:8d:a1:39:ba:5a:
                    50:51:8c:13:4c:7b:ab:07:0b:3d:20:5c:dc:81:62:
                    21:0d:e9:fa:e4:42:82:9f:a9:2f:18:ae:15:92:1e:
                    d1:31:a6:16:e6:cd:7b:1e:2e:5c:1c:e0:98:81:af:
                    66:60:f9:19:8d:e1:00:40:9e:6b:81:68:5a:d8:7a:
                    54:cd:26:f5:f6:3c:ce:34:0c:0a:fb:5a:e1:f8:fe:
                    6d:7e:f5:19:58:8f:a8:b0:3c:9e:04:ee:96:b9:ce:
                    0b:77:be:df:0d:84:38:5f:39:1d:d1:22:21:29:e4:
                    cf:ba:cc:fd:52:13:68:eb:89:d2:dc:42:2c:68:32:
                    e3:83:d7:b5:9b:db:8d:c8:1f:07:5c:87:fe:87:bb:
                    89:67:f4:11:8b:26:69:8b:c8:a3:68:27:b0:12:8e:
                    52:76:9a:40:c6:f8:93:ca:ce:08:77:bd:4f:ef:90:
                    ab:58:41:6e:08:85:32:a3:f6:ec:b6:af:f8:21:3e:
                    01:9a:67:11:b6:91:6f:e5:73:6a:7b:ba:e5:35:1d:
                    b6:a8:cc:d6:01:d7:66:96:a0:0b:b5:41:8e:e0:fb:
                    25:b4:77:61:a4:c1:05:5d:05:ce:2c:8e:43:89:c5:
                    c9:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:5B:6B:B5:D6:B3:54:D3:76:E7:61:37:78:4D:D3:AA:79:E7:92:0E
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RFtrtdazVNN252E3eE3Tqnnnkg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:00:e5:91:98:dd:42:be:83:0d:03:7b:6f:f6:d8:7c:ba:73:
         a7:dc:74:49:96:b0:e1:dc:08:88:7b:ad:66:7e:22:89:c5:57:
         54:bf:b1:01:c6:a1:06:82:d0:bc:85:70:50:7a:b9:62:f2:9b:
         06:11:37:25:34:81:6f:62:ac:fe:3e:f0:e4:cc:b2:11:f7:65:
         aa:dd:3d:50:88:9c:cc:13:a4:c7:10:bf:ab:67:ac:ae:b8:3f:
         f7:2c:ef:b7:99:c7:1f:95:b2:d0:9f:95:9d:4d:1c:cd:6f:46:
         e6:c8:29:ee:3f:e8:fb:92:a0:b3:69:80:8e:85:70:fc:90:92:
         97:e2:94:a6:ad:03:7c:12:46:cf:ca:09:ee:5b:e5:0a:70:d9:
         83:0c:17:37:bb:a8:b5:a6:a6:0a:3d:c0:d9:58:be:4c:b4:77:
         1d:29:97:55:2a:1a:15:b3:59:07:37:52:59:01:1f:81:12:f5:
         8f:bb:d8:cd:40:79:f4:cd:dd:0c:02:aa:df:3c:43:32:dc:f6:
         43:30:55:d7:89:89:8f:9f:fb:2d:40:53:ab:d4:4a:7a:e3:2f:
         e4:5c:f7:c3:89:59:55:57:8f:ab:a7:a6:ca:41:65:24:d0:50:
         d4:2a:10:fa:41:7b:eb:c5:cc:28:2d:22:28:37:88:0f:0d:09:
         4e:b8:2d:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJNUrlsu5kCGfcucSxWKGS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIwNzMwMDQxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDViNmJiNWQ2YjM1NGQzNzZlNzYxMzc3ODRkZDNhYTc5ZTc5MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+o1kgLG71qZR27KbCOg/FXMyUeD
LyPOjaE5ulpQUYwTTHurBws9IFzcgWIhDen65EKCn6kvGK4Vkh7RMaYW5s17Hi5c
HOCYga9mYPkZjeEAQJ5rgWha2HpUzSb19jzONAwK+1rh+P5tfvUZWI+osDyeBO6W
uc4Ld77fDYQ4Xzkd0SIhKeTPusz9UhNo64nS3EIsaDLjg9e1m9uNyB8HXIf+h7uJ
Z/QRiyZpi8ijaCewEo5SdppAxviTys4Id71P75CrWEFuCIUyo/bstq/4IT4BmmcR
tpFv5XNqe7rlNR22qMzWAddmlqALtUGO4PsltHdhpMEFXQXOLI5DicXJbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERba7XWs1TTdudhN3hN06p555IOMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvUkZ0cnRkYXpWTk4yNTJFM2VFM1Rxbm5ua2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZtCMA0G
CSqGSIb3DQEBCwUAA4IBAQCEAOWRmN1CvoMNA3tv9th8unOn3HRJlrDh3AiIe61m
fiKJxVdUv7EBxqEGgtC8hXBQerli8psGETclNIFvYqz+PvDkzLIR92Wq3T1QiJzM
E6THEL+rZ6yuuD/3LO+3mccflbLQn5WdTRzNb0bmyCnuP+j7kqCzaYCOhXD8kJKX
4pSmrQN8EkbPygnuW+UKcNmDDBc3u6i1pqYKPcDZWL5MtHcdKZdVKhoVs1kHN1JZ
AR+BEvWPu9jNQHn0zd0MAqrfPEMy3PZDMFXXiYmPn/stQFOr1Ep64y/kXPfDiVlV
V4+rp6bKQWUk0FDUKhD6QXvrxcwoLSIoN4gPDQlOuC3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org