Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa
File:                     S00ppjmxrBmXuE07737ef4tGmog.roa (raw, json)
Hash identifier:          RXo057lXpaMZkFB/4naczwYBhazPlhwuPPSVQGwOiVw=
Subject key identifier:   4B:4D:29:A6:39:B1:AC:19:97:B8:4D:3B:EF:7E:DE:7F:8B:46:9A:88
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       011A8BC2
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa
Signing time:             Wed 15 Jun 2022 12:17:51 +0000
ROA not before:           Wed 15 Jun 2022 12:17:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212144
IP address blocks:        2a05:9a40::/29 maxlen: 29
                          2a10:3c80::/29 maxlen: 29
                          2a06:5fc0::/29 maxlen: 29
                          2a10:3f80::/29 maxlen: 29
                          2a0f:9ac0::/29 maxlen: 30
                          2a10:b40::/29 maxlen: 29
                          2a0d:6f80::/29 maxlen: 29
                          2a0f:9b40::/29 maxlen: 29
                          2a10:77c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18516930 (0x11a8bc2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Jun 15 12:17:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b4d29a639b1ac1997b84d3bef7ede7f8b469a88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:30:ae:29:6e:a8:3f:14:5c:b4:a3:b1:4b:83:
                    a4:52:77:9a:10:e2:25:ea:2a:fe:e2:cf:6e:41:59:
                    af:73:03:51:c5:dc:4c:0e:ff:c4:ba:5e:f8:25:0d:
                    5b:eb:44:98:54:18:bf:8f:45:0e:96:a2:d8:4c:e6:
                    72:f3:54:f6:48:80:64:4d:c9:b6:df:21:5a:37:9e:
                    74:11:96:7d:12:1c:bd:8f:55:b5:57:39:4b:4e:a8:
                    5d:1a:8b:2a:75:13:1b:b0:6e:b2:5a:fc:7a:b7:51:
                    50:19:cd:15:20:94:db:cf:aa:23:d4:28:1c:98:95:
                    3c:22:a3:f6:8b:93:7f:40:46:75:1c:db:21:b9:25:
                    e1:5c:bb:66:4c:31:8b:c8:38:c2:80:aa:03:6a:ec:
                    21:54:5a:d9:4d:52:cb:8f:fb:cf:28:6a:dd:15:b2:
                    f3:8a:ec:5a:08:bc:36:32:42:c1:ea:d3:a1:53:7a:
                    af:be:6c:4a:a8:3f:ec:68:e5:b7:e2:53:c5:6b:47:
                    f7:7e:e0:b0:ed:a1:bd:06:4b:61:5c:4a:6a:7c:0f:
                    5d:9f:d1:0b:45:26:cb:72:93:ae:d1:b7:65:23:a4:
                    e1:10:22:11:9d:da:ec:fc:32:92:4e:89:9c:e8:75:
                    55:b6:81:21:a0:6d:9b:30:7e:c4:95:7d:10:15:c1:
                    17:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:4D:29:A6:39:B1:AC:19:97:B8:4D:3B:EF:7E:DE:7F:8B:46:9A:88
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S00ppjmxrBmXuE07737ef4tGmog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:9a40::/29
                  2a06:5fc0::/29
                  2a0d:6f80::/29
                  2a0f:9ac0::/29
                  2a0f:9b40::/29
                  2a10:b40::/29
                  2a10:3c80::/29
                  2a10:3f80::/29
                  2a10:77c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         27:7d:38:70:bd:31:ea:c0:9f:9f:71:16:5e:dd:5e:af:25:bd:
         97:fd:2e:2d:25:0a:fe:19:3c:6a:bf:fc:cb:c8:7f:2b:67:db:
         49:b6:d3:3a:6d:58:35:27:10:f5:d0:0f:21:1c:11:19:1b:f0:
         8b:5a:db:6f:4d:bc:df:7d:d7:3e:de:9d:14:5e:24:cb:72:3c:
         2e:2f:f5:62:71:6d:ac:3e:3f:df:25:b8:a6:53:d3:1a:1e:0a:
         1b:1e:f8:42:73:d4:41:d2:7f:48:04:7d:a4:16:73:fa:3f:50:
         99:ad:b4:34:02:16:fa:f0:28:10:8f:ec:4a:a7:c5:ef:63:19:
         b3:00:02:87:c8:4a:ea:e5:f8:9f:d9:58:d4:b3:76:23:cd:8b:
         3e:2f:5f:4f:a2:09:e0:82:1f:5d:0c:c1:be:73:78:06:ab:5a:
         98:53:6e:a9:28:91:01:94:a2:45:5e:2c:3a:be:18:f0:b0:31:
         09:85:7a:b6:df:ba:f2:d4:af:a1:57:48:ae:ce:3d:24:0e:38:
         de:2f:a0:92:c5:8a:56:9f:64:6f:13:cf:b3:a0:4d:34:64:79:
         c8:fe:4a:25:98:9a:98:d4:d0:f5:67:b4:b4:1e:c5:68:14:b5:
         ea:fc:d2:93:e6:de:d5:21:16:ce:4c:55:ac:15:43:95:bb:3d:
         dd:cb:e1:e4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEARqLwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjE0NWE4YmRmMmJjYTE1MGYyNWVkNTRhMjc3YjhmNjUzZWZkYjNlMB4XDTIyMDYx
NTEyMTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI0ZDI5YTYzOWIx
YWMxOTk3Yjg0ZDNiZWY3ZWRlN2Y4YjQ2OWE4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMwriluqD8UXLSjsUuDpFJ3mhDiJeoq/uLPbkFZr3MDUcXc
TA7/xLpe+CUNW+tEmFQYv49FDpai2EzmcvNU9kiAZE3Jtt8hWjeedBGWfRIcvY9V
tVc5S06oXRqLKnUTG7Buslr8erdRUBnNFSCU28+qI9QoHJiVPCKj9ouTf0BGdRzb
Ibkl4Vy7Zkwxi8g4woCqA2rsIVRa2U1Sy4/7zyhq3RWy84rsWgi8NjJCwerToVN6
r75sSqg/7Gjlt+JTxWtH937gsO2hvQZLYVxKanwPXZ/RC0Umy3KTrtG3ZSOk4RAi
EZ3a7Pwykk6JnOh1VbaBIaBtmzB+xJV9EBXBF8ECAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRLTSmmObGsGZe4TTvvft5/i0aaiDAfBgNVHSMEGDAWgBQrFFqL3yvKFQ8l
7VSid7j2U+/bPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t4UmFpOThyeWhVUEplMVVvbmU0OWxQdjJ6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8x
L1MwMHBwam14ckJtWHVFMDc3MzdlZjR0R21vZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MGQ4YzhmLWZmMmMtNGRhOC1iNDQzLTMwNDBiZWQzY2NjZC8xL0t4UmFpOThyeWhV
UEplMVVvbmU0OWxQdjJ6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwRQQCAAIwPwMFAyoFmkADBQMqBl/AAwUDKg1vgAMF
AyoPmsADBQMqD5tAAwUDKhALQAMFAyoQPIADBQMqED+AAwUDKhB3wDANBgkqhkiG
9w0BAQsFAAOCAQEAJ304cL0x6sCfn3EWXt1eryW9l/0uLSUK/hk8ar/8y8h/K2fb
SbbTOm1YNScQ9dAPIRwRGRvwi1rbb028333XPt6dFF4ky3I8Li/1YnFtrD4/3yW4
plPTGh4KGx74QnPUQdJ/SAR9pBZz+j9Qma20NAIW+vAoEI/sSqfF72MZswACh8hK
6uX4n9lY1LN2I82LPi9fT6IJ4IIfXQzBvnN4BqtamFNuqSiRAZSiRV4sOr4Y8LAx
CYV6tt+68tSvoVdIrs49JA443i+gksWKVp9kbxPPs6BNNGR5yP5KJZiamNTQ9We0
tB7FaBS16vzSk+be1SEWzkxVrBVDlbs93cvh5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org