Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3882d1-7264-4cf5-8679-cb98a7b4ddf6/1/XTkEafr9Sc_OSq_5wevWPP6PAH0.roa
File:                     XTkEafr9Sc_OSq_5wevWPP6PAH0.roa (raw, json)
Hash identifier:          sA7j+1ZzU0sFnE8oZkeeHR6HQ9cJx5c7Jqlwuq8BLYg=
Subject key identifier:   5D:39:04:69:FA:FD:49:CF:CE:4A:AF:F9:C1:EB:D6:3C:FE:8F:00:7D
Certificate issuer:       /CN=0672be0a174c6a9373c2509ba8fb146260b04430
Certificate serial:       01827E4C408655E3A24654E9FADB97EFB614
Authority key identifier: 06:72:BE:0A:17:4C:6A:93:73:C2:50:9B:A8:FB:14:62:60:B0:44:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnK-ChdMapNzwlCbqPsUYmCwRDA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/3882d1-7264-4cf5-8679-cb98a7b4ddf6/1/XTkEafr9Sc_OSq_5wevWPP6PAH0.roa
Signing time:             Mon 08 Aug 2022 16:31:41 +0000
ROA not before:           Mon 08 Aug 2022 16:31:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        193.163.45.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7e:4c:40:86:55:e3:a2:46:54:e9:fa:db:97:ef:b6:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0672be0a174c6a9373c2509ba8fb146260b04430
        Validity
            Not Before: Aug  8 16:31:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d390469fafd49cfce4aaff9c1ebd63cfe8f007d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:fa:24:22:34:b5:bf:a5:02:76:eb:e4:c3:f3:
                    55:4d:35:23:48:99:6b:2c:f0:ed:08:f4:7b:ef:42:
                    27:66:07:52:eb:54:9d:67:33:5b:f7:47:e8:3c:87:
                    f8:02:98:99:fd:11:19:43:98:5b:85:c1:c8:c3:85:
                    fc:16:01:1b:25:c7:97:87:e3:4c:16:5d:fe:dd:a5:
                    97:c0:90:8b:c5:ba:a6:d9:17:f8:73:b8:55:55:28:
                    8f:7d:73:22:4e:3e:e5:a2:4e:73:0d:72:bf:5f:0f:
                    4f:54:64:90:65:72:f2:dd:f2:a2:2e:82:8f:35:0e:
                    fe:5d:37:1b:9a:07:a0:26:ad:b2:1f:e2:fc:f8:e1:
                    b1:56:2a:8a:30:50:70:35:44:3f:61:4f:7a:89:61:
                    ca:d4:13:01:51:5a:50:d8:47:2d:79:e7:41:02:c3:
                    ed:93:75:d9:1c:20:7b:b0:95:17:e5:d7:b6:9a:c8:
                    a2:d4:76:b6:b9:ab:ad:84:46:64:04:7a:1a:47:1b:
                    f4:bf:74:27:81:ff:84:09:ac:0f:d2:26:c5:57:ee:
                    a1:6a:02:33:c3:04:ea:fb:7b:c9:92:d6:29:6e:de:
                    02:78:24:28:2c:68:3b:b5:4c:8f:d0:38:67:0b:55:
                    5c:31:f7:49:1e:3c:bf:93:70:59:d2:08:90:d2:d8:
                    a1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:39:04:69:FA:FD:49:CF:CE:4A:AF:F9:C1:EB:D6:3C:FE:8F:00:7D
            X509v3 Authority Key Identifier:
                keyid:06:72:BE:0A:17:4C:6A:93:73:C2:50:9B:A8:FB:14:62:60:B0:44:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnK-ChdMapNzwlCbqPsUYmCwRDA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3882d1-7264-4cf5-8679-cb98a7b4ddf6/1/XTkEafr9Sc_OSq_5wevWPP6PAH0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3882d1-7264-4cf5-8679-cb98a7b4ddf6/1/BnK-ChdMapNzwlCbqPsUYmCwRDA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:8b:70:c3:de:69:09:51:b2:22:00:5e:e1:21:79:0c:c4:32:
         d9:b4:4c:44:ce:a0:95:7c:df:1b:0a:50:db:46:35:c3:10:c1:
         73:7b:7c:b1:f9:17:ea:22:fd:92:7d:4d:2b:84:f5:d7:20:de:
         86:03:2f:0f:b9:11:14:b7:e2:9d:1f:1a:89:b9:99:50:6f:dd:
         c6:4e:01:7f:f0:c0:c3:36:f5:34:90:51:71:4b:19:16:34:35:
         d1:b2:07:21:98:46:f3:c4:1b:a9:2a:a4:b5:b7:de:d9:7c:c1:
         41:2b:4a:b0:51:b4:1b:5d:4c:25:dd:5e:91:d9:d7:31:3c:6e:
         de:6b:25:22:d0:e4:59:ab:bb:9f:49:11:15:75:5c:fd:27:b2:
         db:f5:bd:30:ba:f7:7e:33:05:3e:c7:70:ca:54:8a:d4:d0:b2:
         8e:99:f9:db:f4:fd:80:28:dd:df:9d:25:0d:9e:a6:10:d1:1e:
         30:55:0d:91:1d:f8:1c:21:fa:44:de:63:c9:f7:3d:2a:0f:78:
         a1:3c:d6:91:60:45:ae:ad:3d:cf:27:09:1c:bf:64:05:01:c4:
         f4:4a:ac:3d:7e:55:db:dd:ac:f8:7a:67:a0:32:ef:5b:30:38:
         db:96:3d:5c:66:c4:30:36:74:e8:de:23:03:94:ce:fe:d8:e9:
         83:6a:9f:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ+TECGVeOiRlTp+tuX77YUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzJiZTBhMTc0YzZhOTM3M2MyNTA5YmE4ZmIxNDYyNjBi
MDQ0MzAwHhcNMjIwODA4MTYzMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM5MDQ2OWZhZmQ0OWNmY2U0YWFmZjljMWViZDYzY2ZlOGYwMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvokIjS1v6UCduvkw/NVTTUjSJlr
LPDtCPR770InZgdS61SdZzNb90foPIf4ApiZ/REZQ5hbhcHIw4X8FgEbJceXh+NM
Fl3+3aWXwJCLxbqm2Rf4c7hVVSiPfXMiTj7lok5zDXK/Xw9PVGSQZXLy3fKiLoKP
NQ7+XTcbmgegJq2yH+L8+OGxViqKMFBwNUQ/YU96iWHK1BMBUVpQ2EcteedBAsPt
k3XZHCB7sJUX5de2msii1Ha2uauthEZkBHoaRxv0v3Qngf+ECawP0ibFV+6hagIz
wwTq+3vJktYpbt4CeCQoLGg7tUyP0DhnC1VcMfdJHjy/k3BZ0giQ0tihxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF05BGn6/UnPzkqv+cHr1jz+jwB9MB8GA1UdIwQY
MBaAFAZyvgoXTGqTc8JQm6j7FGJgsEQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5LLUNoZE1hcE56d2xDYnFQc1VZbUN3UkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zODgyZDEtNzI2NC00Y2Y1LTg2Nzkt
Y2I5OGE3YjRkZGY2LzEvWFRrRWFmcjlTY19PU3FfNXdldldQUDZQQUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zODgyZDEtNzI2NC00Y2Y1LTg2NzktY2I5OGE3YjRkZGY2
LzEvQm5LLUNoZE1hcE56d2xDYnFQc1VZbUN3UkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaMtMA0G
CSqGSIb3DQEBCwUAA4IBAQB4i3DD3mkJUbIiAF7hIXkMxDLZtExEzqCVfN8bClDb
RjXDEMFze3yx+RfqIv2SfU0rhPXXIN6GAy8PuREUt+KdHxqJuZlQb93GTgF/8MDD
NvU0kFFxSxkWNDXRsgchmEbzxBupKqS1t97ZfMFBK0qwUbQbXUwl3V6R2dcxPG7e
ayUi0ORZq7ufSREVdVz9J7Lb9b0wuvd+MwU+x3DKVIrU0LKOmfnb9P2AKN3fnSUN
nqYQ0R4wVQ2RHfgcIfpE3mPJ9z0qD3ihPNaRYEWurT3PJwkcv2QFAcT0Sqw9flXb
3az4emegMu9bMDjblj1cZsQwNnTo3iMDlM7+2OmDap+b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org