Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/5f657e-90d8-460c-bab0-da33fcfba573/1/jdMhMaZUiJSU3nlUyD4HFtd_xW0.roa
File:                     jdMhMaZUiJSU3nlUyD4HFtd_xW0.roa (raw, json)
Hash identifier:          c+nGdQEbyMvOj683yDeQrg01Js6zMiAxsqdctYWoAB4=
Subject key identifier:   8D:D3:21:31:A6:54:88:94:94:DE:79:54:C8:3E:07:16:D7:7F:C5:6D
Certificate issuer:       /CN=39ea523da0f0bba12e8c22f3be48045027dd3358
Certificate serial:       018572B3F2BE30F80EA0CB4587A852352713
Authority key identifier: 39:EA:52:3D:A0:F0:BB:A1:2E:8C:22:F3:BE:48:04:50:27:DD:33:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OepSPaDwu6EujCLzvkgEUCfdM1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/5f657e-90d8-460c-bab0-da33fcfba573/1/jdMhMaZUiJSU3nlUyD4HFtd_xW0.roa
Signing time:             Mon 02 Jan 2023 13:37:53 +0000
ROA not before:           Mon 02 Jan 2023 13:37:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        146.19.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b3:f2:be:30:f8:0e:a0:cb:45:87:a8:52:35:27:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39ea523da0f0bba12e8c22f3be48045027dd3358
        Validity
            Not Before: Jan  2 13:37:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8dd32131a654889494de7954c83e0716d77fc56d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:49:b0:5a:e3:26:ae:6e:b6:36:ee:53:f6:97:
                    e4:22:77:c5:c1:90:86:05:07:44:24:4c:3e:3f:e5:
                    6b:ca:37:86:a4:8d:e7:5d:51:ec:4d:5f:83:45:07:
                    f0:cc:ac:91:86:aa:f3:6c:0f:3f:73:1c:b7:8e:89:
                    93:72:91:75:bc:4c:08:d2:b9:74:72:dd:f6:b4:8a:
                    d1:c0:0d:1a:fc:a5:a6:38:3c:9e:b1:76:11:9e:75:
                    07:ec:b4:6c:42:2f:f4:60:47:b8:7d:f1:25:09:85:
                    69:51:47:d4:a7:b4:00:05:1d:ac:fc:54:e2:51:42:
                    9d:2e:4f:b5:ea:5f:f4:b9:34:93:f0:01:dc:e0:9b:
                    a8:4b:15:7c:4d:bd:e5:d0:85:22:03:c1:fb:ad:4a:
                    ff:1a:c5:83:eb:3a:ce:44:78:e3:1f:21:b5:18:41:
                    a5:44:9c:79:c0:38:50:3e:8a:1d:3a:2a:1e:aa:37:
                    30:c7:08:0a:7d:4a:90:7b:ba:eb:9f:1e:6c:e2:f4:
                    5a:a8:4d:09:20:4e:33:92:64:66:86:3a:3e:13:9e:
                    ea:b9:18:f8:8c:c8:f3:65:31:2f:59:f9:fa:5d:a7:
                    53:90:7d:82:2a:61:69:3b:77:1d:9c:7e:88:2b:3e:
                    1e:8e:70:86:0d:0a:6b:0f:04:d6:cc:6f:43:45:75:
                    7a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:D3:21:31:A6:54:88:94:94:DE:79:54:C8:3E:07:16:D7:7F:C5:6D
            X509v3 Authority Key Identifier:
                keyid:39:EA:52:3D:A0:F0:BB:A1:2E:8C:22:F3:BE:48:04:50:27:DD:33:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OepSPaDwu6EujCLzvkgEUCfdM1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/5f657e-90d8-460c-bab0-da33fcfba573/1/jdMhMaZUiJSU3nlUyD4HFtd_xW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/5f657e-90d8-460c-bab0-da33fcfba573/1/OepSPaDwu6EujCLzvkgEUCfdM1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:6b:e4:61:83:c5:6b:a3:ac:57:24:c2:77:b0:17:72:0c:b9:
         0c:a9:ff:54:af:41:3a:91:e9:14:81:2a:83:3d:47:a2:94:22:
         90:c0:a8:ee:74:da:8f:e4:3e:bd:df:0c:e1:a5:2b:78:8b:b1:
         54:e4:fb:4d:21:03:cd:cf:8c:d5:1f:44:c3:8d:a9:40:ff:bc:
         7c:f1:a0:1f:e4:e7:2c:c8:af:55:37:51:93:4e:83:aa:76:ac:
         bf:8b:d2:0d:5b:1c:f8:ba:35:7d:6f:8e:11:97:1d:fd:24:67:
         20:5e:33:ba:2a:d0:b7:cd:24:9d:88:e1:17:fb:25:4b:8a:65:
         69:f4:90:3f:8f:53:ba:b5:35:c0:0f:74:b9:08:2b:2e:ab:96:
         de:23:97:4f:76:d8:bf:bd:58:e1:b2:67:2d:75:ae:d0:40:7f:
         e1:5c:0b:ba:fa:62:68:23:6a:8b:0f:42:b4:d8:b8:e9:9a:59:
         dd:ce:14:53:84:3a:d4:1b:59:61:09:26:bf:6c:be:9e:df:e4:
         1a:c0:65:46:e0:ac:ef:c1:0e:ec:8d:ee:a9:a4:ba:17:1a:e8:
         b9:50:2e:66:18:ba:b9:44:4e:dd:8b:4d:ae:ea:5d:b8:1a:4d:
         97:a7:3c:02:00:53:ae:8b:a0:b2:87:c7:57:bd:ea:f0:ba:c4:
         f3:f0:1b:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVys/K+MPgOoMtFh6hSNScTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZWE1MjNkYTBmMGJiYTEyZThjMjJmM2JlNDgwNDUwMjdk
ZDMzNTgwHhcNMjMwMTAyMTMzNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQzMjEzMWE2NTQ4ODk0OTRkZTc5NTRjODNlMDcxNmQ3N2ZjNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEmwWuMmrm62Nu5T9pfkInfFwZCG
BQdEJEw+P+VryjeGpI3nXVHsTV+DRQfwzKyRhqrzbA8/cxy3jomTcpF1vEwI0rl0
ct32tIrRwA0a/KWmODyesXYRnnUH7LRsQi/0YEe4ffElCYVpUUfUp7QABR2s/FTi
UUKdLk+16l/0uTST8AHc4JuoSxV8Tb3l0IUiA8H7rUr/GsWD6zrORHjjHyG1GEGl
RJx5wDhQPoodOioeqjcwxwgKfUqQe7rrnx5s4vRaqE0JIE4zkmRmhjo+E57quRj4
jMjzZTEvWfn6XadTkH2CKmFpO3cdnH6IKz4ejnCGDQprDwTWzG9DRXV6XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3TITGmVIiUlN55VMg+BxbXf8VtMB8GA1UdIwQY
MBaAFDnqUj2g8LuhLowi875IBFAn3TNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2VwU1BhRHd1NkV1akNMenZrZ0VVQ2ZkTTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81ZjY1N2UtOTBkOC00NjBjLWJhYjAt
ZGEzM2ZjZmJhNTczLzEvamRNaE1hWlVpSlNVM25sVXlENEhGdGRfeFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81ZjY1N2UtOTBkOC00NjBjLWJhYjAtZGEzM2ZjZmJhNTcz
LzEvT2VwU1BhRHd1NkV1akNMenZrZ0VVQ2ZkTTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOYMA0G
CSqGSIb3DQEBCwUAA4IBAQCMa+Rhg8Vro6xXJMJ3sBdyDLkMqf9Ur0E6kekUgSqD
PUeilCKQwKjudNqP5D693wzhpSt4i7FU5PtNIQPNz4zVH0TDjalA/7x88aAf5Ocs
yK9VN1GTToOqdqy/i9INWxz4ujV9b44Rlx39JGcgXjO6KtC3zSSdiOEX+yVLimVp
9JA/j1O6tTXAD3S5CCsuq5beI5dPdti/vVjhsmctda7QQH/hXAu6+mJoI2qLD0K0
2LjpmlndzhRThDrUG1lhCSa/bL6e3+QawGVG4KzvwQ7sje6ppLoXGui5UC5mGLq5
RE7di02u6l24Gk2XpzwCAFOui6Cyh8dXverwusTz8BvV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:24 2024 by rpki-client on console-fra.rpki-client.org