Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/72028a-c305-4edf-9570-45904e460f73/1/UX4sHkdz5yjrcOXzDpIVE8bNJpo.roa
File:                     UX4sHkdz5yjrcOXzDpIVE8bNJpo.roa (raw, json)
Hash identifier:          MOnZaBwidltmOP0zhtPkzd4d+lfmA1po+BrtTBJ3gUU=
Subject key identifier:   51:7E:2C:1E:47:73:E7:28:EB:70:E5:F3:0E:92:15:13:C6:CD:26:9A
Certificate issuer:       /CN=fd33f44e08988baecafdb5cf290bdc8d18c9e46a
Certificate serial:       07DEF07E
Authority key identifier: FD:33:F4:4E:08:98:8B:AE:CA:FD:B5:CF:29:0B:DC:8D:18:C9:E4:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_TP0TgiYi67K_bXPKQvcjRjJ5Go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/72028a-c305-4edf-9570-45904e460f73/1/UX4sHkdz5yjrcOXzDpIVE8bNJpo.roa
Signing time:             Wed 22 Jun 2022 13:54:33 +0000
ROA not before:           Wed 22 Jun 2022 13:54:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205614
IP address blocks:        45.135.124.0/22 maxlen: 24
                          2a0e:8b40::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132051070 (0x7def07e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd33f44e08988baecafdb5cf290bdc8d18c9e46a
        Validity
            Not Before: Jun 22 13:54:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=517e2c1e4773e728eb70e5f30e921513c6cd269a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:de:f2:f4:64:bb:07:22:2d:47:1e:af:fc:84:
                    e8:e8:b8:dc:71:e5:b0:f4:54:b8:13:2a:57:81:b5:
                    d9:67:a4:74:32:a0:3a:32:58:a6:98:71:59:2d:7f:
                    be:36:69:dc:7e:6a:89:dd:b8:b6:af:cf:cb:61:55:
                    34:76:72:ea:2d:f9:92:9d:21:46:27:b4:29:d5:b5:
                    2b:65:a6:fd:14:7b:cf:99:fe:9d:52:8a:8b:10:db:
                    e0:0e:ea:f3:b6:42:99:fb:d2:58:2f:f0:d8:57:dd:
                    e1:aa:fb:95:cf:2d:1c:8c:e0:3e:e0:56:71:f1:b6:
                    ff:d8:20:b8:9f:c4:0b:eb:92:7b:f6:9b:d1:74:29:
                    d9:5d:da:5a:19:33:0b:5a:84:fc:a9:0a:ff:db:2b:
                    ed:7b:e7:42:80:46:61:19:f3:53:d8:9b:23:a3:2e:
                    41:95:54:e1:11:44:7b:99:8c:92:73:58:49:bc:11:
                    49:d9:a5:33:04:05:9f:31:ca:48:15:c0:23:3f:2f:
                    cc:cb:2f:72:12:94:f8:1a:db:2e:2f:92:6c:0c:e0:
                    75:93:ed:e3:96:95:7b:16:32:78:03:da:00:be:35:
                    8b:fc:5f:00:ef:08:dc:cc:6d:7c:5d:76:51:7c:04:
                    3e:99:57:d1:c9:c5:9e:ce:43:6d:2f:b5:b0:38:a8:
                    2f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:7E:2C:1E:47:73:E7:28:EB:70:E5:F3:0E:92:15:13:C6:CD:26:9A
            X509v3 Authority Key Identifier:
                keyid:FD:33:F4:4E:08:98:8B:AE:CA:FD:B5:CF:29:0B:DC:8D:18:C9:E4:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TP0TgiYi67K_bXPKQvcjRjJ5Go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/72028a-c305-4edf-9570-45904e460f73/1/UX4sHkdz5yjrcOXzDpIVE8bNJpo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/72028a-c305-4edf-9570-45904e460f73/1/_TP0TgiYi67K_bXPKQvcjRjJ5Go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.124.0/22
                IPv6:
                  2a0e:8b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         6a:ec:8d:ab:fc:e0:28:e9:99:64:8a:0e:9e:f4:6a:d3:1f:50:
         82:84:fa:f4:4d:a6:ee:e1:e9:ea:58:d3:6c:4d:54:ab:1e:af:
         aa:d0:e9:d4:e1:86:09:cd:c2:f6:59:ee:f8:5f:64:0b:86:8c:
         a5:5f:77:b6:48:a2:09:d0:3c:7d:69:bb:5f:3e:64:14:7d:4c:
         9b:d8:95:0b:09:aa:77:7e:da:07:14:35:89:3d:41:77:b6:4e:
         ea:1e:df:3c:0b:56:99:dc:07:f4:98:cd:9b:2e:da:62:ec:5f:
         03:fd:cd:93:ef:c3:43:45:24:84:8e:dd:66:62:0e:9c:e5:65:
         28:e3:67:7f:ce:83:bb:97:81:94:60:ed:fa:a1:aa:87:d9:56:
         b0:8c:5a:ae:c3:09:01:61:e6:fa:26:30:b1:2a:04:e1:b8:a8:
         3f:d1:e3:9d:b5:f5:9d:38:1e:c6:51:d0:72:66:28:36:a5:66:
         43:84:66:20:1a:25:b9:23:75:8d:6c:52:36:6c:ac:b9:2c:3a:
         79:00:8e:6c:b6:0d:4e:cc:7d:63:e5:c5:3d:5a:4d:92:f0:db:
         3e:c6:23:96:26:72:93:14:d2:29:66:92:2b:05:ed:9a:2f:b0:
         45:f8:a0:26:76:96:68:67:56:29:37:d8:3d:1b:c5:54:38:3c:
         5f:b7:b6:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB97wfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDMzZjQ0ZTA4OTg4YmFlY2FmZGI1Y2YyOTBiZGM4ZDE4YzllNDZhMB4XDTIyMDYy
MjEzNTQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE3ZTJjMWU0Nzcz
ZTcyOGViNzBlNWYzMGU5MjE1MTNjNmNkMjY5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDe8vRkuwciLUcer/yE6Oi43HHlsPRUuBMqV4G12WekdDKg
OjJYpphxWS1/vjZp3H5qid24tq/Py2FVNHZy6i35kp0hRie0KdW1K2Wm/RR7z5n+
nVKKixDb4A7q87ZCmfvSWC/w2Ffd4ar7lc8tHIzgPuBWcfG2/9gguJ/EC+uSe/ab
0XQp2V3aWhkzC1qE/KkK/9sr7XvnQoBGYRnzU9ibI6MuQZVU4RFEe5mMknNYSbwR
SdmlMwQFnzHKSBXAIz8vzMsvchKU+BrbLi+SbAzgdZPt45aVexYyeAPaAL41i/xf
AO8I3MxtfF12UXwEPplX0cnFns5DbS+1sDioL4MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRRfiweR3PnKOtw5fMOkhUTxs0mmjAfBgNVHSMEGDAWgBT9M/ROCJiLrsr9
tc8pC9yNGMnkajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19UUDBUZ2lZaTY3S19iWFBLUXZjalJqSjVHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvNzIwMjhhLWMzMDUtNGVkZi05NTcwLTQ1OTA0ZTQ2MGY3My8x
L1VYNHNIa2R6NXlqcmNPWHpEcElWRThiTkpwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
NzIwMjhhLWMzMDUtNGVkZi05NTcwLTQ1OTA0ZTQ2MGY3My8xL19UUDBUZ2lZaTY3
S19iWFBLUXZjalJqSjVHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2HfDANBAIAAjAHAwUDKg6LQDAN
BgkqhkiG9w0BAQsFAAOCAQEAauyNq/zgKOmZZIoOnvRq0x9QgoT69E2m7uHp6ljT
bE1Uqx6vqtDp1OGGCc3C9lnu+F9kC4aMpV93tkiiCdA8fWm7Xz5kFH1Mm9iVCwmq
d37aBxQ1iT1Bd7ZO6h7fPAtWmdwH9JjNmy7aYuxfA/3Nk+/DQ0UkhI7dZmIOnOVl
KONnf86Du5eBlGDt+qGqh9lWsIxarsMJAWHm+iYwsSoE4bioP9HjnbX1nTgexlHQ
cmYoNqVmQ4RmIBoluSN1jWxSNmysuSw6eQCObLYNTsx9Y+XFPVpNkvDbPsYjliZy
kxTSKWaSKwXtmi+wRfigJnaWaGdWKTfYPRvFVDg8X7e2cQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:25 2024 by rpki-client on console-fra.rpki-client.org