Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ec676b-6ea2-407c-a10e-abc8552b7d11/1/pAuI1naDUj_fPFORd3AO4C7c8W0.roa
File:                     pAuI1naDUj_fPFORd3AO4C7c8W0.roa (raw, json)
Hash identifier:          aSFLiqFc6FP1p/WpuimEsLVUpJoQrYUr1MiMC9g5afs=
Subject key identifier:   A4:0B:88:D6:76:83:52:3F:DF:3C:53:91:77:70:0E:E0:2E:DC:F1:6D
Certificate issuer:       /CN=40df2722452085e3bfa98ba635074eaed8ab0485
Certificate serial:       65E7A7
Authority key identifier: 40:DF:27:22:45:20:85:E3:BF:A9:8B:A6:35:07:4E:AE:D8:AB:04:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QN8nIkUgheO_qYumNQdOrtirBIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/ec676b-6ea2-407c-a10e-abc8552b7d11/1/pAuI1naDUj_fPFORd3AO4C7c8W0.roa
Signing time:             Sat 01 Jan 2022 02:59:11 +0000
ROA not before:           Sat 01 Jan 2022 02:59:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9051
IP address blocks:        91.217.177.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6678439 (0x65e7a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40df2722452085e3bfa98ba635074eaed8ab0485
        Validity
            Not Before: Jan  1 02:59:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a40b88d67683523fdf3c539177700ee02edcf16d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:9d:a6:e7:39:29:38:bd:e6:ea:60:50:d9:61:
                    cc:b7:59:88:a7:32:1a:fd:27:ae:ca:ca:2e:34:17:
                    96:33:f9:22:09:2e:48:28:89:29:1d:66:e6:83:05:
                    72:e4:4c:a8:f5:45:a1:34:55:a3:7f:ba:4a:2a:f7:
                    9d:1a:cd:45:ee:c7:bd:d0:71:87:25:2b:8d:26:61:
                    b7:e0:8c:ed:cf:b2:b0:eb:1e:4a:aa:7d:f5:f7:41:
                    41:ae:37:3e:5c:3a:f9:0f:11:42:20:e4:c2:24:bd:
                    e8:a3:a3:35:5f:e2:4b:fa:17:99:56:8a:4f:6a:d7:
                    78:64:56:2e:b1:4f:f6:e6:dc:3c:de:56:aa:3f:86:
                    72:a4:1e:ba:21:49:3b:21:02:0a:24:40:15:6f:ad:
                    c3:71:92:41:af:8f:c8:30:c3:47:3c:b6:72:97:1d:
                    5b:03:6c:d7:34:06:5f:38:9f:67:41:2e:ca:a7:c5:
                    15:ea:77:91:dc:a8:07:e1:eb:1a:de:0a:f2:c5:be:
                    27:0c:a2:fa:09:8f:a4:67:c4:39:40:cb:09:67:ca:
                    fa:4a:58:86:19:50:6d:e3:56:ba:91:a2:40:7c:e4:
                    25:84:8a:83:b0:4c:28:12:9b:09:c0:94:d5:01:42:
                    70:41:22:20:aa:e5:3c:bd:0b:c5:36:aa:3c:ad:8d:
                    38:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:0B:88:D6:76:83:52:3F:DF:3C:53:91:77:70:0E:E0:2E:DC:F1:6D
            X509v3 Authority Key Identifier:
                keyid:40:DF:27:22:45:20:85:E3:BF:A9:8B:A6:35:07:4E:AE:D8:AB:04:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QN8nIkUgheO_qYumNQdOrtirBIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ec676b-6ea2-407c-a10e-abc8552b7d11/1/pAuI1naDUj_fPFORd3AO4C7c8W0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ec676b-6ea2-407c-a10e-abc8552b7d11/1/QN8nIkUgheO_qYumNQdOrtirBIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:64:7d:42:5e:fa:5a:75:f4:7e:43:f4:af:1f:78:1b:4a:cf:
         7f:e8:bf:f1:c9:f5:1a:fe:2c:a1:e1:39:18:3b:a6:5c:9b:7a:
         83:ca:80:e6:fc:f0:ad:f0:9d:9b:c8:f1:f4:97:e6:47:ec:e7:
         f3:63:bf:8c:ef:f8:69:04:f5:5a:ed:ed:38:5d:02:52:c4:6d:
         2b:69:b6:8f:64:b4:d0:06:47:81:41:6c:ae:f0:94:25:4f:26:
         84:8e:0a:ff:94:d4:89:64:00:03:d3:a0:ad:64:bf:84:56:e0:
         77:97:26:80:87:9e:a1:e1:1c:b7:fd:6a:b7:01:ba:47:58:89:
         66:0a:69:ec:17:6e:4d:19:42:d6:4b:34:c5:e1:9d:d1:bb:1e:
         f4:57:80:6b:78:8e:a3:ac:54:88:6c:73:4a:48:02:72:2f:1d:
         50:f4:d8:08:ad:17:17:e9:7b:7f:b8:c8:34:15:ba:f3:95:e0:
         75:1a:40:e7:b5:ef:32:37:9a:c2:72:cc:aa:fe:11:f8:1a:13:
         69:20:65:84:58:dd:16:dc:d5:03:b3:f0:18:32:94:56:f1:d6:
         8c:b9:cb:25:b8:da:2a:84:df:c8:27:2e:f5:5d:83:5b:43:6b:
         86:00:b4:c9:b7:3e:aa:48:be:32:7e:1d:80:41:fc:bb:be:56:
         75:0e:b7:82
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDZeenMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
ZGYyNzIyNDUyMDg1ZTNiZmE5OGJhNjM1MDc0ZWFlZDhhYjA0ODUwHhcNMjIwMTAx
MDI1OTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNDBiODhkNjc2ODM1
MjNmZGYzYzUzOTE3NzcwMGVlMDJlZGNmMTZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyJ2m5zkpOL3m6mBQ2WHMt1mIpzIa/SeuysouNBeWM/kiCS5I
KIkpHWbmgwVy5Eyo9UWhNFWjf7pKKvedGs1F7se90HGHJSuNJmG34Iztz7Kw6x5K
qn3190FBrjc+XDr5DxFCIOTCJL3oo6M1X+JL+heZVopPatd4ZFYusU/25tw83laq
P4ZypB66IUk7IQIKJEAVb63DcZJBr4/IMMNHPLZylx1bA2zXNAZfOJ9nQS7Kp8UV
6neR3KgH4esa3gryxb4nDKL6CY+kZ8Q5QMsJZ8r6SliGGVBt41a6kaJAfOQlhIqD
sEwoEpsJwJTVAUJwQSIgquU8vQvFNqo8rY04uQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKQLiNZ2g1I/3zxTkXdwDuAu3PFtMB8GA1UdIwQYMBaAFEDfJyJFIIXjv6mL
pjUHTq7YqwSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UU44bklrVWdoZU9fcVl1bU5RZE9ydGlyQklVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNS9lYzY3NmItNmVhMi00MDdjLWExMGUtYWJjODU1MmI3ZDExLzEv
cEF1STFuYURVal9mUEZPUmQzQU80QzdjOFcwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9l
YzY3NmItNmVhMi00MDdjLWExMGUtYWJjODU1MmI3ZDExLzEvUU44bklrVWdoZU9f
cVl1bU5RZE9ydGlyQklVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mxMA0GCSqGSIb3DQEBCwUAA4IB
AQAxZH1CXvpadfR+Q/SvH3gbSs9/6L/xyfUa/iyh4TkYO6Zcm3qDyoDm/PCt8J2b
yPH0l+ZH7OfzY7+M7/hpBPVa7e04XQJSxG0rabaPZLTQBkeBQWyu8JQlTyaEjgr/
lNSJZAAD06CtZL+EVuB3lyaAh56h4Ry3/Wq3AbpHWIlmCmnsF25NGULWSzTF4Z3R
ux70V4BreI6jrFSIbHNKSAJyLx1Q9NgIrRcX6Xt/uMg0FbrzleB1GkDnte8yN5rC
csyq/hH4GhNpIGWEWN0W3NUDs/AYMpRW8daMucsluNoqhN/IJy71XYNbQ2uGALTJ
tz6qSL4yfh2AQfy7vlZ1DreC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org