Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/167b5f-2d68-46c8-90f5-9ed2f166feae/1/AEqFs_aQKlX_kxxiyZKI-l4UqEk.roa
File:                     AEqFs_aQKlX_kxxiyZKI-l4UqEk.roa (raw, json)
Hash identifier:          9hHqIwtjZjDzayJWN1RY+ldmF7450K9V3vk48QxkhAM=
Subject key identifier:   00:4A:85:B3:F6:90:2A:55:FF:93:1C:62:C9:92:88:FA:5E:14:A8:49
Certificate issuer:       /CN=b70e414e19b7a35418a33a1af9eccad16e23e8df
Certificate serial:       0D84EBEF
Authority key identifier: B7:0E:41:4E:19:B7:A3:54:18:A3:3A:1A:F9:EC:CA:D1:6E:23:E8:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tw5BThm3o1QYozoa-ezK0W4j6N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/167b5f-2d68-46c8-90f5-9ed2f166feae/1/AEqFs_aQKlX_kxxiyZKI-l4UqEk.roa
Signing time:             Sat 01 Jan 2022 12:58:36 +0000
ROA not before:           Sat 01 Jan 2022 12:58:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58208
IP address blocks:        185.118.68.0/24 maxlen: 24
                          5.42.152.0/21 maxlen: 24
                          2a01:45c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 226814959 (0xd84ebef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b70e414e19b7a35418a33a1af9eccad16e23e8df
        Validity
            Not Before: Jan  1 12:58:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=004a85b3f6902a55ff931c62c99288fa5e14a849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9a:56:80:cd:c7:46:b1:46:c6:5d:50:60:0e:
                    a5:83:8f:6c:92:c6:c7:0a:6a:3f:f7:05:c0:34:8e:
                    a1:a7:c1:f6:dd:ea:08:66:16:ec:5a:ec:ed:46:69:
                    ad:bd:5d:91:c1:75:4e:8e:45:44:a3:de:93:3c:0d:
                    ea:ed:8b:d0:61:6f:1f:9f:19:b5:98:92:37:b0:ec:
                    54:4c:f7:8e:e3:18:b0:ee:c8:8d:08:15:6b:aa:87:
                    76:86:40:04:24:c0:1e:0b:9e:9b:76:42:3f:32:54:
                    4f:4e:87:35:e0:18:82:6f:7f:6f:c0:92:35:0d:e4:
                    94:8c:47:48:53:0f:9d:2d:89:d6:ca:fc:15:e7:5e:
                    06:bd:39:f2:6e:71:4a:e3:c5:6b:ea:65:8a:6f:65:
                    53:b4:2c:17:dd:0d:2e:e1:a1:10:9e:46:77:1e:e9:
                    c8:d3:0a:5a:4b:5a:de:f5:96:89:d1:8a:82:66:ef:
                    31:75:23:f5:f7:80:24:da:1a:41:63:6b:38:a2:ee:
                    32:7c:03:8e:46:d8:25:dd:c1:1b:66:44:67:0a:c8:
                    2b:d3:33:8a:fc:9a:4c:c4:20:d6:8b:fc:39:c6:1e:
                    56:dc:dc:92:ba:71:bd:8e:66:93:85:81:43:5b:cf:
                    3d:29:66:1d:32:91:ff:dd:c5:83:b7:9a:8a:2a:88:
                    ee:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4A:85:B3:F6:90:2A:55:FF:93:1C:62:C9:92:88:FA:5E:14:A8:49
            X509v3 Authority Key Identifier:
                keyid:B7:0E:41:4E:19:B7:A3:54:18:A3:3A:1A:F9:EC:CA:D1:6E:23:E8:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tw5BThm3o1QYozoa-ezK0W4j6N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/167b5f-2d68-46c8-90f5-9ed2f166feae/1/AEqFs_aQKlX_kxxiyZKI-l4UqEk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/167b5f-2d68-46c8-90f5-9ed2f166feae/1/tw5BThm3o1QYozoa-ezK0W4j6N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.152.0/21
                  185.118.68.0/24
                IPv6:
                  2a01:45c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:36:cb:24:66:c6:75:bf:0b:64:f0:b2:4f:21:5b:2a:9f:4d:
         68:a8:74:a5:33:53:f0:a9:39:f4:4f:50:c9:b5:d0:43:21:a4:
         c5:6e:a9:75:12:df:b6:d8:31:8c:1b:38:4c:27:71:9e:06:60:
         a5:10:e3:8a:42:cd:ca:d6:57:e8:cf:7e:b1:5f:d4:be:3f:af:
         be:ea:ef:a2:c2:c0:80:d6:66:4d:f1:e6:6c:e5:ce:f4:12:aa:
         42:36:60:e5:77:36:19:5f:b9:8b:b2:e6:39:44:70:70:5c:ec:
         a5:fd:29:1e:2e:5c:11:23:9b:86:b0:4c:64:a1:6d:ec:ed:f9:
         59:ac:c5:22:8a:bd:97:4d:1c:af:fd:da:c5:b7:cd:a0:31:7f:
         49:d4:80:83:b5:32:e7:ed:3d:51:62:77:10:7d:b6:54:33:d8:
         2d:9e:b2:3e:56:43:77:2c:96:5e:7a:9a:be:b0:9e:77:8c:9a:
         e3:6c:95:50:3f:9d:60:d0:21:f3:13:34:d9:54:bc:64:46:51:
         0a:9f:f5:ec:5c:55:00:1e:af:03:4c:d2:f6:84:13:52:6e:2f:
         81:b3:9d:29:7c:8c:33:c8:e0:ae:f4:48:c8:c8:f6:d2:16:0c:
         75:c8:65:a3:15:93:80:0a:6a:9f:21:c8:63:64:eb:9a:a1:81:
         98:3b:72:f6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDYTr7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzBlNDE0ZTE5YjdhMzU0MThhMzNhMWFmOWVjY2FkMTZlMjNlOGRmMB4XDTIyMDEw
MTEyNTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0YTg1YjNmNjkw
MmE1NWZmOTMxYzYyYzk5Mjg4ZmE1ZTE0YTg0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSaVoDNx0axRsZdUGAOpYOPbJLGxwpqP/cFwDSOoafB9t3q
CGYW7Frs7UZprb1dkcF1To5FRKPekzwN6u2L0GFvH58ZtZiSN7DsVEz3juMYsO7I
jQgVa6qHdoZABCTAHguem3ZCPzJUT06HNeAYgm9/b8CSNQ3klIxHSFMPnS2J1sr8
FedeBr058m5xSuPFa+plim9lU7QsF90NLuGhEJ5Gdx7pyNMKWkta3vWWidGKgmbv
MXUj9feAJNoaQWNrOKLuMnwDjkbYJd3BG2ZEZwrIK9MzivyaTMQg1ov8OcYeVtzc
krpxvY5mk4WBQ1vPPSlmHTKR/93Fg7eaiiqI7ukCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQASoWz9pAqVf+THGLJkoj6XhSoSTAfBgNVHSMEGDAWgBS3DkFOGbejVBij
Ohr57MrRbiPo3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R3NUJUaG0zbzFRWW96b2EtZXpLMFc0ajZOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvMTY3YjVmLTJkNjgtNDZjOC05MGY1LTllZDJmMTY2ZmVhZS8x
L0FFcUZzX2FRS2xYX2t4eGl5WktJLWw0VXFFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
MTY3YjVmLTJkNjgtNDZjOC05MGY1LTllZDJmMTY2ZmVhZS8xL3R3NUJUaG0zbzFR
WW96b2EtZXpLMFc0ajZOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwUqmAMEALl2RDANBAIAAjAHAwUA
KgFFwDANBgkqhkiG9w0BAQsFAAOCAQEAZTbLJGbGdb8LZPCyTyFbKp9NaKh0pTNT
8Kk59E9QybXQQyGkxW6pdRLfttgxjBs4TCdxngZgpRDjikLNytZX6M9+sV/Uvj+v
vurvosLAgNZmTfHmbOXO9BKqQjZg5Xc2GV+5i7LmOURwcFzspf0pHi5cESObhrBM
ZKFt7O35WazFIoq9l00cr/3axbfNoDF/SdSAg7Uy5+09UWJ3EH22VDPYLZ6yPlZD
dyyWXnqavrCed4ya42yVUD+dYNAh8xM02VS8ZEZRCp/17FxVAB6vA0zS9oQTUm4v
gbOdKXyMM8jgrvRIyMj20hYMdchloxWTgApqnyHIY2TrmqGBmDty9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:44 2024 by rpki-client on console-ams.rpki-client.org