Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/_l91lEnJ9r1SOt-NuGkYHcSFaag.roa
File:                     _l91lEnJ9r1SOt-NuGkYHcSFaag.roa (raw, json)
Hash identifier:          E41FHOTeleoJ9UmrN649dhjRKRrXFqN8YiwnOscr1Eo=
Subject key identifier:   FE:5F:75:94:49:C9:F6:BD:52:3A:DF:8D:B8:69:18:1D:C4:85:69:A8
Certificate issuer:       /CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
Certificate serial:       092DBA63
Authority key identifier: 11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/_l91lEnJ9r1SOt-NuGkYHcSFaag.roa
Signing time:             Sat 01 Jan 2022 03:56:37 +0000
ROA not before:           Sat 01 Jan 2022 03:56:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209431
IP address blocks:        139.28.100.0/22 maxlen: 24
                          2a09:540::/29 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153991779 (0x92dba63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
        Validity
            Not Before: Jan  1 03:56:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe5f759449c9f6bd523adf8db869181dc48569a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2b:9a:64:d6:c7:d1:90:22:ec:ff:5f:74:5d:
                    c3:f8:74:1c:37:18:1f:75:bb:c0:a2:3f:1f:01:f1:
                    bf:3b:98:13:b0:39:5d:de:17:9d:f3:2f:d8:09:3a:
                    f7:c0:58:0e:37:96:bd:7b:d8:89:49:e3:ed:01:16:
                    59:da:4d:cd:e6:e4:ed:24:11:ba:95:70:90:17:ca:
                    29:ec:47:4f:6c:1f:d4:fe:47:b9:af:9f:50:74:dc:
                    34:56:1c:58:6e:bb:25:e3:be:9a:0f:04:c2:e2:56:
                    3d:5c:54:cb:d3:9b:78:c5:c3:21:af:ab:ea:f4:9b:
                    34:04:97:af:5b:8a:a6:aa:13:ef:58:38:56:88:72:
                    82:95:28:66:94:ca:68:55:35:37:05:8f:94:40:10:
                    01:ce:a0:43:f0:52:35:69:ca:4f:7b:d8:4b:a7:98:
                    73:8c:c5:11:72:2a:12:e4:f1:6f:25:50:fe:76:73:
                    76:f7:1b:29:18:a7:f1:89:28:76:99:bb:0c:44:b2:
                    33:2b:6e:3f:ca:b3:2e:7d:6f:b6:ec:de:44:62:e3:
                    b9:07:da:c5:e8:28:6d:e3:6e:c8:7a:ed:d2:c5:f7:
                    ce:8a:b4:b0:75:16:55:14:0b:4b:91:8a:0c:ae:87:
                    e5:84:67:e4:cd:48:05:8e:05:17:e8:a5:0e:50:f8:
                    cd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:5F:75:94:49:C9:F6:BD:52:3A:DF:8D:B8:69:18:1D:C4:85:69:A8
            X509v3 Authority Key Identifier:
                keyid:11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/_l91lEnJ9r1SOt-NuGkYHcSFaag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.100.0/22
                IPv6:
                  2a09:540::/29

    Signature Algorithm: sha256WithRSAEncryption
         4e:ef:8e:58:9b:44:55:fd:47:2b:5c:bb:21:02:16:d9:da:5b:
         3b:8d:e0:e6:56:8e:14:8d:f9:c6:70:1f:73:56:91:42:89:c2:
         2e:ff:27:6a:45:98:11:19:6e:ed:0b:63:46:7e:e9:1d:68:09:
         39:2a:98:6e:b7:32:9e:25:b9:de:7c:1c:bc:0e:a2:84:32:9b:
         bd:fa:a5:6d:b6:7d:70:7e:96:08:5c:00:62:69:7a:75:15:9a:
         ff:0d:dd:40:0e:77:f8:a9:0e:5b:c7:c3:7c:2e:79:46:2c:1b:
         09:6c:31:d0:33:43:f8:56:81:aa:91:64:3e:48:87:64:44:a7:
         01:99:cf:2c:c5:d1:e1:45:77:a0:11:b2:aa:23:ad:ba:38:5a:
         d0:0d:39:c8:2f:8a:a7:10:52:b0:9f:da:52:91:16:65:54:34:
         67:56:bc:d0:8b:fd:a0:a6:d1:db:e9:9b:0c:e1:18:0f:3e:4b:
         e3:4b:1e:e4:c5:9b:13:0e:2f:b6:15:af:b9:01:a2:79:4e:01:
         f4:a5:c2:da:0d:94:a6:55:13:29:fc:75:4f:f9:b3:30:7e:fa:
         4a:ad:ef:bd:39:d0:a6:cf:0b:b1:1e:0c:d1:a5:6f:e8:0e:8c:
         20:8b:62:69:70:6f:b6:2e:e5:a1:e6:ef:5a:95:70:f6:3d:f3:
         64:f7:31:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECS26YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTk2Zjg3ZDVkZWNmY2JmMDQ0NTBiNWZjZjY1YjViMzQ1ZjIyNDY0MB4XDTIyMDEw
MTAzNTYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU1Zjc1OTQ0OWM5
ZjZiZDUyM2FkZjhkYjg2OTE4MWRjNDg1NjlhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgrmmTWx9GQIuz/X3Rdw/h0HDcYH3W7wKI/HwHxvzuYE7A5
Xd4XnfMv2Ak698BYDjeWvXvYiUnj7QEWWdpNzebk7SQRupVwkBfKKexHT2wf1P5H
ua+fUHTcNFYcWG67JeO+mg8EwuJWPVxUy9ObeMXDIa+r6vSbNASXr1uKpqoT71g4
VohygpUoZpTKaFU1NwWPlEAQAc6gQ/BSNWnKT3vYS6eYc4zFEXIqEuTxbyVQ/nZz
dvcbKRin8Ykodpm7DESyMytuP8qzLn1vtuzeRGLjuQfaxegobeNuyHrt0sX3zoq0
sHUWVRQLS5GKDK6H5YRn5M1IBY4FF+ilDlD4zaECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT+X3WUScn2vVI63424aRgdxIVpqDAfBgNVHSMEGDAWgBQRlvh9Xez8vwRF
C1/PZbWzRfIkZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VaYjRmVjNzX0w4RVJRdGZ6MlcxczBYeUpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvOGY1ZWYwLTlhMjUtNDk0Ni1hYTcxLTBkMzM5MmE5ZWI5My8x
L19sOTFsRW5KOXIxU090LU51R2tZSGNTRmFhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
OGY1ZWYwLTlhMjUtNDk0Ni1hYTcxLTBkMzM5MmE5ZWI5My8xL0VaYjRmVjNzX0w4
RVJRdGZ6MlcxczBYeUpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAoscZDANBAIAAjAHAwUDKgkFQDAN
BgkqhkiG9w0BAQsFAAOCAQEATu+OWJtEVf1HK1y7IQIW2dpbO43g5laOFI35xnAf
c1aRQonCLv8nakWYERlu7QtjRn7pHWgJOSqYbrcyniW53nwcvA6ihDKbvfqlbbZ9
cH6WCFwAYml6dRWa/w3dQA53+KkOW8fDfC55RiwbCWwx0DND+FaBqpFkPkiHZESn
AZnPLMXR4UV3oBGyqiOtujha0A05yC+KpxBSsJ/aUpEWZVQ0Z1a80Iv9oKbR2+mb
DOEYDz5L40se5MWbEw4vthWvuQGieU4B9KXC2g2UplUTKfx1T/mzMH76Sq3vvTnQ
ps8LsR4M0aVv6A6MIItiaXBvti7loebvWpVw9j3zZPcxMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:52 2024 by rpki-client on console-ams.rpki-client.org