Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/aba05f-83f9-46c3-841f-26e754b42e07/1/yDIjFjd0FcBJtMcCzG6Si2bmdx0.roa
File:                     yDIjFjd0FcBJtMcCzG6Si2bmdx0.roa (raw, json)
Hash identifier:          vfqYs+q1UWHdNjTr6XK+LOwJBfMXxGcyntnqTctyObw=
Subject key identifier:   C8:32:23:16:37:74:15:C0:49:B4:C7:02:CC:6E:92:8B:66:E6:77:1D
Certificate issuer:       /CN=5ba1abf7df1e026646a9ef0a71e8769521bc9f81
Certificate serial:       01850BEE2024629EF3483E73D670A490CA47
Authority key identifier: 5B:A1:AB:F7:DF:1E:02:66:46:A9:EF:0A:71:E8:76:95:21:BC:9F:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W6Gr998eAmZGqe8Kceh2lSG8n4E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/aba05f-83f9-46c3-841f-26e754b42e07/1/yDIjFjd0FcBJtMcCzG6Si2bmdx0.roa
Signing time:             Tue 13 Dec 2022 14:40:33 +0000
ROA not before:           Tue 13 Dec 2022 14:40:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211252
IP address blocks:        45.14.165.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0b:ee:20:24:62:9e:f3:48:3e:73:d6:70:a4:90:ca:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ba1abf7df1e026646a9ef0a71e8769521bc9f81
        Validity
            Not Before: Dec 13 14:40:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8322316377415c049b4c702cc6e928b66e6771d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:51:6e:f1:a6:44:d5:6b:9d:cc:72:be:ed:f8:
                    e2:e9:42:c5:2f:39:af:8a:7f:70:de:8f:d2:fa:d0:
                    4d:aa:81:58:72:6e:a1:29:f9:2c:74:b8:01:54:8b:
                    c2:57:ea:54:a1:70:b5:dd:7e:92:7a:1b:e1:8b:00:
                    a9:ef:06:25:21:c3:fb:42:8b:80:69:83:2b:cb:c4:
                    d2:4c:5f:06:33:8a:ad:6e:2e:fe:09:7d:f8:15:15:
                    e3:2b:91:c8:02:89:06:22:b5:4f:a1:f7:65:79:b2:
                    8b:7e:5c:49:96:9f:22:91:51:de:40:de:d8:20:a0:
                    35:ea:84:6e:aa:9c:6f:53:5e:6d:b5:6f:bc:4c:55:
                    20:e0:ed:37:57:a9:d0:e9:c1:32:a9:16:f6:04:a0:
                    cd:22:0b:55:0d:ad:4a:6c:41:8c:b2:55:f0:10:59:
                    fc:d6:b2:81:77:ae:c2:7f:aa:1f:34:27:0e:3a:f4:
                    60:5d:3e:9e:01:b4:32:cd:e1:b7:91:2e:ed:a4:6d:
                    4f:11:91:84:d3:38:98:fc:c1:7b:d9:90:e4:2c:23:
                    f4:a3:e8:12:22:79:0a:1b:ea:59:cf:d1:36:ce:bc:
                    1b:4d:a5:9f:25:14:ff:be:4a:71:9c:13:ab:f4:10:
                    84:b3:e9:bf:d3:ac:64:3c:b7:f6:43:a3:2a:7c:6e:
                    4d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:32:23:16:37:74:15:C0:49:B4:C7:02:CC:6E:92:8B:66:E6:77:1D
            X509v3 Authority Key Identifier:
                keyid:5B:A1:AB:F7:DF:1E:02:66:46:A9:EF:0A:71:E8:76:95:21:BC:9F:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6Gr998eAmZGqe8Kceh2lSG8n4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/aba05f-83f9-46c3-841f-26e754b42e07/1/yDIjFjd0FcBJtMcCzG6Si2bmdx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/aba05f-83f9-46c3-841f-26e754b42e07/1/W6Gr998eAmZGqe8Kceh2lSG8n4E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:0d:2a:f5:a0:22:3b:89:6b:3f:e3:f2:bf:45:74:ca:92:36:
         2f:9d:dd:4e:32:cb:1b:3d:07:ec:60:e1:bd:af:1d:fe:73:65:
         bd:91:ca:b4:57:65:78:6d:a2:57:b9:90:55:dc:36:6f:4b:a2:
         3b:7b:5c:c9:a2:1b:9d:e9:5c:ca:37:eb:8c:ff:01:3c:41:6e:
         db:7c:bb:38:62:65:47:17:7b:8a:69:7f:ea:a3:9c:f9:a8:6e:
         b8:50:4a:5a:af:e5:2f:46:15:be:07:60:91:80:ed:86:e8:38:
         2d:02:e8:cc:fb:fa:06:48:b3:33:58:c7:5f:ce:b5:6a:64:6b:
         ef:6f:73:55:92:6a:67:73:21:b7:25:9f:ec:a6:6e:32:c0:bd:
         29:58:7c:e8:c4:88:6c:ea:e5:75:b9:54:a0:01:49:1f:db:83:
         77:6d:9f:5a:59:0b:ba:91:a8:5d:19:cf:23:d1:9d:60:f2:69:
         a4:1e:59:e8:6d:79:ba:7b:15:2f:bf:96:55:45:ba:48:43:7d:
         f8:a4:73:3f:e5:40:f8:81:1f:4e:cf:a7:54:cf:ff:29:3e:39:
         54:ce:5f:3c:9a:de:45:0d:46:13:e5:69:e8:aa:a0:01:1c:5f:
         d7:13:03:e1:18:1b:09:64:0b:57:83:07:04:ff:90:f1:da:1b:
         cf:b4:f0:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUL7iAkYp7zSD5z1nCkkMpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYTFhYmY3ZGYxZTAyNjY0NmE5ZWYwYTcxZTg3Njk1MjFi
YzlmODEwHhcNMjIxMjEzMTQ0MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMyMjMxNjM3NzQxNWMwNDliNGM3MDJjYzZlOTI4YjY2ZTY3NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVFu8aZE1WudzHK+7fji6ULFLzmv
in9w3o/S+tBNqoFYcm6hKfksdLgBVIvCV+pUoXC13X6SehvhiwCp7wYlIcP7QouA
aYMry8TSTF8GM4qtbi7+CX34FRXjK5HIAokGIrVPofdlebKLflxJlp8ikVHeQN7Y
IKA16oRuqpxvU15ttW+8TFUg4O03V6nQ6cEyqRb2BKDNIgtVDa1KbEGMslXwEFn8
1rKBd67Cf6ofNCcOOvRgXT6eAbQyzeG3kS7tpG1PEZGE0ziY/MF72ZDkLCP0o+gS
InkKG+pZz9E2zrwbTaWfJRT/vkpxnBOr9BCEs+m/06xkPLf2Q6MqfG5NNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgyIxY3dBXASbTHAsxukotm5ncdMB8GA1UdIwQY
MBaAFFuhq/ffHgJmRqnvCnHodpUhvJ+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZHcjk5OGVBbVpHcWU4S2NlaDJsU0c4bjRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hYmEwNWYtODNmOS00NmMzLTg0MWYt
MjZlNzU0YjQyZTA3LzEveURJakZqZDBGY0JKdE1jQ3pHNlNpMmJtZHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hYmEwNWYtODNmOS00NmMzLTg0MWYtMjZlNzU0YjQyZTA3
LzEvVzZHcjk5OGVBbVpHcWU4S2NlaDJsU0c4bjRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ6lMA0G
CSqGSIb3DQEBCwUAA4IBAQAbDSr1oCI7iWs/4/K/RXTKkjYvnd1OMssbPQfsYOG9
rx3+c2W9kcq0V2V4baJXuZBV3DZvS6I7e1zJohud6VzKN+uM/wE8QW7bfLs4YmVH
F3uKaX/qo5z5qG64UEpar+UvRhW+B2CRgO2G6DgtAujM+/oGSLMzWMdfzrVqZGvv
b3NVkmpncyG3JZ/spm4ywL0pWHzoxIhs6uV1uVSgAUkf24N3bZ9aWQu6kahdGc8j
0Z1g8mmkHlnobXm6exUvv5ZVRbpIQ334pHM/5UD4gR9Oz6dUz/8pPjlUzl88mt5F
DUYT5WnoqqABHF/XEwPhGBsJZAtXgwcE/5Dx2hvPtPBB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:54 2024 by rpki-client on console-ams.rpki-client.org