Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b06a8b-4077-444e-819f-edf1638850ed/1/IBfxW6xN0X12jtOnZxsayDOZF7Q.roa
File:                     IBfxW6xN0X12jtOnZxsayDOZF7Q.roa (raw, json)
Hash identifier:          76CDfw8IZKHpzeT2wiM5rXsF4JyUbhMiADWHOlBYCEo=
Subject key identifier:   20:17:F1:5B:AC:4D:D1:7D:76:8E:D3:A7:67:1B:1A:C8:33:99:17:B4
Certificate issuer:       /CN=6b99815d0a0bdd8ab82bb0235318db7e73b93dfb
Certificate serial:       019A269D
Authority key identifier: 6B:99:81:5D:0A:0B:DD:8A:B8:2B:B0:23:53:18:DB:7E:73:B9:3D:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5mBXQoL3Yq4K7AjUxjbfnO5Pfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/b06a8b-4077-444e-819f-edf1638850ed/1/IBfxW6xN0X12jtOnZxsayDOZF7Q.roa
Signing time:             Sat 01 Jan 2022 10:57:14 +0000
ROA not before:           Sat 01 Jan 2022 10:57:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:3280::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26879645 (0x19a269d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b99815d0a0bdd8ab82bb0235318db7e73b93dfb
        Validity
            Not Before: Jan  1 10:57:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2017f15bac4dd17d768ed3a7671b1ac8339917b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f9:db:36:43:8f:9f:e1:e6:50:3e:de:7e:2e:
                    ee:3f:8a:09:1c:fc:a3:dc:f7:e7:51:f4:23:3a:66:
                    e4:99:84:67:1b:c7:68:52:ef:52:f0:9f:75:91:57:
                    45:8c:e3:b6:cb:bd:50:c2:46:73:ab:e8:33:ab:50:
                    be:15:72:b1:df:0c:3e:bf:8f:2a:a4:ba:f6:9c:85:
                    22:06:4b:b1:38:c4:48:a9:bc:65:62:e7:30:d3:d3:
                    35:b7:d5:cb:4c:97:0e:ee:71:ae:ec:37:a8:6e:ac:
                    6d:6a:3a:54:a2:1f:2e:bd:e2:ad:ef:d8:48:53:2a:
                    7f:36:62:4a:c6:3a:f5:da:2e:a6:4d:11:8e:49:17:
                    34:28:16:43:00:4f:3d:a2:05:6e:3d:45:c0:34:95:
                    e5:26:c2:52:d0:f8:0e:c7:a8:29:0b:9a:44:aa:7e:
                    5d:82:55:b3:c8:0f:3e:a4:cd:ee:d6:3e:97:2f:bc:
                    67:49:e4:7c:be:81:3c:05:15:6a:ab:9d:d3:ab:ae:
                    0f:c1:1c:c8:48:ff:11:28:0e:af:a5:bd:d7:3f:49:
                    13:6c:5d:40:4c:31:9b:00:60:21:56:5a:42:ef:ef:
                    6d:9e:53:d9:7f:e6:27:1b:2d:4e:f2:ba:75:ff:6d:
                    ad:62:84:ad:77:10:6f:e8:16:d2:d7:66:4a:fd:f2:
                    e8:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:17:F1:5B:AC:4D:D1:7D:76:8E:D3:A7:67:1B:1A:C8:33:99:17:B4
            X509v3 Authority Key Identifier:
                keyid:6B:99:81:5D:0A:0B:DD:8A:B8:2B:B0:23:53:18:DB:7E:73:B9:3D:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5mBXQoL3Yq4K7AjUxjbfnO5Pfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b06a8b-4077-444e-819f-edf1638850ed/1/IBfxW6xN0X12jtOnZxsayDOZF7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b06a8b-4077-444e-819f-edf1638850ed/1/a5mBXQoL3Yq4K7AjUxjbfnO5Pfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:3280::/29

    Signature Algorithm: sha256WithRSAEncryption
         17:0f:40:9e:53:96:2e:05:04:e8:96:50:4a:15:e5:7d:70:5c:
         4a:df:23:65:39:81:4d:3b:42:7d:3c:0c:f6:ed:ca:2d:3d:0b:
         d7:4e:78:e1:70:8b:b5:2d:6d:91:c2:8c:8c:04:b8:48:23:bf:
         94:f2:73:6d:76:56:26:63:a4:62:8a:20:d3:57:da:68:c1:3d:
         e6:ca:ad:d5:e6:29:32:43:cf:6b:15:29:ac:5e:14:e4:3a:34:
         76:c3:15:17:53:cf:83:28:79:a7:74:24:3d:ce:7d:aa:5a:19:
         39:f9:c9:67:31:ef:57:ec:a9:6c:25:28:91:14:2d:2f:98:ea:
         41:21:6a:b3:b8:a8:8a:a2:e0:13:6b:46:9c:b1:7e:dd:c1:b5:
         15:2d:4b:37:4a:eb:60:60:78:23:fc:75:4c:5e:03:e7:7d:ac:
         44:ad:fd:1b:f5:d5:98:d7:98:2f:32:7a:92:e0:ee:6c:69:a2:
         7a:00:b7:dd:5b:d8:07:5b:ab:43:6c:61:2a:ca:5b:6b:94:d5:
         db:d9:d0:d6:72:6f:0d:43:a9:ad:9e:85:01:6d:dd:f4:bd:de:
         58:24:fa:3d:9b:df:df:69:c5:21:92:c8:f2:d4:89:be:55:89:
         c3:8c:a2:0c:58:07:eb:cc:02:4e:25:3f:c8:23:fd:6a:14:fd:
         a9:b4:65:1f
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAZomnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Yjk5ODE1ZDBhMGJkZDhhYjgyYmIwMjM1MzE4ZGI3ZTczYjkzZGZiMB4XDTIyMDEw
MTEwNTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjAxN2YxNWJhYzRk
ZDE3ZDc2OGVkM2E3NjcxYjFhYzgzMzk5MTdiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX52zZDj5/h5lA+3n4u7j+KCRz8o9z351H0Izpm5JmEZxvH
aFLvUvCfdZFXRYzjtsu9UMJGc6voM6tQvhVysd8MPr+PKqS69pyFIgZLsTjESKm8
ZWLnMNPTNbfVy0yXDu5xruw3qG6sbWo6VKIfLr3ire/YSFMqfzZiSsY69doupk0R
jkkXNCgWQwBPPaIFbj1FwDSV5SbCUtD4DseoKQuaRKp+XYJVs8gPPqTN7tY+ly+8
Z0nkfL6BPAUVaqud06uuD8EcyEj/ESgOr6W91z9JE2xdQEwxmwBgIVZaQu/vbZ5T
2X/mJxstTvK6df9trWKErXcQb+gW0tdmSv3y6JUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQgF/FbrE3RfXaO06dnGxrIM5kXtDAfBgNVHSMEGDAWgBRrmYFdCgvdirgr
sCNTGNt+c7k9+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E1bUJYUW9MM1lxNEs3QWpVeGpiZm5PNVBmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvYjA2YThiLTQwNzctNDQ0ZS04MTlmLWVkZjE2Mzg4NTBlZC8x
L0lCZnhXNnhOMFgxMmp0T25aeHNheURPWkY3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
YjA2YThiLTQwNzctNDQ0ZS04MTlmLWVkZjE2Mzg4NTBlZC8xL2E1bUJYUW9MM1lx
NEs3QWpVeGpiZm5PNVBmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRMoAwDQYJKoZIhvcNAQELBQAD
ggEBABcPQJ5Tli4FBOiWUEoV5X1wXErfI2U5gU07Qn08DPbtyi09C9dOeOFwi7Ut
bZHCjIwEuEgjv5Tyc212ViZjpGKKINNX2mjBPebKrdXmKTJDz2sVKaxeFOQ6NHbD
FRdTz4Moead0JD3OfapaGTn5yWcx71fsqWwlKJEULS+Y6kEharO4qIqi4BNrRpyx
ft3BtRUtSzdK62BgeCP8dUxeA+d9rESt/Rv11ZjXmC8yepLg7mxponoAt91b2Adb
q0NsYSrKW2uU1dvZ0NZybw1Dqa2ehQFt3fS93lgk+j2b399pxSGSyPLUib5VicOM
ogxYB+vMAk4lP8gj/WoU/am0ZR8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:33 2024 by rpki-client on console-ams.rpki-client.org