Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/06462d-5aa3-4d6d-b219-80d87fa5eae2/1/pwm2qQj9xfoSrKLcwJSuSndiZIQ.roa
File:                     pwm2qQj9xfoSrKLcwJSuSndiZIQ.roa (raw, json)
Hash identifier:          9nawu+IchLiCnr0LTeGbnbqcWdjEtmhHWtBlO0HTIFk=
Subject key identifier:   A7:09:B6:A9:08:FD:C5:FA:12:AC:A2:DC:C0:94:AE:4A:77:62:64:84
Certificate issuer:       /CN=9e0bba6d2e11171335417caa758189f0cf47a444
Certificate serial:       628D48
Authority key identifier: 9E:0B:BA:6D:2E:11:17:13:35:41:7C:AA:75:81:89:F0:CF:47:A4:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ngu6bS4RFxM1QXyqdYGJ8M9HpEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/06462d-5aa3-4d6d-b219-80d87fa5eae2/1/pwm2qQj9xfoSrKLcwJSuSndiZIQ.roa
Signing time:             Sat 01 Jan 2022 00:52:17 +0000
ROA not before:           Sat 01 Jan 2022 00:52:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        146.19.205.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6458696 (0x628d48)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e0bba6d2e11171335417caa758189f0cf47a444
        Validity
            Not Before: Jan  1 00:52:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a709b6a908fdc5fa12aca2dcc094ae4a77626484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4c:ff:0e:58:13:b5:bb:1c:6f:67:95:26:53:
                    60:2c:4a:31:e6:66:10:20:15:03:fc:3d:ee:9e:15:
                    21:a3:dd:00:a6:62:d1:50:bd:ac:7e:ed:90:4a:5d:
                    b2:10:4c:41:b3:d6:f8:6f:67:f3:63:c7:e7:b1:e6:
                    3f:2e:cc:8a:9d:c5:04:a3:24:26:10:c6:02:56:c2:
                    65:5c:b7:c3:96:8d:c8:f5:38:71:6a:57:47:91:46:
                    9d:aa:9f:b4:2a:8a:93:28:a9:49:1a:b2:d2:57:da:
                    5c:e7:4d:ee:87:3c:2b:09:8d:b0:52:3b:78:c6:0b:
                    2a:34:d1:ed:83:27:f0:8b:dc:a5:4c:af:76:3c:58:
                    11:11:f0:55:bc:bd:af:76:96:68:bc:b9:33:e0:6b:
                    31:bb:57:de:1c:4f:df:f4:36:92:8c:fa:01:af:48:
                    64:c7:77:f6:bb:15:f3:7d:44:5c:60:0b:1c:53:85:
                    f4:7a:5d:ec:e6:76:65:96:af:30:ea:ae:ce:e0:f3:
                    2e:53:df:bb:98:16:a6:30:df:10:39:d2:c7:e0:1f:
                    20:af:21:86:c2:da:ac:ff:13:e7:c6:22:74:7a:a6:
                    aa:48:1d:bb:11:70:31:d2:6f:eb:00:a1:c4:27:98:
                    0e:55:7f:93:75:53:68:c1:c6:1f:b4:3d:7e:8a:dd:
                    5c:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:09:B6:A9:08:FD:C5:FA:12:AC:A2:DC:C0:94:AE:4A:77:62:64:84
            X509v3 Authority Key Identifier:
                keyid:9E:0B:BA:6D:2E:11:17:13:35:41:7C:AA:75:81:89:F0:CF:47:A4:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngu6bS4RFxM1QXyqdYGJ8M9HpEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/06462d-5aa3-4d6d-b219-80d87fa5eae2/1/pwm2qQj9xfoSrKLcwJSuSndiZIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/06462d-5aa3-4d6d-b219-80d87fa5eae2/1/ngu6bS4RFxM1QXyqdYGJ8M9HpEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:32:63:93:db:9e:bc:51:b6:f8:85:41:60:bb:19:7b:0b:31:
         13:ab:66:a9:5c:52:b6:78:62:42:2e:e9:12:b0:5a:46:d0:46:
         5a:52:e8:59:fd:28:49:18:82:5c:f8:1e:61:1b:f3:25:7f:80:
         8e:a4:1d:81:85:6a:4c:7f:f1:d9:a9:cb:79:dc:8c:32:16:fd:
         31:84:dd:1f:d7:2c:a0:6a:34:08:bb:8e:a7:2c:c8:54:03:35:
         e1:ff:ba:f5:c4:9a:15:62:71:8a:8c:a7:9f:40:40:92:6d:aa:
         92:ee:34:25:18:94:12:78:0e:7d:3b:21:a0:13:80:fb:a4:8d:
         db:8e:67:31:28:6b:3d:d0:a8:46:92:a9:5a:b1:87:4a:a7:82:
         c0:5f:93:fd:a3:31:10:50:da:f0:de:cf:c8:d5:f5:0b:a4:0b:
         cf:9d:65:7e:af:6d:e4:10:c0:f8:1b:e1:d8:6a:08:b7:82:9a:
         75:7e:a0:59:ab:c4:39:ff:1d:16:25:9e:04:0d:a6:97:24:05:
         ff:d6:87:b3:88:42:91:55:90:a8:e3:6d:92:b4:0c:ee:b2:42:
         28:e0:a6:44:b6:f8:3c:2e:8f:0c:61:e2:05:36:12:d2:78:8f:
         19:f8:cc:1c:82:5c:56:a7:59:61:b7:21:66:18:65:e7:d6:38:
         18:e7:00:01
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDYo1IMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
MGJiYTZkMmUxMTE3MTMzNTQxN2NhYTc1ODE4OWYwY2Y0N2E0NDQwHhcNMjIwMTAx
MDA1MjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNzA5YjZhOTA4ZmRj
NWZhMTJhY2EyZGNjMDk0YWU0YTc3NjI2NDg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjkz/DlgTtbscb2eVJlNgLEox5mYQIBUD/D3unhUho90ApmLR
UL2sfu2QSl2yEExBs9b4b2fzY8fnseY/LsyKncUEoyQmEMYCVsJlXLfDlo3I9Thx
aldHkUadqp+0KoqTKKlJGrLSV9pc503uhzwrCY2wUjt4xgsqNNHtgyfwi9ylTK92
PFgREfBVvL2vdpZovLkz4Gsxu1feHE/f9DaSjPoBr0hkx3f2uxXzfURcYAscU4X0
el3s5nZllq8w6q7O4PMuU9+7mBamMN8QOdLH4B8gryGGwtqs/xPnxiJ0eqaqSB27
EXAx0m/rAKHEJ5gOVX+TdVNowcYftD1+it1cPwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKcJtqkI/cX6Eqyi3MCUrkp3YmSEMB8GA1UdIwQYMBaAFJ4Lum0uERcTNUF8
qnWBifDPR6REMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bmd1NmJTNFJGeE0xUVh5cWRZR0o4TTlIcEVRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yYy8wNjQ2MmQtNWFhMy00ZDZkLWIyMTktODBkODdmYTVlYWUyLzEv
cHdtMnFRajl4Zm9TcktMY3dKU3VTbmRpWklRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8w
NjQ2MmQtNWFhMy00ZDZkLWIyMTktODBkODdmYTVlYWUyLzEvbmd1NmJTNFJGeE0x
UVh5cWRZR0o4TTlIcEVRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPNMA0GCSqGSIb3DQEBCwUAA4IB
AQDLMmOT2568Ubb4hUFguxl7CzETq2apXFK2eGJCLukSsFpG0EZaUuhZ/ShJGIJc
+B5hG/Mlf4COpB2BhWpMf/HZqct53IwyFv0xhN0f1yygajQIu46nLMhUAzXh/7r1
xJoVYnGKjKefQECSbaqS7jQlGJQSeA59OyGgE4D7pI3bjmcxKGs90KhGkqlasYdK
p4LAX5P9ozEQUNrw3s/I1fULpAvPnWV+r23kEMD4G+HYagi3gpp1fqBZq8Q5/x0W
JZ4EDaaXJAX/1oeziEKRVZCo422StAzuskIo4KZEtvg8Lo8MYeIFNhLSeI8Z+Mwc
glxWp1lhtyFmGGXn1jgY5wAB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:32 2024 by rpki-client on console-ams.rpki-client.org