Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bb2254-0f86-4081-bdf2-bb588296c6db/1/aPaUyMyohbzAGTU6SZ2GnN4hXc0.roa
File:                     aPaUyMyohbzAGTU6SZ2GnN4hXc0.roa (raw, json)
Hash identifier:          /sKclGrAVEqzTWQdS5aOuG1/V08erb6kUbijwsiJYR4=
Subject key identifier:   68:F6:94:C8:CC:A8:85:BC:C0:19:35:3A:49:9D:86:9C:DE:21:5D:CD
Certificate issuer:       /CN=1f376cf0ddc9b0a4d81328d291339c2614e42026
Certificate serial:       0182D527273C66C8D2A872EE884DD7256764
Authority key identifier: 1F:37:6C:F0:DD:C9:B0:A4:D8:13:28:D2:91:33:9C:26:14:E4:20:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzds8N3JsKTYEyjSkTOcJhTkICY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/bb2254-0f86-4081-bdf2-bb588296c6db/1/aPaUyMyohbzAGTU6SZ2GnN4hXc0.roa
Signing time:             Thu 25 Aug 2022 13:18:09 +0000
ROA not before:           Thu 25 Aug 2022 13:18:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        2a12:7d80::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d5:27:27:3c:66:c8:d2:a8:72:ee:88:4d:d7:25:67:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f376cf0ddc9b0a4d81328d291339c2614e42026
        Validity
            Not Before: Aug 25 13:18:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68f694c8cca885bcc019353a499d869cde215dcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:3b:52:68:c3:1e:ce:e7:02:a3:22:91:33:9f:
                    ab:1e:ed:f1:f6:be:84:18:9c:82:ca:fd:ea:4f:a8:
                    80:c8:2b:41:3e:dc:fe:63:63:65:0c:7a:d1:8e:a1:
                    81:21:04:48:54:e1:96:f0:cb:5d:27:85:2d:0b:d5:
                    8d:6c:d6:3b:e9:a1:d9:3d:1d:55:05:58:ec:c7:42:
                    2e:dd:59:2e:c2:2e:e5:2c:ae:f6:d8:fe:f1:8b:0d:
                    e6:4f:b5:bd:0e:83:34:82:30:a2:a6:f4:22:e7:ed:
                    31:36:3f:fd:1c:d1:23:83:a3:3d:6b:40:62:a8:45:
                    5f:e5:3d:85:41:37:e4:2b:e8:75:40:16:a3:bc:34:
                    6b:f1:37:cc:96:a7:c5:f8:a4:d6:6a:c7:65:aa:5a:
                    f4:70:da:70:9d:d6:e8:54:5a:a8:a8:83:32:c5:8c:
                    f0:72:4b:bc:44:ec:be:37:b4:cd:dc:f8:f6:56:ed:
                    53:26:d5:59:09:70:e8:de:4e:6f:ca:3f:1c:3b:cb:
                    2d:cd:cd:32:34:ae:fa:76:a2:bd:cf:84:db:a0:c5:
                    1c:0a:3d:92:0c:68:5c:b5:3a:1a:7b:be:14:cb:ba:
                    49:34:5c:a0:a1:5a:e7:41:36:c7:1f:8d:42:f7:e6:
                    63:fd:2e:0c:10:bc:29:7a:43:02:c8:63:be:39:20:
                    c3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:F6:94:C8:CC:A8:85:BC:C0:19:35:3A:49:9D:86:9C:DE:21:5D:CD
            X509v3 Authority Key Identifier:
                keyid:1F:37:6C:F0:DD:C9:B0:A4:D8:13:28:D2:91:33:9C:26:14:E4:20:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzds8N3JsKTYEyjSkTOcJhTkICY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bb2254-0f86-4081-bdf2-bb588296c6db/1/aPaUyMyohbzAGTU6SZ2GnN4hXc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bb2254-0f86-4081-bdf2-bb588296c6db/1/Hzds8N3JsKTYEyjSkTOcJhTkICY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:69:56:d0:63:cf:ed:27:c6:18:70:f4:20:d5:14:6d:46:21:
         fd:f9:1a:65:57:43:6a:45:30:10:8f:51:3b:ac:8b:7f:4e:8c:
         01:da:ec:5c:a8:ce:53:e2:39:ee:7b:f9:ff:6c:be:de:81:94:
         98:60:ba:df:3f:ac:37:74:9d:cc:b1:80:2a:de:f1:00:d5:ba:
         c1:43:b1:66:39:9c:17:47:35:33:89:63:31:39:c1:78:42:6c:
         f3:31:d9:1b:9d:b4:a6:94:2d:84:a7:dc:94:84:58:4c:df:73:
         80:61:62:06:48:46:35:80:30:10:70:e9:7d:8d:8f:fa:0d:ba:
         d8:4b:5a:27:ee:9a:a7:bd:d5:df:87:ef:b0:45:79:33:d2:fd:
         1b:91:71:74:5b:37:c9:d5:28:a9:56:76:3c:8e:97:0d:bc:82:
         06:c8:8a:80:42:7b:6b:9b:b4:f6:80:d7:02:24:cc:2f:94:fa:
         55:ff:c5:e0:dd:26:91:72:59:1a:bb:7f:ed:2a:26:48:52:73:
         9b:dd:fb:e4:4d:52:6b:b8:fb:c0:71:1a:c9:b2:7c:68:5b:2e:
         ea:28:a9:1b:01:2c:ff:d2:b3:5e:3e:f8:7b:62:c7:dd:b3:71:
         fc:44:fd:36:ef:e8:97:46:bd:45:f1:e8:88:d3:58:fc:d6:68:
         2e:c4:cd:24
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLVJyc8ZsjSqHLuiE3XJWdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzc2Y2YwZGRjOWIwYTRkODEzMjhkMjkxMzM5YzI2MTRl
NDIwMjYwHhcNMjIwODI1MTMxODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY2OTRjOGNjYTg4NWJjYzAxOTM1M2E0OTlkODY5Y2RlMjE1ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDtSaMMezucCoyKRM5+rHu3x9r6E
GJyCyv3qT6iAyCtBPtz+Y2NlDHrRjqGBIQRIVOGW8MtdJ4UtC9WNbNY76aHZPR1V
BVjsx0Iu3Vkuwi7lLK722P7xiw3mT7W9DoM0gjCipvQi5+0xNj/9HNEjg6M9a0Bi
qEVf5T2FQTfkK+h1QBajvDRr8TfMlqfF+KTWasdlqlr0cNpwndboVFqoqIMyxYzw
cku8ROy+N7TN3Pj2Vu1TJtVZCXDo3k5vyj8cO8stzc0yNK76dqK9z4TboMUcCj2S
DGhctToae74Uy7pJNFygoVrnQTbHH41C9+Zj/S4MELwpekMCyGO+OSDD4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGj2lMjMqIW8wBk1OkmdhpzeIV3NMB8GA1UdIwQY
MBaAFB83bPDdybCk2BMo0pEznCYU5CAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpkczhOM0pzS1RZRXlqU2tUT2NKaFRrSUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9iYjIyNTQtMGY4Ni00MDgxLWJkZjIt
YmI1ODgyOTZjNmRiLzEvYVBhVXlNeW9oYnpBR1RVNlNaMkduTjRoWGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9iYjIyNTQtMGY4Ni00MDgxLWJkZjItYmI1ODgyOTZjNmRi
LzEvSHpkczhOM0pzS1RZRXlqU2tUT2NKaFRrSUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ9gDAN
BgkqhkiG9w0BAQsFAAOCAQEAX2lW0GPP7SfGGHD0INUUbUYh/fkaZVdDakUwEI9R
O6yLf06MAdrsXKjOU+I57nv5/2y+3oGUmGC63z+sN3SdzLGAKt7xANW6wUOxZjmc
F0c1M4ljMTnBeEJs8zHZG520ppQthKfclIRYTN9zgGFiBkhGNYAwEHDpfY2P+g26
2EtaJ+6ap73V34fvsEV5M9L9G5FxdFs3ydUoqVZ2PI6XDbyCBsiKgEJ7a5u09oDX
AiTML5T6Vf/F4N0mkXJZGrt/7SomSFJzm9375E1Sa7j7wHEaybJ8aFsu6iipGwEs
/9KzXj74e2LH3bNx/ET9Nu/ol0a9RfHoiNNY/NZoLsTNJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:50 2024 by rpki-client on console-fra.rpki-client.org