Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ebe6e8-1a23-47c5-ab1f-acb1bf6b3521/1/1-hAGLTPVbcZI_tKUzFOk0KzUmSU.roa
File:                     1-hAGLTPVbcZI_tKUzFOk0KzUmSU.roa (raw, json)
Hash identifier:          vNjpyM7Dowa5jWdacN8502A1kcEif2SDBFQtsFcFiko=
Subject key identifier:   FA:10:06:2D:33:D5:6D:C6:48:FE:D2:94:CC:53:A4:D0:AC:D4:99:25
Certificate issuer:       /CN=d75834c990fed2b33f25a02c03591758eceb5411
Certificate serial:       036867D0
Authority key identifier: D7:58:34:C9:90:FE:D2:B3:3F:25:A0:2C:03:59:17:58:EC:EB:54:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/11g0yZD-0rM_JaAsA1kXWOzrVBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ebe6e8-1a23-47c5-ab1f-acb1bf6b3521/1/1-hAGLTPVbcZI_tKUzFOk0KzUmSU.roa
Signing time:             Sat 01 Jan 2022 16:05:17 +0000
ROA not before:           Sat 01 Jan 2022 16:05:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58221
IP address blocks:        91.239.80.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57173968 (0x36867d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d75834c990fed2b33f25a02c03591758eceb5411
        Validity
            Not Before: Jan  1 16:05:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa10062d33d56dc648fed294cc53a4d0acd49925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:66:df:5b:e8:6c:f7:d9:2c:5f:f8:80:ac:f9:
                    6e:e7:c2:a2:bf:7b:90:69:36:02:a1:09:8f:09:d5:
                    17:87:af:65:4e:ca:b3:0d:38:96:88:90:d3:42:a5:
                    55:88:97:e3:3f:2f:dc:86:a8:24:b0:4f:ae:76:de:
                    3c:9b:73:c6:88:ac:90:95:2a:88:7d:84:d3:08:86:
                    8a:d2:3c:0c:b7:45:0e:c4:cd:62:d9:02:32:b0:89:
                    bb:de:ce:e9:b4:b1:a2:2d:78:95:b8:1b:8b:5e:51:
                    4e:da:7c:5b:4c:db:26:70:f3:bb:d3:55:53:32:47:
                    2c:f0:14:5f:ac:ad:7d:ef:9f:33:80:7c:10:4f:0d:
                    82:79:3e:d3:50:d1:1e:dc:3c:bb:81:1c:25:66:21:
                    b8:44:bc:04:81:87:b6:9e:c1:dc:49:7b:b6:05:6f:
                    37:9f:05:7d:e6:58:03:02:c1:1d:ba:87:f0:c5:27:
                    1c:ad:4e:a9:9c:19:26:ec:93:84:c1:a9:16:78:af:
                    b5:4a:e6:49:81:80:87:99:ab:1a:d6:af:d0:b9:06:
                    dc:b6:f4:cd:81:08:41:61:2a:db:37:bd:31:2b:8f:
                    49:8f:37:cd:11:60:5d:8f:ec:5e:ca:7c:b2:d4:9c:
                    22:71:88:35:8e:e5:da:21:3b:88:9a:79:27:ae:c6:
                    c7:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:10:06:2D:33:D5:6D:C6:48:FE:D2:94:CC:53:A4:D0:AC:D4:99:25
            X509v3 Authority Key Identifier:
                keyid:D7:58:34:C9:90:FE:D2:B3:3F:25:A0:2C:03:59:17:58:EC:EB:54:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/11g0yZD-0rM_JaAsA1kXWOzrVBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ebe6e8-1a23-47c5-ab1f-acb1bf6b3521/1/1-hAGLTPVbcZI_tKUzFOk0KzUmSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ebe6e8-1a23-47c5-ab1f-acb1bf6b3521/1/11g0yZD-0rM_JaAsA1kXWOzrVBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:79:42:7c:45:37:7e:fc:62:dc:04:a4:22:f1:60:e0:b5:21:
         ee:96:a3:2a:51:81:0a:ab:2f:55:9e:e9:19:5b:c5:c4:71:71:
         1e:3e:da:ae:a1:ee:72:55:f2:dc:f9:22:58:c8:f5:0a:fe:64:
         6d:4b:cb:c1:87:6c:95:96:31:16:1c:97:1d:47:4d:ae:13:fb:
         e3:3d:00:b2:b2:e6:61:cc:39:14:0e:1c:9a:dd:43:78:8b:06:
         75:cc:b4:f4:f4:3f:ca:f6:27:29:b7:04:32:10:d9:82:30:c8:
         90:4b:36:7e:1c:1d:9f:45:23:a4:5a:61:dd:33:1f:d1:91:38:
         ca:9c:87:e8:f3:9d:fa:2e:17:e7:f6:04:9c:18:33:fb:43:9e:
         17:85:95:48:1e:1f:ef:60:b2:9b:91:56:19:17:17:55:62:3c:
         b5:57:78:ef:b8:c8:8f:ad:fb:92:6b:2b:a7:17:e3:6b:b0:35:
         a2:69:5e:a4:d0:5f:db:93:cb:11:45:45:7b:75:86:af:19:4c:
         5f:2a:c9:98:6a:cd:e8:a0:60:8d:43:ba:85:49:3d:11:a9:36:
         13:ef:55:a7:91:7f:3b:0d:98:4f:50:30:6a:b8:89:b7:c9:96:
         89:f5:ea:ae:0c:64:db:77:df:0c:29:92:0c:95:bd:3b:ac:ce:
         47:6e:03:4e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEA2hn0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzU4MzRjOTkwZmVkMmIzM2YyNWEwMmMwMzU5MTc1OGVjZWI1NDExMB4XDTIyMDEw
MTE2MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmExMDA2MmQzM2Q1
NmRjNjQ4ZmVkMjk0Y2M1M2E0ZDBhY2Q0OTkyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9m31vobPfZLF/4gKz5bufCor97kGk2AqEJjwnVF4evZU7K
sw04loiQ00KlVYiX4z8v3IaoJLBPrnbePJtzxoiskJUqiH2E0wiGitI8DLdFDsTN
YtkCMrCJu97O6bSxoi14lbgbi15RTtp8W0zbJnDzu9NVUzJHLPAUX6ytfe+fM4B8
EE8Ngnk+01DRHtw8u4EcJWYhuES8BIGHtp7B3El7tgVvN58FfeZYAwLBHbqH8MUn
HK1OqZwZJuyThMGpFnivtUrmSYGAh5mrGtav0LkG3Lb0zYEIQWEq2ze9MSuPSY83
zRFgXY/sXsp8stScInGINY7l2iE7iJp5J67Gx0kCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6EAYtM9Vtxkj+0pTMU6TQrNSZJTAfBgNVHSMEGDAWgBTXWDTJkP7Ssz8l
oCwDWRdY7OtUETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzExZzB5WkQtMHJNX0phQXNBMWtYV096clZCRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvZWJlNmU4LTFhMjMtNDdjNS1hYjFmLWFjYjFiZjZiMzUyMS8x
LzEtaEFHTFRQVmJjWklfdEtVekZPazBLelVtU1Uucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJj
L2ViZTZlOC0xYTIzLTQ3YzUtYWIxZi1hY2IxYmY2YjM1MjEvMS8xMWcweVpELTBy
TV9KYUFzQTFrWFdPenJWQkUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJb71AwDQYJKoZIhvcNAQELBQAD
ggEBAAh5QnxFN378YtwEpCLxYOC1Ie6WoypRgQqrL1We6RlbxcRxcR4+2q6h7nJV
8tz5IljI9Qr+ZG1Ly8GHbJWWMRYclx1HTa4T++M9ALKy5mHMORQOHJrdQ3iLBnXM
tPT0P8r2Jym3BDIQ2YIwyJBLNn4cHZ9FI6RaYd0zH9GROMqch+jznfouF+f2BJwY
M/tDnheFlUgeH+9gspuRVhkXF1ViPLVXeO+4yI+t+5JrK6cX42uwNaJpXqTQX9uT
yxFFRXt1hq8ZTF8qyZhqzeigYI1DuoVJPRGpNhPvVaeRfzsNmE9QMGq4ibfJlon1
6q4MZNt33wwpkgyVvTuszkduA04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:39 2024 by rpki-client on console-ams.rpki-client.org