Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/cAI80qIP1dcaBjTkfXYE_HqwlWo.roa
File:                     cAI80qIP1dcaBjTkfXYE_HqwlWo.roa (raw, json)
Hash identifier:          yXx7WoESVsSpgau0820dseX89WTGRlnssZRbnkWN7H8=
Subject key identifier:   70:02:3C:D2:A2:0F:D5:D7:1A:06:34:E4:7D:76:04:FC:7A:B0:95:6A
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       018221F16076C427BB056872E278454A8D19
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/cAI80qIP1dcaBjTkfXYE_HqwlWo.roa
Signing time:             Thu 21 Jul 2022 18:07:23 +0000
ROA not before:           Thu 21 Jul 2022 18:07:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        141.98.156.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:21:f1:60:76:c4:27:bb:05:68:72:e2:78:45:4a:8d:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Jul 21 18:07:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70023cd2a20fd5d71a0634e47d7604fc7ab0956a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:55:88:b5:29:9e:e4:a9:b9:42:57:4e:25:7a:
                    fe:e3:54:b8:41:5d:f5:05:4f:da:58:a4:28:d9:a5:
                    01:b4:23:b7:d4:41:87:50:92:75:24:3f:fa:52:2d:
                    9a:03:74:08:b4:2b:79:c9:8b:1d:f5:a2:51:dd:22:
                    5a:c5:49:d4:e7:01:bb:53:49:53:8b:8e:f9:c0:f8:
                    f7:36:6d:a2:7c:3a:a3:ed:8c:d7:01:12:4e:86:87:
                    70:6f:72:36:4e:e7:27:ab:6b:50:2f:95:ee:42:70:
                    1e:b3:e5:ae:88:6f:53:26:29:e5:2e:3a:6c:03:19:
                    79:88:59:c4:9b:c1:1a:84:75:7a:c6:13:79:b9:94:
                    03:0a:4c:c1:40:9b:c5:98:5c:72:6b:f5:a3:09:2a:
                    93:a1:2d:83:bc:64:5d:c1:92:14:5f:d5:1e:d5:9a:
                    a7:b7:18:53:06:db:30:82:7a:ea:b7:f4:f1:8d:d4:
                    5c:83:cb:df:00:a9:7c:65:ae:28:8c:5a:2e:c8:06:
                    82:e4:62:ba:a1:13:73:9f:5b:e5:e6:6a:28:d1:9a:
                    da:35:5a:c4:8c:84:66:d7:46:b9:6a:c4:44:00:82:
                    e6:03:62:0b:55:64:76:04:32:68:a7:1d:01:69:87:
                    cc:dd:8e:5e:02:f5:b5:95:d7:c3:5a:73:3e:ed:f1:
                    48:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:02:3C:D2:A2:0F:D5:D7:1A:06:34:E4:7D:76:04:FC:7A:B0:95:6A
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/cAI80qIP1dcaBjTkfXYE_HqwlWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:b2:de:15:82:3f:7a:b6:da:54:5c:42:89:97:e2:63:c9:bb:
         94:3a:e0:5c:bb:3f:2b:5b:f3:24:60:b2:60:e1:8e:82:4e:84:
         3f:d8:04:c6:f3:5e:b3:5a:ae:d4:8d:9f:87:fa:fb:34:6f:f0:
         85:13:25:38:4a:ac:cb:7f:9b:f6:9d:d1:b0:b8:7e:ff:7b:63:
         ed:8b:27:5b:12:26:93:21:d0:35:e9:67:ea:42:e3:5f:f2:38:
         4e:3a:a6:99:a8:8c:1a:22:8c:7a:59:a6:b9:f1:17:61:40:10:
         b2:ce:d7:18:06:a4:0a:56:0d:d6:4b:20:1e:ec:ef:a6:6d:4a:
         d8:fb:f4:46:42:6b:af:c2:55:fa:d6:38:6a:4d:a2:d6:ed:bf:
         12:0b:2c:4d:1e:a3:9a:0c:51:f8:78:66:c1:22:4f:6c:99:ea:
         ef:fc:b1:a4:53:2a:36:5c:71:7b:b2:c9:97:ef:87:73:ab:cc:
         54:b8:14:99:57:6a:30:53:e4:50:c1:78:02:bb:a6:35:34:67:
         a8:cd:3e:e9:d6:3c:77:c8:b3:05:80:e0:71:08:70:5f:59:5e:
         45:11:c9:9e:0e:0c:a3:8c:41:e5:d9:7d:dd:ec:ad:1d:f2:64:
         c8:36:09:02:de:e9:75:22:e2:14:70:7f:fb:22:fb:a2:35:d4:
         91:5e:5c:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIh8WB2xCe7BWhy4nhFSo0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIwNzIxMTgwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDAyM2NkMmEyMGZkNWQ3MWEwNjM0ZTQ3ZDc2MDRmYzdhYjA5NTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1WItSme5Km5QldOJXr+41S4QV31
BU/aWKQo2aUBtCO31EGHUJJ1JD/6Ui2aA3QItCt5yYsd9aJR3SJaxUnU5wG7U0lT
i475wPj3Nm2ifDqj7YzXARJOhodwb3I2Tucnq2tQL5XuQnAes+WuiG9TJinlLjps
Axl5iFnEm8EahHV6xhN5uZQDCkzBQJvFmFxya/WjCSqToS2DvGRdwZIUX9Ue1Zqn
txhTBtswgnrqt/TxjdRcg8vfAKl8Za4ojFouyAaC5GK6oRNzn1vl5moo0ZraNVrE
jIRm10a5asREAILmA2ILVWR2BDJopx0BaYfM3Y5eAvW1ldfDWnM+7fFIowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHACPNKiD9XXGgY05H12BPx6sJVqMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvY0FJODBxSVAxZGNhQmpUa2ZYWUVfSHF3bFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWKcMA0G
CSqGSIb3DQEBCwUAA4IBAQCjst4Vgj96ttpUXEKJl+JjybuUOuBcuz8rW/MkYLJg
4Y6CToQ/2ATG816zWq7UjZ+H+vs0b/CFEyU4SqzLf5v2ndGwuH7/e2PtiydbEiaT
IdA16WfqQuNf8jhOOqaZqIwaIox6Waa58RdhQBCyztcYBqQKVg3WSyAe7O+mbUrY
+/RGQmuvwlX61jhqTaLW7b8SCyxNHqOaDFH4eGbBIk9smerv/LGkUyo2XHF7ssmX
74dzq8xUuBSZV2owU+RQwXgCu6Y1NGeozT7p1jx3yLMFgOBxCHBfWV5FEcmeDgyj
jEHl2X3d7K0d8mTINgkC3ul1IuIUcH/7IvuiNdSRXlxp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:44 2023 by rpki-client on console-ams.rpki-client.org