Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/fcf886-01e9-4bc8-9688-a0ef6c9dc33a/1/XYuqUYxfRI4O5M7c6y4sc9LKXWQ.roa
File:                     XYuqUYxfRI4O5M7c6y4sc9LKXWQ.roa (raw, json)
Hash identifier:          Ga7FMlepC8rlPoH5CCaV9BI1S3IxnzEh9aNP8+1fGs0=
Subject key identifier:   5D:8B:AA:51:8C:5F:44:8E:0E:E4:CE:DC:EB:2E:2C:73:D2:CA:5D:64
Certificate issuer:       /CN=d6794cff35dcbd427fbe7ba2a94333aa8df0a467
Certificate serial:       0185723A3DAE4A9C0F4AD46182D74AFDD7BC
Authority key identifier: D6:79:4C:FF:35:DC:BD:42:7F:BE:7B:A2:A9:43:33:AA:8D:F0:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1nlM_zXcvUJ_vnuiqUMzqo3wpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/fcf886-01e9-4bc8-9688-a0ef6c9dc33a/1/XYuqUYxfRI4O5M7c6y4sc9LKXWQ.roa
Signing time:             Mon 02 Jan 2023 11:24:57 +0000
ROA not before:           Mon 02 Jan 2023 11:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        45.144.128.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:3d:ae:4a:9c:0f:4a:d4:61:82:d7:4a:fd:d7:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6794cff35dcbd427fbe7ba2a94333aa8df0a467
        Validity
            Not Before: Jan  2 11:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d8baa518c5f448e0ee4cedceb2e2c73d2ca5d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:eb:f3:8d:9e:ca:58:3b:23:99:85:7d:af:e1:
                    c5:da:26:7c:58:46:eb:a9:86:f4:ea:a8:2c:10:4d:
                    56:21:da:3a:df:61:cf:e1:11:09:3f:d6:c0:e6:74:
                    9e:5a:13:3c:70:cf:cf:56:13:d3:4a:f3:6a:4f:65:
                    1b:7e:36:ac:5a:4b:be:8f:b9:3b:80:89:30:6b:0e:
                    36:4f:26:29:01:e7:bf:b4:7b:9f:b6:02:0b:14:26:
                    c4:3e:77:22:a9:57:fc:41:21:ce:d3:13:4a:94:a5:
                    9a:30:bd:25:5f:59:15:69:bb:1f:7a:9c:15:8a:81:
                    43:59:7a:74:61:fd:b8:6b:e0:74:d4:54:81:9b:d8:
                    0a:6c:5f:1d:29:3b:32:ae:71:40:fe:df:3d:c6:e8:
                    b3:57:ca:c5:b3:12:bf:fc:38:9e:f4:e0:1e:84:50:
                    e3:e7:82:79:47:f3:d4:a4:e0:cc:60:a2:ee:c0:92:
                    d6:e4:ca:20:d8:f8:ae:ef:9a:57:96:70:99:ce:00:
                    26:70:39:ca:4e:38:3a:4d:30:83:a6:b4:73:90:38:
                    fe:5a:d8:28:61:44:4f:f4:76:be:e7:34:b1:76:52:
                    21:d7:ed:db:cd:1f:0c:ab:f6:e8:88:f5:be:39:a4:
                    22:c4:0a:c9:96:e3:54:ea:09:e1:8d:bb:3c:d1:31:
                    77:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8B:AA:51:8C:5F:44:8E:0E:E4:CE:DC:EB:2E:2C:73:D2:CA:5D:64
            X509v3 Authority Key Identifier:
                keyid:D6:79:4C:FF:35:DC:BD:42:7F:BE:7B:A2:A9:43:33:AA:8D:F0:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nlM_zXcvUJ_vnuiqUMzqo3wpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/fcf886-01e9-4bc8-9688-a0ef6c9dc33a/1/XYuqUYxfRI4O5M7c6y4sc9LKXWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/fcf886-01e9-4bc8-9688-a0ef6c9dc33a/1/1nlM_zXcvUJ_vnuiqUMzqo3wpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:c6:24:6d:17:a8:66:ca:17:bc:f4:2a:d5:66:1d:83:64:bd:
         3d:df:7e:83:69:7b:20:f1:ae:a9:ea:5b:db:97:74:e5:d8:fe:
         42:25:96:1e:03:5a:c5:51:ad:93:17:94:af:28:86:20:03:4c:
         77:90:81:54:f1:6d:9c:86:85:81:26:ae:3a:90:10:92:10:04:
         17:bc:dd:b6:fd:62:f5:a4:fe:3b:1d:0b:6c:6e:35:97:ff:de:
         24:5d:a7:33:59:67:7e:0a:33:1a:9e:2c:43:3c:9a:1e:87:77:
         32:85:ab:a2:da:9c:d0:8c:40:65:6f:37:50:2a:7a:2d:e5:46:
         1a:1e:71:42:26:c9:91:3f:6b:8b:54:93:63:4c:db:35:f4:81:
         ae:5a:96:5a:a8:20:2c:68:a0:24:ee:95:ae:76:54:50:ae:c5:
         22:74:25:b9:8c:55:bf:ed:8c:50:bc:77:be:c9:fa:53:81:bb:
         29:ce:b9:bd:f1:e5:44:6a:e1:a6:86:39:60:9a:d5:ba:c7:ff:
         f6:dd:0e:96:36:e4:dc:bf:0e:6b:b9:40:ef:82:67:0b:f6:27:
         12:e0:b8:ec:ce:87:f5:a7:76:24:de:bc:b5:71:a9:ba:4a:73:
         c2:06:26:3a:6a:3f:4e:b5:b2:e8:c5:03:f8:75:04:29:77:74:
         d1:12:26:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOj2uSpwPStRhgtdK/de8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2Nzk0Y2ZmMzVkY2JkNDI3ZmJlN2JhMmE5NDMzM2FhOGRm
MGE0NjcwHhcNMjMwMTAyMTEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhiYWE1MThjNWY0NDhlMGVlNGNlZGNlYjJlMmM3M2QyY2E1ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+vzjZ7KWDsjmYV9r+HF2iZ8WEbr
qYb06qgsEE1WIdo632HP4REJP9bA5nSeWhM8cM/PVhPTSvNqT2UbfjasWku+j7k7
gIkwaw42TyYpAee/tHuftgILFCbEPnciqVf8QSHO0xNKlKWaML0lX1kVabsfepwV
ioFDWXp0Yf24a+B01FSBm9gKbF8dKTsyrnFA/t89xuizV8rFsxK//Die9OAehFDj
54J5R/PUpODMYKLuwJLW5Mog2Piu75pXlnCZzgAmcDnKTjg6TTCDprRzkDj+Wtgo
YURP9Ha+5zSxdlIh1+3bzR8Mq/boiPW+OaQixArJluNU6gnhjbs80TF3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2LqlGMX0SODuTO3OsuLHPSyl1kMB8GA1UdIwQY
MBaAFNZ5TP813L1Cf757oqlDM6qN8KRnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5sTV96WGN2VUpfdm51aXFVTXpxbzN3cEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mY2Y4ODYtMDFlOS00YmM4LTk2ODgt
YTBlZjZjOWRjMzNhLzEvWFl1cVVZeGZSSTRPNU03YzZ5NHNjOUxLWFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mY2Y4ODYtMDFlOS00YmM4LTk2ODgtYTBlZjZjOWRjMzNh
LzEvMW5sTV96WGN2VUpfdm51aXFVTXpxbzN3cEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZCAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRxiRtF6hmyhe89CrVZh2DZL09336DaXsg8a6p6lvb
l3Tl2P5CJZYeA1rFUa2TF5SvKIYgA0x3kIFU8W2choWBJq46kBCSEAQXvN22/WL1
pP47HQtsbjWX/94kXaczWWd+CjManixDPJoeh3cyhaui2pzQjEBlbzdQKnot5UYa
HnFCJsmRP2uLVJNjTNs19IGuWpZaqCAsaKAk7pWudlRQrsUidCW5jFW/7YxQvHe+
yfpTgbspzrm98eVEauGmhjlgmtW6x//23Q6WNuTcvw5ruUDvgmcL9icS4Ljszof1
p3Yk3ry1cam6SnPCBiY6aj9OtbLoxQP4dQQpd3TREibf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:54 2024 by rpki-client on console-fra.rpki-client.org