Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/j3lZg1rFjQCaBiC7igawrE-JRvQ.roa
File:                     j3lZg1rFjQCaBiC7igawrE-JRvQ.roa (raw, json)
Hash identifier:          5GGW+pK53EvVOdYclDPuh7jbnclACmd+3qiIvlFIemc=
Subject key identifier:   8F:79:59:83:5A:C5:8D:00:9A:06:20:BB:8A:06:B0:AC:4F:89:46:F4
Certificate issuer:       /CN=33918ec7f02cacafe26546be1e1980f9c3a3e890
Certificate serial:       01856DCAE53FA6D8D021032C947ACFCF45B9
Authority key identifier: 33:91:8E:C7:F0:2C:AC:AF:E2:65:46:BE:1E:19:80:F9:C3:A3:E8:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M5GOx_AsrK_iZUa-HhmA-cOj6JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/j3lZg1rFjQCaBiC7igawrE-JRvQ.roa
Signing time:             Sun 01 Jan 2023 14:44:51 +0000
ROA not before:           Sun 01 Jan 2023 14:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:1080::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:e5:3f:a6:d8:d0:21:03:2c:94:7a:cf:cf:45:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33918ec7f02cacafe26546be1e1980f9c3a3e890
        Validity
            Not Before: Jan  1 14:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f7959835ac58d009a0620bb8a06b0ac4f8946f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:22:a8:ec:a9:8a:db:fc:e3:c8:85:8c:eb:7c:
                    93:c3:f3:dd:31:ec:38:31:ef:04:cd:36:21:5f:9c:
                    95:0c:3e:07:f6:69:59:ca:a6:75:8f:69:84:7f:81:
                    a1:9b:89:74:82:74:2e:a5:2f:9e:30:3f:f1:3f:6a:
                    60:4a:07:a3:9f:cf:32:ae:cb:c6:c0:84:86:e5:95:
                    f7:db:20:e8:fe:c6:64:3b:c5:3c:ff:11:34:a7:48:
                    42:33:b7:3a:8b:81:fe:f9:e9:8d:bb:a4:63:fe:2f:
                    3a:50:3f:84:6a:9d:97:ae:29:b0:35:53:a7:40:35:
                    c0:0c:c0:28:19:5d:e7:29:26:74:1c:e4:f4:6d:3d:
                    0f:49:ec:96:af:da:d2:89:05:e0:f7:47:39:45:23:
                    b3:94:ae:3f:f2:f1:52:45:92:62:21:13:aa:60:51:
                    d4:0e:ac:81:cb:7f:01:34:f0:bb:43:42:3e:d3:9f:
                    c1:4b:5a:ae:84:93:f2:24:3a:9c:6e:29:e6:9f:a1:
                    07:cf:29:26:9e:81:18:58:86:5f:ae:eb:80:e8:1a:
                    7e:8c:54:b1:6c:ef:9c:1b:21:f5:3a:f1:ff:56:a6:
                    2d:fd:03:72:36:ea:2b:0f:fa:e1:50:19:d2:3d:cc:
                    b4:01:15:d5:da:16:4c:1a:02:2a:34:6e:25:d8:82:
                    78:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:79:59:83:5A:C5:8D:00:9A:06:20:BB:8A:06:B0:AC:4F:89:46:F4
            X509v3 Authority Key Identifier:
                keyid:33:91:8E:C7:F0:2C:AC:AF:E2:65:46:BE:1E:19:80:F9:C3:A3:E8:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5GOx_AsrK_iZUa-HhmA-cOj6JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/j3lZg1rFjQCaBiC7igawrE-JRvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/M5GOx_AsrK_iZUa-HhmA-cOj6JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:1080::/29

    Signature Algorithm: sha256WithRSAEncryption
         24:22:a9:c6:f2:ed:a6:01:b3:8d:04:9a:29:94:15:e8:b1:3d:
         e6:80:ae:71:58:30:93:e5:2f:f9:66:b4:b3:fd:89:cc:b9:13:
         82:35:ba:13:e6:63:d3:fa:6d:70:30:24:bb:f8:1c:49:c8:27:
         f0:cc:48:01:01:a1:ab:88:5e:b9:e5:60:73:2b:3d:5d:ba:ea:
         0f:b8:6a:d2:15:45:d3:87:d8:24:11:b8:a6:f5:24:cd:a2:3f:
         f6:fd:cc:6f:0f:22:0f:04:56:72:47:d8:8c:37:bd:be:ca:a2:
         cf:4a:02:f3:d5:6c:a8:ad:89:42:64:2b:20:97:3b:40:2a:60:
         71:62:12:77:11:16:bf:10:b2:f1:93:7a:80:06:32:61:58:b7:
         7f:21:15:ed:c5:86:ca:6f:b2:c1:cf:c7:a3:37:50:ed:96:45:
         19:5e:b2:c0:14:86:53:11:38:57:d4:28:1c:68:1b:c3:6e:12:
         73:d3:75:79:e9:ad:4e:4b:fd:b4:fc:82:1f:8e:20:e8:9d:1f:
         14:1d:3a:fb:c2:58:f2:48:2f:73:b3:b9:6e:03:e7:1e:c3:19:
         4d:8c:01:dc:2e:f1:79:fc:76:7c:27:6b:25:a5:e3:3e:c0:e2:
         1e:62:fe:21:60:23:43:40:6f:8b:c5:24:df:ce:64:81:93:f1:
         0a:04:50:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtyuU/ptjQIQMslHrPz0W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOTE4ZWM3ZjAyY2FjYWZlMjY1NDZiZTFlMTk4MGY5YzNh
M2U4OTAwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc5NTk4MzVhYzU4ZDAwOWEwNjIwYmI4YTA2YjBhYzRmODk0NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCKo7KmK2/zjyIWM63yTw/PdMew4
Me8EzTYhX5yVDD4H9mlZyqZ1j2mEf4Ghm4l0gnQupS+eMD/xP2pgSgejn88yrsvG
wISG5ZX32yDo/sZkO8U8/xE0p0hCM7c6i4H++emNu6Rj/i86UD+Eap2XrimwNVOn
QDXADMAoGV3nKSZ0HOT0bT0PSeyWr9rSiQXg90c5RSOzlK4/8vFSRZJiIROqYFHU
DqyBy38BNPC7Q0I+05/BS1quhJPyJDqcbinmn6EHzykmnoEYWIZfruuA6Bp+jFSx
bO+cGyH1OvH/VqYt/QNyNuorD/rhUBnSPcy0ARXV2hZMGgIqNG4l2IJ43wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI95WYNaxY0AmgYgu4oGsKxPiUb0MB8GA1UdIwQY
MBaAFDORjsfwLKyv4mVGvh4ZgPnDo+iQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTVHT3hfQXNyS19pWlVhLUhobUEtY09qNkpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9kMzFlODUtMjc4Ni00ZDkxLWE2OWEt
M2Y1MzU1MDkyYWVjLzEvajNsWmcxckZqUUNhQmlDN2lnYXdyRS1KUnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9kMzFlODUtMjc4Ni00ZDkxLWE2OWEtM2Y1MzU1MDkyYWVj
LzEvTTVHT3hfQXNyS19pWlVhLUhobUEtY09qNkpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJCKpxvLtpgGzjQSaKZQV6LE95oCucVgwk+Uv+Wa0
s/2JzLkTgjW6E+Zj0/ptcDAku/gcScgn8MxIAQGhq4heueVgcys9XbrqD7hq0hVF
04fYJBG4pvUkzaI/9v3Mbw8iDwRWckfYjDe9vsqiz0oC89VsqK2JQmQrIJc7QCpg
cWISdxEWvxCy8ZN6gAYyYVi3fyEV7cWGym+ywc/HozdQ7ZZFGV6ywBSGUxE4V9Qo
HGgbw24Sc9N1eemtTkv9tPyCH44g6J0fFB06+8JY8kgvc7O5bgPnHsMZTYwB3C7x
efx2fCdrJaXjPsDiHmL+IWAjQ0Bvi8Uk385kgZPxCgRQPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:15 2024 by rpki-client on console-fra.rpki-client.org