Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/f71b97-3ae3-449a-b9d7-f90abf687a55/1/t0Mgu2fTlN6-5aKoeVYwRR5MLXY.roa
File:                     t0Mgu2fTlN6-5aKoeVYwRR5MLXY.roa (raw, json)
Hash identifier:          ldH69ryaH+slvZkKflEDeIEhYK3WCcQWyOu+sl3tJ7g=
Subject key identifier:   B7:43:20:BB:67:D3:94:DE:BE:E5:A2:A8:79:56:30:45:1E:4C:2D:76
Certificate issuer:       /CN=e25e966af2f6b700f0aa5a742e83fc61863614e0
Certificate serial:       03531720
Authority key identifier: E2:5E:96:6A:F2:F6:B7:00:F0:AA:5A:74:2E:83:FC:61:86:36:14:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4l6WavL2twDwqlp0LoP8YYY2FOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/f71b97-3ae3-449a-b9d7-f90abf687a55/1/t0Mgu2fTlN6-5aKoeVYwRR5MLXY.roa
Signing time:             Sat 01 Jan 2022 04:55:42 +0000
ROA not before:           Sat 01 Jan 2022 04:55:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        2001:67c:67c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55777056 (0x3531720)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e25e966af2f6b700f0aa5a742e83fc61863614e0
        Validity
            Not Before: Jan  1 04:55:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b74320bb67d394debee5a2a8795630451e4c2d76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bb:9f:cc:d5:04:ce:4c:c0:3a:5f:9d:71:2c:
                    06:74:07:3e:87:94:d3:90:fc:0b:d9:6c:d2:4f:66:
                    40:a7:fe:9a:52:5d:23:ee:ad:88:7d:25:14:49:30:
                    24:c8:8b:be:9c:e9:d9:d7:cf:17:29:2e:93:c2:77:
                    f2:82:26:07:bc:83:01:3d:3c:38:9e:f7:18:cf:b5:
                    c8:95:50:84:e1:05:12:8e:5a:af:71:79:93:45:16:
                    61:d6:73:ec:b8:45:e6:f0:3e:ef:d0:28:1c:00:ea:
                    fa:2a:27:db:a0:10:dd:65:05:f6:09:54:b6:cb:f1:
                    5d:5c:8c:bb:7e:eb:87:95:20:a4:18:ac:73:a3:d4:
                    ec:f2:1a:be:27:05:c8:72:44:28:39:c6:59:78:b8:
                    ac:08:1e:41:6b:62:71:ed:23:16:e6:f2:dc:13:01:
                    94:ab:f5:cd:59:fe:60:9d:1c:2b:70:b9:97:83:35:
                    3b:ca:e2:0d:54:37:d7:84:51:31:74:f2:b4:7b:2a:
                    fa:02:72:ee:f7:ff:9f:b3:57:49:7f:a4:78:4a:3b:
                    9a:be:0c:cc:83:d0:dc:e7:80:f2:e8:50:d4:0b:96:
                    65:7b:f4:48:ec:92:e8:cd:dc:82:ad:22:70:58:c2:
                    5b:02:43:c7:59:33:46:1d:ac:c1:44:e5:0d:fa:52:
                    8c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:43:20:BB:67:D3:94:DE:BE:E5:A2:A8:79:56:30:45:1E:4C:2D:76
            X509v3 Authority Key Identifier:
                keyid:E2:5E:96:6A:F2:F6:B7:00:F0:AA:5A:74:2E:83:FC:61:86:36:14:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4l6WavL2twDwqlp0LoP8YYY2FOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/f71b97-3ae3-449a-b9d7-f90abf687a55/1/t0Mgu2fTlN6-5aKoeVYwRR5MLXY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/f71b97-3ae3-449a-b9d7-f90abf687a55/1/4l6WavL2twDwqlp0LoP8YYY2FOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:67c::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:a6:2c:a8:25:18:55:49:f8:dd:ac:aa:74:2c:22:bd:b7:aa:
         f1:29:55:53:69:42:4a:bd:e7:20:6e:04:4c:40:24:b7:51:94:
         77:f9:b0:5b:69:80:76:95:df:9c:f6:7d:dc:d9:ec:6e:ea:88:
         ad:c1:b6:79:73:93:27:3c:bb:4b:83:4a:bd:11:10:cc:cf:8b:
         46:83:f0:e4:f5:48:fb:e5:13:25:8f:e7:20:1f:09:bb:5a:ff:
         29:73:8d:76:b0:a7:eb:ee:20:b5:53:02:cc:01:55:ee:76:8c:
         97:a1:6e:b2:c6:c5:62:b7:52:ad:2c:c0:a1:9c:52:1e:ee:9f:
         27:e9:eb:04:f5:0a:65:69:35:10:02:7b:60:e1:ff:39:41:4b:
         c1:5f:0a:c1:5c:01:54:3e:4b:7a:3a:93:e9:f4:79:97:9a:85:
         7e:7e:32:cd:79:9b:3a:c1:37:ae:4e:63:db:fe:3c:82:7b:f6:
         76:df:06:67:a9:4a:d7:2e:a5:ff:b2:62:6c:31:b8:a1:8a:98:
         4a:e3:45:b6:14:e6:ea:67:18:12:16:16:9b:02:f6:46:b3:d7:
         3f:ce:f6:fb:a4:f2:4d:6e:00:f7:9d:0c:6d:6c:71:aa:3a:b0:
         fd:60:55:5e:98:50:f8:26:f6:8a:cc:55:66:a7:0c:11:00:cb:
         79:cd:11:c1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA1MXIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjVlOTY2YWYyZjZiNzAwZjBhYTVhNzQyZTgzZmM2MTg2MzYxNGUwMB4XDTIyMDEw
MTA0NTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc0MzIwYmI2N2Qz
OTRkZWJlZTVhMmE4Nzk1NjMwNDUxZTRjMmQ3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+7n8zVBM5MwDpfnXEsBnQHPoeU05D8C9ls0k9mQKf+mlJd
I+6tiH0lFEkwJMiLvpzp2dfPFykuk8J38oImB7yDAT08OJ73GM+1yJVQhOEFEo5a
r3F5k0UWYdZz7LhF5vA+79AoHADq+ion26AQ3WUF9glUtsvxXVyMu37rh5UgpBis
c6PU7PIavicFyHJEKDnGWXi4rAgeQWtice0jFuby3BMBlKv1zVn+YJ0cK3C5l4M1
O8riDVQ314RRMXTytHsq+gJy7vf/n7NXSX+keEo7mr4MzIPQ3OeA8uhQ1AuWZXv0
SOyS6M3cgq0icFjCWwJDx1kzRh2swUTlDfpSjH0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS3QyC7Z9OU3r7loqh5VjBFHkwtdjAfBgNVHSMEGDAWgBTiXpZq8va3APCq
WnQug/xhhjYU4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRsNldhdkwydHdEd3FscDBMb1A4WVlZMkZPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvZjcxYjk3LTNhZTMtNDQ5YS1iOWQ3LWY5MGFiZjY4N2E1NS8x
L3QwTWd1MmZUbE42LTVhS29lVll3UlI1TUxYWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
ZjcxYjk3LTNhZTMtNDQ5YS1iOWQ3LWY5MGFiZjY4N2E1NS8xLzRsNldhdkwydHdE
d3FscDBMb1A4WVlZMkZPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwGfDANBgkqhkiG9w0BAQsF
AAOCAQEAHaYsqCUYVUn43ayqdCwivbeq8SlVU2lCSr3nIG4ETEAkt1GUd/mwW2mA
dpXfnPZ93NnsbuqIrcG2eXOTJzy7S4NKvREQzM+LRoPw5PVI++UTJY/nIB8Ju1r/
KXONdrCn6+4gtVMCzAFV7naMl6FussbFYrdSrSzAoZxSHu6fJ+nrBPUKZWk1EAJ7
YOH/OUFLwV8KwVwBVD5LejqT6fR5l5qFfn4yzXmbOsE3rk5j2/48gnv2dt8GZ6lK
1y6l/7JibDG4oYqYSuNFthTm6mcYEhYWmwL2RrPXP872+6TyTW4A950MbWxxqjqw
/WBVXphQ+Cb2isxVZqcMEQDLec0RwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:36 2024 by rpki-client on console-ams.rpki-client.org