Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/d65uNDUbiBMYBahdj0LpJeY3VCw.roa
File:                     d65uNDUbiBMYBahdj0LpJeY3VCw.roa (raw, json)
Hash identifier:          ShYyNFCpDx87IfpSwv1l4fk5XEbPm2uaMPBb+Uu/Pbs=
Subject key identifier:   77:AE:6E:34:35:1B:88:13:18:05:A8:5D:8F:42:E9:25:E6:37:54:2C
Certificate issuer:       /CN=56575b2c30070a09b2fcb98e9845503533d76d88
Certificate serial:       02CE0CFC
Authority key identifier: 56:57:5B:2C:30:07:0A:09:B2:FC:B9:8E:98:45:50:35:33:D7:6D:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VldbLDAHCgmy_LmOmEVQNTPXbYg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/d65uNDUbiBMYBahdj0LpJeY3VCw.roa
Signing time:             Sat 01 Jan 2022 04:57:24 +0000
ROA not before:           Sat 01 Jan 2022 04:57:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42263
IP address blocks:        5.253.192.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47058172 (0x2ce0cfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56575b2c30070a09b2fcb98e9845503533d76d88
        Validity
            Not Before: Jan  1 04:57:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77ae6e34351b88131805a85d8f42e925e637542c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:cb:71:73:16:ac:f8:86:d5:31:53:3e:df:ef:
                    e7:d5:22:60:06:fe:c9:c1:04:62:46:a1:16:6c:ea:
                    73:94:ea:22:b2:4b:fa:ce:85:54:fa:ef:20:35:c7:
                    16:a8:d5:ba:62:e0:a1:7e:c5:5b:46:f5:a4:ec:e3:
                    d6:bc:99:38:db:70:2f:cc:f8:66:73:9b:74:29:ad:
                    2b:cd:34:49:41:7c:66:b9:fb:3e:ae:f7:0a:cd:37:
                    9d:41:eb:09:12:dd:ad:c5:9e:9d:ad:02:0c:64:cb:
                    bb:f7:e4:3e:e1:94:cd:c4:8f:c6:a8:f2:3c:b9:66:
                    53:22:22:d9:62:2c:0e:83:1f:f5:55:f9:c7:d6:7c:
                    26:f8:b6:b7:f3:d7:44:22:86:77:d2:31:41:57:2e:
                    3c:c5:ba:46:15:f5:68:77:e9:55:59:d9:5c:d6:12:
                    37:76:a0:46:0a:ed:78:bf:75:c5:2c:94:0f:15:64:
                    6e:86:73:7d:e8:8f:68:51:8c:cc:67:95:ad:9b:75:
                    3d:f1:f0:ff:80:7b:76:69:4f:3d:af:dc:d0:b7:a1:
                    70:dd:0f:42:fe:be:fa:92:f1:a9:cc:31:4b:df:20:
                    be:f4:b9:25:01:01:9c:75:44:9f:0e:4a:1a:d4:9f:
                    ff:a9:06:8a:b5:bd:0e:61:a9:99:07:c8:bd:d9:93:
                    f1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:AE:6E:34:35:1B:88:13:18:05:A8:5D:8F:42:E9:25:E6:37:54:2C
            X509v3 Authority Key Identifier:
                keyid:56:57:5B:2C:30:07:0A:09:B2:FC:B9:8E:98:45:50:35:33:D7:6D:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VldbLDAHCgmy_LmOmEVQNTPXbYg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/d65uNDUbiBMYBahdj0LpJeY3VCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/VldbLDAHCgmy_LmOmEVQNTPXbYg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:b4:eb:d7:8c:6b:42:3a:4e:6b:6f:8e:75:1f:58:e6:3c:ad:
         d3:c8:13:d4:75:d2:61:d3:ed:5c:5b:ab:69:fd:29:0d:d3:07:
         ac:17:c3:54:df:d1:2d:07:8c:28:a3:76:23:4e:e3:e1:94:79:
         6b:99:7a:9b:af:03:3e:1a:14:56:5e:48:d3:d1:c4:65:e1:7c:
         2c:a3:bb:8b:e1:52:ec:74:d1:b5:63:59:99:35:cf:38:28:a1:
         cb:b3:aa:24:e3:86:ad:b2:6c:27:f4:45:b0:3e:65:cd:96:c1:
         b7:e2:65:3f:3c:b0:3d:29:61:7a:44:97:74:b3:57:d0:d5:56:
         73:55:49:fd:85:73:ee:53:bd:95:0f:63:51:77:2f:a7:dc:28:
         04:7e:88:43:c1:cd:7f:55:39:13:49:84:f0:99:5e:22:02:1d:
         49:36:e0:55:72:f4:07:68:41:d9:53:90:54:b5:9a:2f:7f:95:
         19:52:a5:6d:03:4f:b3:8d:c8:2d:9a:c2:76:13:e6:75:4f:ea:
         10:b0:e5:92:72:c1:4f:3e:5b:a1:5c:2b:56:8d:eb:c9:c9:46:
         e4:f2:36:01:03:42:df:b7:07:3e:4a:77:1f:97:6d:70:f0:eb:
         c4:07:6d:1c:08:88:16:57:1b:bb:01:5a:e0:e9:b4:77:e0:a8:
         78:82:d9:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAs4M/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjU3NWIyYzMwMDcwYTA5YjJmY2I5OGU5ODQ1NTAzNTMzZDc2ZDg4MB4XDTIyMDEw
MTA0NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdhZTZlMzQzNTFi
ODgxMzE4MDVhODVkOGY0MmU5MjVlNjM3NTQyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO7LcXMWrPiG1TFTPt/v59UiYAb+ycEEYkahFmzqc5TqIrJL
+s6FVPrvIDXHFqjVumLgoX7FW0b1pOzj1ryZONtwL8z4ZnObdCmtK800SUF8Zrn7
Pq73Cs03nUHrCRLdrcWena0CDGTLu/fkPuGUzcSPxqjyPLlmUyIi2WIsDoMf9VX5
x9Z8Jvi2t/PXRCKGd9IxQVcuPMW6RhX1aHfpVVnZXNYSN3agRgrteL91xSyUDxVk
boZzfeiPaFGMzGeVrZt1PfHw/4B7dmlPPa/c0LehcN0PQv6++pLxqcwxS98gvvS5
JQEBnHVEnw5KGtSf/6kGirW9DmGpmQfIvdmT8WUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3rm40NRuIExgFqF2PQukl5jdULDAfBgNVHSMEGDAWgBRWV1ssMAcKCbL8
uY6YRVA1M9dtiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZsZGJMREFIQ2dteV9MbU9tRVZRTlRQWGJZZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvZDBmYzhiLWM4ZWQtNGM5MC05ZDU5LTNjZGFjZWY4Nzc2ZS8x
L2Q2NXVORFViaUJNWUJhaGRqMExwSmVZM1ZDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ZDBmYzhiLWM4ZWQtNGM5MC05ZDU5LTNjZGFjZWY4Nzc2ZS8xL1ZsZGJMREFIQ2dt
eV9MbU9tRVZRTlRQWGJZZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX9wDANBgkqhkiG9w0BAQsFAAOC
AQEAJ7Tr14xrQjpOa2+OdR9Y5jyt08gT1HXSYdPtXFuraf0pDdMHrBfDVN/RLQeM
KKN2I07j4ZR5a5l6m68DPhoUVl5I09HEZeF8LKO7i+FS7HTRtWNZmTXPOCihy7Oq
JOOGrbJsJ/RFsD5lzZbBt+JlPzywPSlhekSXdLNX0NVWc1VJ/YVz7lO9lQ9jUXcv
p9woBH6IQ8HNf1U5E0mE8JleIgIdSTbgVXL0B2hB2VOQVLWaL3+VGVKlbQNPs43I
LZrCdhPmdU/qELDlknLBTz5boVwrVo3ryclG5PI2AQNC37cHPkp3H5dtcPDrxAdt
HAiIFlcbuwFa4Om0d+CoeILZ2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org