Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/g_25MMjAsvPX2bpVHj5D5ccZmHs.roa
File:                     g_25MMjAsvPX2bpVHj5D5ccZmHs.roa (raw, json)
Hash identifier:          7OV6+dkgSnc5MMcquykJa/PTzo42vJefxlObCVdhTWc=
Subject key identifier:   83:FD:B9:30:C8:C0:B2:F3:D7:D9:BA:55:1E:3E:43:E5:C7:19:98:7B
Certificate issuer:       /CN=56575b2c30070a09b2fcb98e9845503533d76d88
Certificate serial:       01856C412E152CD79AA9601EBDEDCBE7486F
Authority key identifier: 56:57:5B:2C:30:07:0A:09:B2:FC:B9:8E:98:45:50:35:33:D7:6D:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VldbLDAHCgmy_LmOmEVQNTPXbYg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/g_25MMjAsvPX2bpVHj5D5ccZmHs.roa
Signing time:             Sun 01 Jan 2023 07:34:48 +0000
ROA not before:           Sun 01 Jan 2023 07:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42263
IP address blocks:        5.253.192.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:2e:15:2c:d7:9a:a9:60:1e:bd:ed:cb:e7:48:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56575b2c30070a09b2fcb98e9845503533d76d88
        Validity
            Not Before: Jan  1 07:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83fdb930c8c0b2f3d7d9ba551e3e43e5c719987b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:90:92:66:e5:95:5e:0b:79:cf:d3:52:6b:76:
                    4b:48:81:bf:1b:98:8c:06:79:33:69:92:d0:e5:b2:
                    92:23:27:20:09:ba:c9:bc:a3:d7:e1:a7:19:24:19:
                    d4:1a:50:1a:c1:76:ab:8a:e2:50:c7:40:44:1d:54:
                    e8:42:88:bb:d3:e7:9c:1c:9c:9c:a1:b0:87:01:db:
                    70:fa:e3:75:7d:c7:05:19:a5:f3:b7:ed:d4:59:0b:
                    5f:75:8f:70:5a:54:12:59:1f:a5:5e:ea:ed:ec:bf:
                    52:d7:ee:25:33:08:ad:7e:78:6e:7f:cc:bc:89:a4:
                    22:40:50:36:ba:72:17:b2:49:15:b1:e0:6e:d2:c7:
                    de:84:24:d6:b6:cd:31:e9:16:f9:46:0f:02:70:0b:
                    a0:41:bd:5b:18:63:df:fd:27:8e:0f:0c:2c:c5:3f:
                    83:81:a2:d0:3b:c9:9b:e6:ec:e5:c7:bf:89:6d:9c:
                    8e:74:23:f9:5a:93:fa:c9:81:c9:6a:c3:55:10:2f:
                    ef:5d:56:3b:8a:7c:cf:16:4f:c5:c0:9a:24:1b:bc:
                    f4:22:76:bb:6f:37:9b:dc:a1:e4:bb:71:a6:42:67:
                    87:b1:b3:f4:80:5b:75:f0:3c:53:c5:b9:77:41:05:
                    b7:49:fe:28:8a:58:75:9e:f0:47:07:44:57:3a:a6:
                    2b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FD:B9:30:C8:C0:B2:F3:D7:D9:BA:55:1E:3E:43:E5:C7:19:98:7B
            X509v3 Authority Key Identifier:
                keyid:56:57:5B:2C:30:07:0A:09:B2:FC:B9:8E:98:45:50:35:33:D7:6D:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VldbLDAHCgmy_LmOmEVQNTPXbYg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/g_25MMjAsvPX2bpVHj5D5ccZmHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d0fc8b-c8ed-4c90-9d59-3cdacef8776e/1/VldbLDAHCgmy_LmOmEVQNTPXbYg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:bd:b4:0c:40:18:3f:1a:a6:b9:73:49:80:00:e5:29:56:1f:
         fa:c0:d9:0e:12:c9:c1:a8:2f:31:68:74:52:fd:f7:7b:82:dc:
         d9:86:3d:4a:8e:cf:af:47:92:87:3f:36:fa:34:87:31:81:45:
         d5:db:3f:f2:63:e2:f3:96:12:73:88:a2:17:a3:e2:9d:2f:5c:
         3b:33:8f:9f:b2:0b:60:db:20:b6:45:4a:21:14:a9:04:e2:c1:
         a4:b6:81:fa:05:a8:16:f2:50:e3:31:67:6f:96:f6:8a:d3:00:
         d2:9c:41:99:58:0c:64:98:a3:78:52:ce:fa:18:bc:83:2c:b1:
         66:d9:88:25:47:c4:43:be:a6:45:fd:18:fa:1a:1a:23:f4:c5:
         7e:1a:55:88:72:bc:1a:22:b6:01:bc:03:f3:20:15:13:13:ab:
         bd:45:de:7c:a4:44:10:6d:76:e7:ee:c9:bd:ea:44:7f:15:4c:
         5d:08:72:7c:50:76:15:a1:20:27:91:1e:93:69:9c:4d:26:f1:
         ee:05:77:80:d2:e6:5d:05:3d:72:15:26:96:e0:d0:3c:ac:c2:
         b5:27:bd:c0:20:f0:e8:0f:2a:30:36:91:e3:15:01:07:af:37:
         3a:1f:07:6d:be:35:3d:66:1d:67:ed:f3:d0:89:0c:1c:56:37:
         a9:62:3c:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQS4VLNeaqWAeve3L50hvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTc1YjJjMzAwNzBhMDliMmZjYjk4ZTk4NDU1MDM1MzNk
NzZkODgwHhcNMjMwMTAxMDczNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZkYjkzMGM4YzBiMmYzZDdkOWJhNTUxZTNlNDNlNWM3MTk5ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZCSZuWVXgt5z9NSa3ZLSIG/G5iM
BnkzaZLQ5bKSIycgCbrJvKPX4acZJBnUGlAawXariuJQx0BEHVToQoi70+ecHJyc
obCHAdtw+uN1fccFGaXzt+3UWQtfdY9wWlQSWR+lXurt7L9S1+4lMwitfnhuf8y8
iaQiQFA2unIXskkVseBu0sfehCTWts0x6Rb5Rg8CcAugQb1bGGPf/SeODwwsxT+D
gaLQO8mb5uzlx7+JbZyOdCP5WpP6yYHJasNVEC/vXVY7inzPFk/FwJokG7z0Ina7
bzeb3KHku3GmQmeHsbP0gFt18DxTxbl3QQW3Sf4oilh1nvBHB0RXOqYrqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIP9uTDIwLLz19m6VR4+Q+XHGZh7MB8GA1UdIwQY
MBaAFFZXWywwBwoJsvy5jphFUDUz122IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxkYkxEQUhDZ215X0xtT21FVlFOVFBYYllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kMGZjOGItYzhlZC00YzkwLTlkNTkt
M2NkYWNlZjg3NzZlLzEvZ18yNU1NakFzdlBYMmJwVkhqNUQ1Y2NabUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kMGZjOGItYzhlZC00YzkwLTlkNTktM2NkYWNlZjg3NzZl
LzEvVmxkYkxEQUhDZ215X0xtT21FVlFOVFBYYllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3AMA0G
CSqGSIb3DQEBCwUAA4IBAQBIvbQMQBg/Gqa5c0mAAOUpVh/6wNkOEsnBqC8xaHRS
/fd7gtzZhj1Kjs+vR5KHPzb6NIcxgUXV2z/yY+LzlhJziKIXo+KdL1w7M4+fsgtg
2yC2RUohFKkE4sGktoH6BagW8lDjMWdvlvaK0wDSnEGZWAxkmKN4Us76GLyDLLFm
2YglR8RDvqZF/Rj6Ghoj9MV+GlWIcrwaIrYBvAPzIBUTE6u9Rd58pEQQbXbn7sm9
6kR/FUxdCHJ8UHYVoSAnkR6TaZxNJvHuBXeA0uZdBT1yFSaW4NA8rMK1J73AIPDo
DyowNpHjFQEHrzc6HwdtvjU9Zh1n7fPQiQwcVjepYjzs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org