Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2ceb1b-b85c-404f-aea3-23293779cb07/1/hdUiDYuUWYXcb2_yeQ1Z2Jt620U.roa
File:                     hdUiDYuUWYXcb2_yeQ1Z2Jt620U.roa (raw, json)
Hash identifier:          xNmR2qLlTn9btqT5Y32w5u6SO2FwJW9Y5Y9hg8C01Nk=
Subject key identifier:   85:D5:22:0D:8B:94:59:85:DC:6F:6F:F2:79:0D:59:D8:9B:7A:DB:45
Certificate issuer:       /CN=16c5b1622770db66d66ca020ed00737d5c6ce9c0
Certificate serial:       0522CBAA
Authority key identifier: 16:C5:B1:62:27:70:DB:66:D6:6C:A0:20:ED:00:73:7D:5C:6C:E9:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FsWxYidw22bWbKAg7QBzfVxs6cA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2ceb1b-b85c-404f-aea3-23293779cb07/1/hdUiDYuUWYXcb2_yeQ1Z2Jt620U.roa
Signing time:             Fri 15 Apr 2022 15:22:28 +0000
ROA not before:           Fri 15 Apr 2022 15:22:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        45.159.23.0/24 maxlen: 25
                          45.159.22.0/24 maxlen: 24
                          45.159.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86166442 (0x522cbaa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16c5b1622770db66d66ca020ed00737d5c6ce9c0
        Validity
            Not Before: Apr 15 15:22:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85d5220d8b945985dc6f6ff2790d59d89b7adb45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:34:da:88:71:bb:56:d8:1b:80:d3:85:85:5e:
                    d7:26:90:28:15:9b:61:89:5b:31:5e:a8:6a:1d:0a:
                    23:84:2f:84:64:41:77:11:0c:b0:c2:27:ca:7c:18:
                    53:4b:6a:88:44:ab:65:bb:db:13:f7:2e:95:de:6b:
                    ea:e5:73:d3:11:a3:ad:ac:0b:1f:2b:c2:03:d3:ce:
                    e1:15:3c:ec:1c:ff:39:fc:20:68:b6:98:ab:51:3d:
                    00:f5:96:ed:08:1b:1d:23:5a:b7:d0:70:06:56:74:
                    36:78:ed:ea:02:34:8c:5c:f5:9f:5e:5b:8d:17:c5:
                    fe:2d:74:9f:46:e2:d3:21:9c:3c:1d:af:8a:93:4f:
                    8e:ce:72:1d:56:84:5c:1a:d1:09:14:84:02:81:1b:
                    4b:33:60:38:1a:c3:a0:dc:d5:c8:ab:6c:49:fb:0c:
                    9e:31:1d:6d:ff:50:15:fa:19:4b:7f:5f:20:d6:ed:
                    b7:03:f2:bb:b4:06:2d:d1:93:ed:2d:80:35:60:8a:
                    c8:14:4f:d9:2d:c0:84:7f:6a:c3:ae:3d:04:bc:3f:
                    ad:74:90:2d:51:40:b5:3a:fc:7b:9c:5f:6b:75:f0:
                    03:98:d8:b5:d1:f5:50:b2:19:2e:15:14:74:cf:52:
                    6b:38:99:4d:0b:8e:23:1b:e4:49:04:84:09:f0:2a:
                    69:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D5:22:0D:8B:94:59:85:DC:6F:6F:F2:79:0D:59:D8:9B:7A:DB:45
            X509v3 Authority Key Identifier:
                keyid:16:C5:B1:62:27:70:DB:66:D6:6C:A0:20:ED:00:73:7D:5C:6C:E9:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FsWxYidw22bWbKAg7QBzfVxs6cA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2ceb1b-b85c-404f-aea3-23293779cb07/1/hdUiDYuUWYXcb2_yeQ1Z2Jt620U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2ceb1b-b85c-404f-aea3-23293779cb07/1/FsWxYidw22bWbKAg7QBzfVxs6cA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.21.0-45.159.23.255

    Signature Algorithm: sha256WithRSAEncryption
         ac:b7:5f:ef:0c:e7:2e:20:d5:f9:77:fa:91:93:ae:f0:a2:23:
         bd:97:b9:ea:2e:92:4a:2e:89:a3:9d:50:24:e9:43:7c:83:f7:
         c1:ce:7a:b5:c5:dc:7b:aa:e3:cc:29:a5:d5:f9:14:9b:89:a6:
         57:e7:02:0e:f9:51:80:6f:1b:bb:e9:90:e3:7a:c1:52:09:40:
         9b:47:03:be:82:cb:71:e4:7f:73:b8:eb:a8:c6:cb:ad:4d:06:
         0f:45:cd:d7:dd:60:0e:d8:3e:9c:c6:1c:66:0c:bb:89:a5:9d:
         63:f3:d2:df:88:3d:88:ad:0f:67:00:8b:a8:6f:7e:87:49:37:
         a6:6a:ab:dc:1b:b2:e5:90:ba:bc:44:a1:e5:f1:5a:06:96:12:
         d4:7d:fa:65:3d:18:3a:71:23:f9:93:f4:b6:04:96:38:c3:87:
         fd:97:95:90:2f:29:09:ab:2b:fd:9b:a0:f6:a8:f1:fd:36:09:
         07:07:be:fb:0f:a6:37:92:84:e3:1d:03:81:8d:11:bf:8d:73:
         97:3b:d7:45:73:9d:ab:1c:9b:57:4d:ab:ee:1b:07:4e:07:17:
         37:a2:bc:38:9c:e9:f3:2f:d5:89:7f:3c:c8:02:9c:0c:eb:82:
         be:71:b1:d0:98:9c:74:bf:a3:30:f2:7f:c3:6e:6a:60:7a:dd:
         00:c1:e5:61
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBSLLqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmM1YjE2MjI3NzBkYjY2ZDY2Y2EwMjBlZDAwNzM3ZDVjNmNlOWMwMB4XDTIyMDQx
NTE1MjIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVkNTIyMGQ4Yjk0
NTk4NWRjNmY2ZmYyNzkwZDU5ZDg5YjdhZGI0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKU02ohxu1bYG4DThYVe1yaQKBWbYYlbMV6oah0KI4QvhGRB
dxEMsMInynwYU0tqiESrZbvbE/culd5r6uVz0xGjrawLHyvCA9PO4RU87Bz/Ofwg
aLaYq1E9APWW7QgbHSNat9BwBlZ0Nnjt6gI0jFz1n15bjRfF/i10n0bi0yGcPB2v
ipNPjs5yHVaEXBrRCRSEAoEbSzNgOBrDoNzVyKtsSfsMnjEdbf9QFfoZS39fINbt
twPyu7QGLdGT7S2ANWCKyBRP2S3AhH9qw649BLw/rXSQLVFAtTr8e5xfa3XwA5jY
tdH1ULIZLhUUdM9SaziZTQuOIxvkSQSECfAqaW8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSF1SINi5RZhdxvb/J5DVnYm3rbRTAfBgNVHSMEGDAWgBQWxbFiJ3DbZtZs
oCDtAHN9XGzpwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZzV3hZaWR3MjJiV2JLQWc3UUJ6ZlZ4czZjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvMmNlYjFiLWI4NWMtNDA0Zi1hZWEzLTIzMjkzNzc5Y2IwNy8x
L2hkVWlEWXVVV1lYY2IyX3llUTFaMkp0NjIwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
MmNlYjFiLWI4NWMtNDA0Zi1hZWEzLTIzMjkzNzc5Y2IwNy8xL0ZzV3hZaWR3MjJi
V2JLQWc3UUJ6ZlZ4czZjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALZ8VAwQDLZ8QMA0GCSqGSIb3
DQEBCwUAA4IBAQCst1/vDOcuINX5d/qRk67woiO9l7nqLpJKLomjnVAk6UN8g/fB
znq1xdx7quPMKaXV+RSbiaZX5wIO+VGAbxu76ZDjesFSCUCbRwO+gstx5H9zuOuo
xsutTQYPRc3X3WAO2D6cxhxmDLuJpZ1j89LfiD2IrQ9nAIuob36HSTemaqvcG7Ll
kLq8RKHl8VoGlhLUffplPRg6cSP5k/S2BJY4w4f9l5WQLykJqyv9m6D2qPH9NgkH
B777D6Y3koTjHQOBjRG/jXOXO9dFc52rHJtXTavuGwdOBxc3orw4nOnzL9WJfzzI
ApwM64K+cbHQmJx0v6Mw8n/Dbmpget0AweVh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:20 2024 by rpki-client on console-ams.rpki-client.org