Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/fBXFslUUpTbGTh1hJsMdkzWkfvk.roa
File:                     fBXFslUUpTbGTh1hJsMdkzWkfvk.roa (raw, json)
Hash identifier:          GdWh/g9MqqkH4BHRm9u9sAnFjReaPLRadd39AA83kB4=
Subject key identifier:   7C:15:C5:B2:55:14:A5:36:C6:4E:1D:61:26:C3:1D:93:35:A4:7E:F9
Certificate issuer:       /CN=00e2d3c08007759394706af74c61d2b0c27662c7
Certificate serial:       091E89D9
Authority key identifier: 00:E2:D3:C0:80:07:75:93:94:70:6A:F7:4C:61:D2:B0:C2:76:62:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/fBXFslUUpTbGTh1hJsMdkzWkfvk.roa
Signing time:             Sat 01 Jan 2022 15:56:14 +0000
ROA not before:           Sat 01 Jan 2022 15:56:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7007
IP address blocks:        204.152.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152996313 (0x91e89d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e2d3c08007759394706af74c61d2b0c27662c7
        Validity
            Not Before: Jan  1 15:56:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c15c5b25514a536c64e1d6126c31d9335a47ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:df:8e:44:81:79:96:9c:d4:be:2b:26:c4:77:
                    5c:ce:69:b2:28:df:5a:71:22:8a:c3:bd:9d:00:3e:
                    f4:cb:f1:04:25:68:db:5b:55:33:7c:70:a9:c3:4d:
                    a2:38:35:8a:ac:01:4e:b3:4a:4a:d1:fa:7e:3a:d5:
                    85:42:40:63:42:a8:52:58:9f:c5:bc:1c:18:4d:4f:
                    08:1c:1a:38:3e:7a:f7:fe:86:ca:e0:e7:f7:73:1c:
                    ad:c2:57:ba:03:2e:88:54:7a:b8:aa:e6:1a:64:a8:
                    aa:1b:ed:de:f3:84:a2:75:cb:c7:1e:e8:4e:34:00:
                    c8:fa:14:9d:27:dc:4e:c2:db:b0:38:0a:5c:47:bc:
                    14:5e:bd:39:9d:08:a6:80:09:9b:5e:d7:da:c4:5a:
                    3e:62:c9:65:2e:19:46:d7:50:25:65:73:6a:14:41:
                    8c:d3:4c:a3:fb:6c:5f:1a:30:75:c7:68:12:de:f7:
                    94:8a:27:00:3b:80:ff:7d:8d:08:5a:30:fb:69:46:
                    5a:4f:62:aa:95:ae:1b:0f:92:13:85:77:9d:9b:2e:
                    06:e6:1d:bc:5e:4b:bb:c5:ae:bb:65:16:f4:7f:32:
                    7d:14:e8:ca:14:b9:d0:e6:6a:cc:e3:03:7c:52:5b:
                    10:41:b9:79:02:06:14:f4:60:c6:47:3a:dd:fb:e2:
                    df:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:15:C5:B2:55:14:A5:36:C6:4E:1D:61:26:C3:1D:93:35:A4:7E:F9
            X509v3 Authority Key Identifier:
                keyid:00:E2:D3:C0:80:07:75:93:94:70:6A:F7:4C:61:D2:B0:C2:76:62:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/fBXFslUUpTbGTh1hJsMdkzWkfvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.152.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:5b:f2:e2:fa:a6:fd:24:d7:c8:75:05:44:78:de:15:eb:fd:
         48:35:65:2d:48:23:ec:f4:41:08:7f:2e:ae:f9:8e:c1:59:39:
         f7:b1:b4:93:5c:5c:f3:03:9d:92:0d:ea:ff:a2:f7:f1:e5:7b:
         6c:93:c9:7f:26:5e:0e:f0:66:81:a3:d6:7a:a3:d2:f4:18:84:
         fd:05:24:0a:6b:94:36:59:ee:b8:35:6c:47:b8:b0:a8:22:2a:
         ce:02:a7:29:42:60:cb:26:f0:c3:95:13:80:08:5e:12:e9:3d:
         01:86:71:9c:6a:76:c4:27:a1:bd:88:90:ec:a3:75:64:a3:2c:
         95:e6:48:0d:04:a2:38:7a:3a:86:76:00:e1:c0:43:37:e0:4e:
         4e:91:3a:60:8e:f5:ec:89:67:f5:c1:8f:9b:f1:3c:da:2f:f3:
         4b:87:e2:71:eb:5d:c5:c6:8d:43:19:10:eb:27:7e:d8:e7:b4:
         44:25:4d:aa:fa:65:a9:df:14:bb:62:43:be:41:11:1f:c9:96:
         03:27:b3:0e:b8:cc:76:44:99:b9:0d:77:a4:4b:f9:ec:df:79:
         e2:13:5d:84:d8:cd:5e:ed:51:4a:07:7a:9c:0c:26:6a:8f:0a:
         f1:b0:65:a8:04:b9:48:d3:63:15:3e:1c:0c:0b:90:be:43:52:
         15:7b:57:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECR6J2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGUyZDNjMDgwMDc3NTkzOTQ3MDZhZjc0YzYxZDJiMGMyNzY2MmM3MB4XDTIyMDEw
MTE1NTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MxNWM1YjI1NTE0
YTUzNmM2NGUxZDYxMjZjMzFkOTMzNWE0N2VmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXfjkSBeZac1L4rJsR3XM5psijfWnEiisO9nQA+9MvxBCVo
21tVM3xwqcNNojg1iqwBTrNKStH6fjrVhUJAY0KoUlifxbwcGE1PCBwaOD569/6G
yuDn93McrcJXugMuiFR6uKrmGmSoqhvt3vOEonXLxx7oTjQAyPoUnSfcTsLbsDgK
XEe8FF69OZ0IpoAJm17X2sRaPmLJZS4ZRtdQJWVzahRBjNNMo/tsXxowdcdoEt73
lIonADuA/32NCFow+2lGWk9iqpWuGw+SE4V3nZsuBuYdvF5Lu8Wuu2UW9H8yfRTo
yhS50OZqzOMDfFJbEEG5eQIGFPRgxkc63fvi37UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8FcWyVRSlNsZOHWEmwx2TNaR++TAfBgNVHSMEGDAWgBQA4tPAgAd1k5Rw
avdMYdKwwnZixzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPTFR3SUFIZFpPVWNHcjNUR0hTc01KMllzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvMzk3ZTA5LTExM2ItNDcwOC1hYThiLTQzOTZhZjdkNzcwOS8x
L2ZCWEZzbFVVcFRiR1RoMWhKc01ka3pXa2Z2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
Mzk3ZTA5LTExM2ItNDcwOC1hYThiLTQzOTZhZjdkNzcwOS8xL0FPTFR3SUFIZFpP
VWNHcjNUR0hTc01KMllzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMyYYjANBgkqhkiG9w0BAQsFAAOC
AQEAaFvy4vqm/STXyHUFRHjeFev9SDVlLUgj7PRBCH8urvmOwVk597G0k1xc8wOd
kg3q/6L38eV7bJPJfyZeDvBmgaPWeqPS9BiE/QUkCmuUNlnuuDVsR7iwqCIqzgKn
KUJgyybww5UTgAheEuk9AYZxnGp2xCehvYiQ7KN1ZKMsleZIDQSiOHo6hnYA4cBD
N+BOTpE6YI717Iln9cGPm/E82i/zS4ficetdxcaNQxkQ6yd+2Oe0RCVNqvplqd8U
u2JDvkERH8mWAyezDrjMdkSZuQ13pEv57N954hNdhNjNXu1RSgd6nAwmao8K8bBl
qAS5SNNjFT4cDAuQvkNSFXtXPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org