Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/zH059VcBM1C0xbvceGUa6mCDIxM.roa
File:                     zH059VcBM1C0xbvceGUa6mCDIxM.roa (raw, json)
Hash identifier:          oxqMeFAeDSrmzGzvLQhy5P+735HnNTgsEGrzQh7vS0g=
Subject key identifier:   CC:7D:39:F5:57:01:33:50:B4:C5:BB:DC:78:65:1A:EA:60:83:23:13
Certificate issuer:       /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial:       018CC348DB5A1ED54E49ACC6B3589CA5A9AB
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/zH059VcBM1C0xbvceGUa6mCDIxM.roa
Signing time:             Mon 01 Jan 2024 04:29:41 +0000
ROA not before:           Mon 01 Jan 2024 04:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8289
IP address blocks:        5.157.4.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:db:5a:1e:d5:4e:49:ac:c6:b3:58:9c:a5:a9:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6327607563493337687ad69ce1064e636265be3f
        Validity
            Not Before: Jan  1 04:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc7d39f557013350b4c5bbdc78651aea60832313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:19:ec:16:85:1f:63:9d:3d:b5:f2:78:74:9e:
                    1b:f2:00:b3:8c:f5:5f:fc:9e:72:d7:e8:52:46:06:
                    d7:38:cd:e6:a6:df:5a:e0:88:06:e0:a9:75:6e:ad:
                    bb:ab:d1:4d:e9:8b:71:5e:e8:c5:2b:bb:e3:d7:a3:
                    1b:b8:91:18:91:e8:a7:ee:e1:21:54:ad:93:88:6e:
                    a5:15:b4:73:87:4b:ec:05:f0:97:4f:5d:74:c0:9c:
                    0a:da:2b:08:46:2a:da:d8:ad:1a:3b:8e:89:99:ad:
                    f8:41:de:4d:8e:78:eb:b7:b5:0e:db:07:a8:0f:43:
                    c8:16:ea:46:15:2a:b8:c4:7a:0f:57:d3:1c:70:f2:
                    8f:65:6e:7e:8d:26:66:4e:ae:0b:d8:22:c3:e2:4d:
                    9d:6f:05:cf:aa:02:3e:4e:2b:24:f5:ad:24:22:42:
                    65:7f:07:38:39:c9:2e:e3:de:5d:79:9b:e3:13:00:
                    cb:db:33:58:7d:f8:d4:a1:d5:00:37:22:d2:98:49:
                    7e:51:b7:a8:a3:69:e8:79:62:22:2d:ce:c7:56:e2:
                    8e:8b:9b:55:b6:8d:03:60:96:a0:ca:c0:d6:81:14:
                    23:69:44:ed:fc:0e:b3:b5:c3:2f:0f:1d:16:6e:d4:
                    63:5b:13:53:46:a0:66:c0:3d:f4:6e:6a:cb:55:9f:
                    3f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:7D:39:F5:57:01:33:50:B4:C5:BB:DC:78:65:1A:EA:60:83:23:13
            X509v3 Authority Key Identifier:
                keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/zH059VcBM1C0xbvceGUa6mCDIxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.157.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:44:df:ff:68:86:1f:53:94:4a:f2:ae:67:2b:61:0c:f1:8a:
         b0:0f:4d:11:6a:8b:83:21:e5:b4:f8:0d:94:f0:d7:18:89:c8:
         bb:07:b7:05:90:23:8b:35:ea:d7:3f:af:01:55:8f:a0:67:ed:
         ce:b8:09:08:1c:d4:86:94:bf:e9:64:c9:1f:b5:b2:19:0a:64:
         e9:28:c7:2e:6e:54:b7:1b:44:04:02:75:40:17:a2:92:a9:83:
         6c:39:6f:d1:65:ad:e4:cb:3c:42:c0:fb:c0:f5:a5:7e:82:a6:
         4c:93:63:ee:5a:c2:54:54:34:31:1d:76:35:25:59:73:13:bf:
         87:1c:10:db:ff:6d:fd:c5:22:b8:7e:46:c7:8c:f6:8c:97:00:
         5e:a1:8f:ea:5f:bb:81:1b:95:48:12:87:9c:08:f7:40:d7:87:
         5e:3d:02:9d:23:8a:66:25:a2:11:42:91:a6:0a:3b:af:0e:02:
         e8:ab:f8:1f:10:cf:ac:b0:cd:43:3f:e1:38:13:6b:82:9f:30:
         f6:70:92:5d:e2:a7:b5:2f:18:87:45:c2:6e:39:cf:6e:87:cd:
         1a:47:46:df:43:af:fa:ca:95:d0:b9:f4:49:fa:26:f3:88:cf:
         68:f7:65:7d:ed:3b:4d:3f:5e:34:3f:d0:7d:e6:c4:b6:75:20:
         52:82:9e:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNtaHtVOSazGs1icpamrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdkMzlmNTU3MDEzMzUwYjRjNWJiZGM3ODY1MWFlYTYwODMyMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBnsFoUfY509tfJ4dJ4b8gCzjPVf
/J5y1+hSRgbXOM3mpt9a4IgG4Kl1bq27q9FN6YtxXujFK7vj16MbuJEYkein7uEh
VK2TiG6lFbRzh0vsBfCXT110wJwK2isIRira2K0aO46Jma34Qd5Njnjrt7UO2weo
D0PIFupGFSq4xHoPV9MccPKPZW5+jSZmTq4L2CLD4k2dbwXPqgI+Tisk9a0kIkJl
fwc4Ocku495deZvjEwDL2zNYffjUodUANyLSmEl+Ubeoo2noeWIiLc7HVuKOi5tV
to0DYJagysDWgRQjaUTt/A6ztcMvDx0WbtRjWxNTRqBmwD30bmrLVZ8/BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMx9OfVXATNQtMW73HhlGupggyMTMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvekgwNTlWY0JNMUMweGJ2Y2VHVWE2bUNESXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZ0EMA0G
CSqGSIb3DQEBCwUAA4IBAQBtRN//aIYfU5RK8q5nK2EM8YqwD00RaouDIeW0+A2U
8NcYici7B7cFkCOLNerXP68BVY+gZ+3OuAkIHNSGlL/pZMkftbIZCmTpKMcublS3
G0QEAnVAF6KSqYNsOW/RZa3kyzxCwPvA9aV+gqZMk2PuWsJUVDQxHXY1JVlzE7+H
HBDb/239xSK4fkbHjPaMlwBeoY/qX7uBG5VIEoecCPdA14dePQKdI4pmJaIRQpGm
CjuvDgLoq/gfEM+ssM1DP+E4E2uCnzD2cJJd4qe1LxiHRcJuOc9uh80aR0bfQ6/6
ypXQufRJ+ibziM9o92V97TtNP140P9B95sS2dSBSgp7L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:25 2024 by rpki-client on console-fra.rpki-client.org