Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76104c-42cb-4670-88f2-c6f0c1942bdb/1/_jeKyVaGamr5MhRnGZ5g_GzfZbU.roa
File:                     _jeKyVaGamr5MhRnGZ5g_GzfZbU.roa (raw, json)
Hash identifier:          8XPDcw9QP4/+XOdmDEh1AtFgo2lymuK0KGN4U9xu9zQ=
Subject key identifier:   FE:37:8A:C9:56:86:6A:6A:F9:32:14:67:19:9E:60:FC:6C:DF:65:B5
Certificate issuer:       /CN=df12e2ed43b5a936c2c22e9a1b728e106a1905ed
Certificate serial:       01136FAD
Authority key identifier: DF:12:E2:ED:43:B5:A9:36:C2:C2:2E:9A:1B:72:8E:10:6A:19:05:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3xLi7UO1qTbCwi6aG3KOEGoZBe0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/76104c-42cb-4670-88f2-c6f0c1942bdb/1/_jeKyVaGamr5MhRnGZ5g_GzfZbU.roa
Signing time:             Sat 01 Jan 2022 06:54:58 +0000
ROA not before:           Sat 01 Jan 2022 06:54:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.90.88.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18050989 (0x1136fad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df12e2ed43b5a936c2c22e9a1b728e106a1905ed
        Validity
            Not Before: Jan  1 06:54:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe378ac956866a6af9321467199e60fc6cdf65b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e2:6e:1b:5b:26:41:af:29:47:5e:f1:e1:38:
                    dd:fd:bc:71:1b:1f:4e:4c:15:dc:5b:7f:1a:3c:52:
                    6b:55:2a:38:91:e5:a8:05:b8:36:01:96:2b:b0:05:
                    4f:df:e9:db:9c:30:c0:f3:7b:3e:34:94:f4:7a:f5:
                    be:ab:2f:d3:2d:af:a1:4f:ef:0a:13:2e:89:06:cd:
                    b5:60:30:84:aa:07:05:cc:86:51:84:af:53:25:b2:
                    0e:68:5a:82:6c:80:68:9e:87:9c:27:87:1d:1c:bb:
                    38:70:c6:7f:ff:bd:5a:22:f8:c5:80:59:4c:5f:30:
                    26:31:38:90:1b:95:42:ea:c3:32:74:8a:14:3c:99:
                    70:8c:b8:a5:30:01:71:f3:52:33:fa:58:15:88:4b:
                    f5:fa:84:f7:96:ae:8c:97:40:9c:75:a3:49:50:99:
                    08:09:31:d8:66:29:87:a8:01:df:7b:07:02:db:39:
                    82:85:a9:d7:30:b9:fb:b6:db:d5:b3:19:76:d0:b6:
                    ba:12:1b:a4:bb:c4:26:cb:07:c5:3c:c9:07:96:b2:
                    00:26:00:f2:26:e1:0c:c0:c6:b6:9e:17:11:19:dd:
                    77:ae:73:12:22:db:cb:e6:a2:e5:f5:ef:23:f0:23:
                    42:ec:7e:60:65:b7:89:9d:eb:14:6c:dd:6a:45:18:
                    b9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:37:8A:C9:56:86:6A:6A:F9:32:14:67:19:9E:60:FC:6C:DF:65:B5
            X509v3 Authority Key Identifier:
                keyid:DF:12:E2:ED:43:B5:A9:36:C2:C2:2E:9A:1B:72:8E:10:6A:19:05:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xLi7UO1qTbCwi6aG3KOEGoZBe0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76104c-42cb-4670-88f2-c6f0c1942bdb/1/_jeKyVaGamr5MhRnGZ5g_GzfZbU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76104c-42cb-4670-88f2-c6f0c1942bdb/1/3xLi7UO1qTbCwi6aG3KOEGoZBe0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:75:01:2c:f7:16:f5:e5:1d:2b:eb:6d:b1:ee:1f:ee:d2:b8:
         fb:e9:10:a4:67:1b:06:75:16:42:43:f7:34:a1:8c:bd:23:13:
         30:ea:00:d1:9a:73:e2:fd:3a:22:61:e2:d5:3d:97:5b:3f:7a:
         93:f8:3d:79:ff:fc:5b:40:cd:fc:49:92:c0:c2:3f:21:f6:4e:
         af:ac:1c:9a:d5:24:3f:6a:79:28:c9:6a:2e:84:18:f0:54:11:
         ef:eb:ea:77:d7:18:75:2a:78:58:2c:61:7f:fb:7e:08:f9:48:
         3a:56:00:33:72:69:db:42:76:c1:b6:9a:66:16:cb:a8:53:91:
         b9:ef:0d:c5:f4:37:e3:ce:1e:73:d0:c6:9a:34:9a:d1:b1:40:
         b3:9f:9d:18:7e:95:dc:6a:0e:8e:e8:6c:5e:62:e2:86:0b:16:
         03:15:e9:f4:fb:97:ec:04:82:d4:ea:81:6d:c3:6b:e9:fd:1c:
         53:11:4a:11:46:f7:05:d9:db:5b:18:44:d6:ef:45:71:85:81:
         ac:ee:86:f0:04:54:37:0a:90:54:9d:4b:8e:e0:bd:c3:4f:d8:
         2c:8a:20:bd:04:6c:3a:01:12:54:bd:e7:4d:ea:1d:01:82:55:
         21:50:f4:98:65:79:30:d9:6a:44:90:98:e1:0a:2e:b7:5f:e0:
         c6:a6:86:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARNvrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjEyZTJlZDQzYjVhOTM2YzJjMjJlOWExYjcyOGUxMDZhMTkwNWVkMB4XDTIyMDEw
MTA2NTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUzNzhhYzk1Njg2
NmE2YWY5MzIxNDY3MTk5ZTYwZmM2Y2RmNjViNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOribhtbJkGvKUde8eE43f28cRsfTkwV3Ft/GjxSa1UqOJHl
qAW4NgGWK7AFT9/p25wwwPN7PjSU9Hr1vqsv0y2voU/vChMuiQbNtWAwhKoHBcyG
UYSvUyWyDmhagmyAaJ6HnCeHHRy7OHDGf/+9WiL4xYBZTF8wJjE4kBuVQurDMnSK
FDyZcIy4pTABcfNSM/pYFYhL9fqE95aujJdAnHWjSVCZCAkx2GYph6gB33sHAts5
goWp1zC5+7bb1bMZdtC2uhIbpLvEJssHxTzJB5ayACYA8ibhDMDGtp4XERndd65z
EiLby+ai5fXvI/AjQux+YGW3iZ3rFGzdakUYuasCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+N4rJVoZqavkyFGcZnmD8bN9ltTAfBgNVHSMEGDAWgBTfEuLtQ7WpNsLC
Lpobco4QahkF7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN4TGk3VU8xcVRiQ3dpNmFHM0tPRUdvWkJlMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvNzYxMDRjLTQyY2ItNDY3MC04OGYyLWM2ZjBjMTk0MmJkYi8x
L19qZUt5VmFHYW1yNU1oUm5HWjVnX0d6ZlpiVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
NzYxMDRjLTQyY2ItNDY3MC04OGYyLWM2ZjBjMTk0MmJkYi8xLzN4TGk3VU8xcVRi
Q3dpNmFHM0tPRUdvWkJlMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1aWDANBgkqhkiG9w0BAQsFAAOC
AQEAF3UBLPcW9eUdK+ttse4f7tK4++kQpGcbBnUWQkP3NKGMvSMTMOoA0Zpz4v06
ImHi1T2XWz96k/g9ef/8W0DN/EmSwMI/IfZOr6wcmtUkP2p5KMlqLoQY8FQR7+vq
d9cYdSp4WCxhf/t+CPlIOlYAM3Jp20J2wbaaZhbLqFORue8NxfQ3484ec9DGmjSa
0bFAs5+dGH6V3GoOjuhsXmLihgsWAxXp9PuX7ASC1OqBbcNr6f0cUxFKEUb3Bdnb
WxhE1u9FcYWBrO6G8ARUNwqQVJ1LjuC9w0/YLIogvQRsOgESVL3nTeodAYJVIVD0
mGV5MNlqRJCY4Qout1/gxqaGEw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:46 2023 by rpki-client on console-ams.rpki-client.org