Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/8dd2cb-ff29-42a8-bc10-c649480555e5/1/cnu7DMxRIuIhM4T3XJaFkqo7cEQ.roa
File:                     cnu7DMxRIuIhM4T3XJaFkqo7cEQ.roa (raw, json)
Hash identifier:          5EOwUSNsZsOx/YQxe+ugMIeeV0fzeUJhFJ+upqxtmHs=
Subject key identifier:   72:7B:BB:0C:CC:51:22:E2:21:33:84:F7:5C:96:85:92:AA:3B:70:44
Certificate issuer:       /CN=4a5d0b5fd2fcd02239e0452cf34e43a061b8e925
Certificate serial:       035693CE
Authority key identifier: 4A:5D:0B:5F:D2:FC:D0:22:39:E0:45:2C:F3:4E:43:A0:61:B8:E9:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sl0LX9L80CI54EUs805DoGG46SU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/8dd2cb-ff29-42a8-bc10-c649480555e5/1/cnu7DMxRIuIhM4T3XJaFkqo7cEQ.roa
Signing time:             Tue 24 May 2022 15:46:13 +0000
ROA not before:           Tue 24 May 2022 15:46:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54903
IP address blocks:        185.87.62.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56005582 (0x35693ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a5d0b5fd2fcd02239e0452cf34e43a061b8e925
        Validity
            Not Before: May 24 15:46:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=727bbb0ccc5122e2213384f75c968592aa3b7044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:9d:5c:f2:57:8e:06:55:db:6a:c0:a0:cd:86:
                    a0:51:bf:da:43:5c:a9:45:61:ac:97:18:10:45:71:
                    54:ea:33:83:88:69:d3:72:0e:e5:14:d5:c4:6b:a4:
                    6c:74:52:f6:49:be:78:6e:72:5d:5d:8a:52:3d:40:
                    4c:f7:bc:b6:24:2a:5b:62:71:5e:73:2c:e6:9f:ff:
                    31:84:8f:eb:72:72:53:f8:19:8b:6c:f4:80:82:32:
                    7c:b2:44:ab:00:b6:ef:c2:1a:4b:8b:6e:97:95:7d:
                    3f:6c:11:18:19:39:24:95:6e:bf:6a:4e:a0:a7:e4:
                    0c:7d:b4:35:bb:9a:eb:2b:2a:f6:66:35:ea:76:78:
                    02:f0:3d:c9:6f:2e:16:34:9d:81:c6:68:4b:3b:4f:
                    05:06:a1:bc:d2:77:70:0e:77:ff:3f:44:40:49:a5:
                    79:71:ab:6b:8f:24:4e:02:da:4e:e3:5e:da:5b:51:
                    e3:21:18:f7:80:9b:6c:f3:df:44:86:92:b0:bf:77:
                    a4:d4:cc:b5:ae:ee:4c:a7:c5:b9:8a:71:fb:dc:ec:
                    b3:76:76:12:9f:9c:98:10:b6:d9:82:1d:c4:95:b4:
                    77:6b:52:08:58:c2:2a:22:81:01:b2:55:02:f5:c3:
                    4b:86:b3:d2:ab:ef:70:d0:8b:9c:02:7f:da:bc:5b:
                    43:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7B:BB:0C:CC:51:22:E2:21:33:84:F7:5C:96:85:92:AA:3B:70:44
            X509v3 Authority Key Identifier:
                keyid:4A:5D:0B:5F:D2:FC:D0:22:39:E0:45:2C:F3:4E:43:A0:61:B8:E9:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sl0LX9L80CI54EUs805DoGG46SU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8dd2cb-ff29-42a8-bc10-c649480555e5/1/cnu7DMxRIuIhM4T3XJaFkqo7cEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8dd2cb-ff29-42a8-bc10-c649480555e5/1/Sl0LX9L80CI54EUs805DoGG46SU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.87.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:a0:6c:b0:f5:56:09:4d:0e:6f:0c:2a:a7:ef:c9:6f:cc:dc:
         2f:56:66:cf:3c:e5:b7:a0:ab:d3:33:34:bf:db:b9:db:c0:1f:
         ab:b8:8f:ea:bb:1a:3f:cd:25:cd:9c:b0:2a:1f:b7:7f:52:be:
         bd:72:4e:86:bc:c7:59:a0:ac:b1:d4:09:a5:ae:0d:92:07:0c:
         36:c9:4d:53:69:49:c5:e6:1a:c8:29:b9:a3:94:8b:2c:46:60:
         a6:d5:1c:f5:ec:a5:da:84:b7:5e:f9:c1:3d:4e:fc:6c:01:01:
         78:7c:c2:eb:b0:5a:75:e0:48:5c:43:42:ed:0a:1b:e3:a1:9d:
         2d:a6:8c:65:d5:a9:af:8e:b4:a3:75:33:70:eb:06:91:6f:f3:
         9f:50:4f:20:21:b5:30:21:cb:38:b3:61:99:ac:c6:93:87:71:
         f8:f1:1a:da:67:ac:a8:8a:58:52:b7:b2:85:d5:57:ea:b3:1c:
         5f:71:b7:e1:96:92:2c:6f:e7:ed:ff:ae:05:29:62:b9:ff:89:
         1d:fe:eb:ec:06:db:11:69:77:8a:ae:81:68:70:33:25:7a:e0:
         d7:98:0d:16:3f:4e:38:d6:87:6b:a5:3c:86:34:30:d9:c4:d7:
         a1:cb:ab:ae:91:de:b8:f8:56:82:a8:7e:f9:7a:12:7a:00:b6:
         c7:ef:5a:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1aTzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTVkMGI1ZmQyZmNkMDIyMzllMDQ1MmNmMzRlNDNhMDYxYjhlOTI1MB4XDTIyMDUy
NDE1NDYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI3YmJiMGNjYzUx
MjJlMjIxMzM4NGY3NWM5Njg1OTJhYTNiNzA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGdXPJXjgZV22rAoM2GoFG/2kNcqUVhrJcYEEVxVOozg4hp
03IO5RTVxGukbHRS9km+eG5yXV2KUj1ATPe8tiQqW2JxXnMs5p//MYSP63JyU/gZ
i2z0gIIyfLJEqwC278IaS4tul5V9P2wRGBk5JJVuv2pOoKfkDH20Nbua6ysq9mY1
6nZ4AvA9yW8uFjSdgcZoSztPBQahvNJ3cA53/z9EQEmleXGra48kTgLaTuNe2ltR
4yEY94CbbPPfRIaSsL93pNTMta7uTKfFuYpx+9zss3Z2Ep+cmBC22YIdxJW0d2tS
CFjCKiKBAbJVAvXDS4az0qvvcNCLnAJ/2rxbQ+cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRye7sMzFEi4iEzhPdcloWSqjtwRDAfBgNVHSMEGDAWgBRKXQtf0vzQIjng
RSzzTkOgYbjpJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NsMExYOUw4MENJNTRFVXM4MDVEb0dHNDZTVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvOGRkMmNiLWZmMjktNDJhOC1iYzEwLWM2NDk0ODA1NTVlNS8x
L2NudTdETXhSSXVJaE00VDNYSmFGa3FvN2NFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
OGRkMmNiLWZmMjktNDJhOC1iYzEwLWM2NDk0ODA1NTVlNS8xL1NsMExYOUw4MENJ
NTRFVXM4MDVEb0dHNDZTVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlXPjANBgkqhkiG9w0BAQsFAAOC
AQEAQ6BssPVWCU0Obwwqp+/Jb8zcL1Zmzzzlt6Cr0zM0v9u528Afq7iP6rsaP80l
zZywKh+3f1K+vXJOhrzHWaCssdQJpa4NkgcMNslNU2lJxeYayCm5o5SLLEZgptUc
9eyl2oS3XvnBPU78bAEBeHzC67BadeBIXENC7Qob46GdLaaMZdWpr460o3UzcOsG
kW/zn1BPICG1MCHLOLNhmazGk4dx+PEa2mesqIpYUreyhdVX6rMcX3G34ZaSLG/n
7f+uBSliuf+JHf7r7AbbEWl3iq6BaHAzJXrg15gNFj9OONaHa6U8hjQw2cTXocur
rpHeuPhWgqh++XoSegC2x+9aKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org