Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/9a293d-ad72-4474-8522-6774df5011a5/1/U-9YgadvY3Hm9MRzyfUGZA5E67k.roa
File:                     U-9YgadvY3Hm9MRzyfUGZA5E67k.roa (raw, json)
Hash identifier:          dW6RuhumETpW3W5ggGUMy3vK3iuiT3j5vUzQGwz+LfQ=
Subject key identifier:   53:EF:58:81:A7:6F:63:71:E6:F4:C4:73:C9:F5:06:64:0E:44:EB:B9
Certificate issuer:       /CN=3924e7ec3f43a911ab15963ae1304a9a2bfdd8b4
Certificate serial:       064EC138
Authority key identifier: 39:24:E7:EC:3F:43:A9:11:AB:15:96:3A:E1:30:4A:9A:2B:FD:D8:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OSTn7D9DqRGrFZY64TBKmiv92LQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/9a293d-ad72-4474-8522-6774df5011a5/1/U-9YgadvY3Hm9MRzyfUGZA5E67k.roa
Signing time:             Sat 01 Jan 2022 13:01:30 +0000
ROA not before:           Sat 01 Jan 2022 13:01:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24910
IP address blocks:        91.213.81.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 105824568 (0x64ec138)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3924e7ec3f43a911ab15963ae1304a9a2bfdd8b4
        Validity
            Not Before: Jan  1 13:01:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=53ef5881a76f6371e6f4c473c9f506640e44ebb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ca:81:be:ab:ea:df:35:52:0d:73:57:cf:4f:
                    49:e9:e7:d5:fb:ee:89:64:ca:9b:ea:9c:41:c5:8d:
                    69:f5:b4:dd:e2:30:8b:56:e4:b8:e7:b8:8e:dd:ac:
                    aa:5e:a0:7a:79:50:a1:61:80:7a:35:a8:8e:9a:33:
                    f3:3f:46:ef:a4:31:f0:8e:44:b7:e5:f0:da:e0:cf:
                    5a:d3:52:96:e4:27:12:7e:a3:fb:a0:65:6d:e1:fd:
                    fe:1a:80:8a:9a:f3:46:c0:2f:ed:b7:9f:a6:dc:ff:
                    aa:1a:1b:a1:f2:61:52:e6:36:4d:ae:e2:4f:dc:37:
                    00:b3:4c:a0:02:ef:2b:c0:55:f1:f9:ba:3f:d8:67:
                    5d:fe:8c:6b:23:2e:5f:69:40:d0:a3:91:92:83:2a:
                    6e:a2:04:eb:a2:09:0c:bf:3c:03:86:c9:00:5d:27:
                    5b:53:70:61:24:01:05:5b:69:b3:1d:69:99:1f:1a:
                    f1:81:9b:85:08:72:9c:18:d7:dd:38:b9:52:5e:b1:
                    96:d4:91:02:95:26:8e:f0:95:8d:0f:18:29:59:fd:
                    d5:27:71:c9:a9:d9:cd:48:23:fb:37:f5:ca:a6:8a:
                    18:dc:0e:b3:52:b2:34:3d:70:5d:2a:a7:cb:fe:9e:
                    4e:f0:ff:2d:af:cc:a1:89:80:ec:1d:0a:09:ac:c2:
                    85:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:EF:58:81:A7:6F:63:71:E6:F4:C4:73:C9:F5:06:64:0E:44:EB:B9
            X509v3 Authority Key Identifier:
                keyid:39:24:E7:EC:3F:43:A9:11:AB:15:96:3A:E1:30:4A:9A:2B:FD:D8:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSTn7D9DqRGrFZY64TBKmiv92LQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/9a293d-ad72-4474-8522-6774df5011a5/1/U-9YgadvY3Hm9MRzyfUGZA5E67k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/9a293d-ad72-4474-8522-6774df5011a5/1/OSTn7D9DqRGrFZY64TBKmiv92LQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:e0:8a:c5:15:73:90:0e:77:8b:db:24:83:18:9f:12:28:cd:
         f4:db:c8:2f:ec:2d:f7:05:e3:a4:f4:95:8e:ad:64:a0:bd:65:
         d1:9c:bb:57:fb:55:20:6d:16:8d:e4:d4:48:dc:4c:4b:85:6a:
         d0:bb:4a:b6:e4:57:f0:b7:a8:3e:19:73:03:01:0d:1f:f7:fe:
         03:a9:3e:e1:be:f4:e4:aa:94:c0:37:22:66:f7:dd:80:dc:6b:
         f2:8d:f3:88:c3:24:21:98:ea:b6:46:db:25:ad:1a:87:89:e2:
         76:71:bd:8a:4d:21:38:f4:21:6b:ee:01:b0:66:b5:85:04:4a:
         dc:e3:08:bd:3a:52:95:ba:e5:26:9a:8a:d9:37:e8:6d:dc:50:
         04:c4:3a:31:e6:0d:e2:be:3e:0c:f1:53:4a:e2:05:9c:b6:c5:
         c2:52:ae:5f:26:7a:d2:4a:9a:d4:90:6a:d9:f5:51:b5:6a:58:
         1d:89:b3:22:f3:59:ee:35:38:70:43:b8:58:10:d3:a5:f5:92:
         b2:b0:85:f8:29:55:29:b6:7b:33:1c:13:31:80:d1:ee:d9:66:
         fd:27:5f:54:aa:9a:da:b4:a8:18:10:65:31:83:2f:1a:95:99:
         ae:3a:ae:fb:ba:d3:dc:40:ef:16:42:01:b2:f6:ca:d3:7a:3e:
         01:0e:96:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBk7BODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTI0ZTdlYzNmNDNhOTExYWIxNTk2M2FlMTMwNGE5YTJiZmRkOGI0MB4XDTIyMDEw
MTEzMDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNlZjU4ODFhNzZm
NjM3MWU2ZjRjNDczYzlmNTA2NjQwZTQ0ZWJiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7Kgb6r6t81Ug1zV89PSenn1fvuiWTKm+qcQcWNafW03eIw
i1bkuOe4jt2sql6genlQoWGAejWojpoz8z9G76Qx8I5Et+Xw2uDPWtNSluQnEn6j
+6BlbeH9/hqAiprzRsAv7befptz/qhobofJhUuY2Ta7iT9w3ALNMoALvK8BV8fm6
P9hnXf6MayMuX2lA0KORkoMqbqIE66IJDL88A4bJAF0nW1NwYSQBBVtpsx1pmR8a
8YGbhQhynBjX3Ti5Ul6xltSRApUmjvCVjQ8YKVn91SdxyanZzUgj+zf1yqaKGNwO
s1KyND1wXSqny/6eTvD/La/MoYmA7B0KCazChbkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRT71iBp29jceb0xHPJ9QZkDkTruTAfBgNVHSMEGDAWgBQ5JOfsP0OpEasV
ljrhMEqaK/3YtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09TVG43RDlEcVJHckZaWTY0VEJLbWl2OTJMUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvOWEyOTNkLWFkNzItNDQ3NC04NTIyLTY3NzRkZjUwMTFhNS8x
L1UtOVlnYWR2WTNIbTlNUnp5ZlVHWkE1RTY3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
OWEyOTNkLWFkNzItNDQ3NC04NTIyLTY3NzRkZjUwMTFhNS8xL09TVG43RDlEcVJH
ckZaWTY0VEJLbWl2OTJMUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvVUTANBgkqhkiG9w0BAQsFAAOC
AQEAPOCKxRVzkA53i9skgxifEijN9NvIL+wt9wXjpPSVjq1koL1l0Zy7V/tVIG0W
jeTUSNxMS4Vq0LtKtuRX8LeoPhlzAwENH/f+A6k+4b705KqUwDciZvfdgNxr8o3z
iMMkIZjqtkbbJa0ah4nidnG9ik0hOPQha+4BsGa1hQRK3OMIvTpSlbrlJpqK2Tfo
bdxQBMQ6MeYN4r4+DPFTSuIFnLbFwlKuXyZ60kqa1JBq2fVRtWpYHYmzIvNZ7jU4
cEO4WBDTpfWSsrCF+ClVKbZ7MxwTMYDR7tlm/SdfVKqa2rSoGBBlMYMvGpWZrjqu
+7rT3EDvFkIBsvbK03o+AQ6W1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:16 2024 by rpki-client on console-ams.rpki-client.org