Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/874c15-89ba-43ce-b9d9-a3569acb5a77/1/XMLiAtOzkzCORdOT4dlmlB-nj2w.roa
File:                     XMLiAtOzkzCORdOT4dlmlB-nj2w.roa (raw, json)
Hash identifier:          /LcH9IntUQqcavAO9GoJuVpIDtkt3n5HIb7c9uPf4jE=
Subject key identifier:   5C:C2:E2:02:D3:B3:93:30:8E:45:D3:93:E1:D9:66:94:1F:A7:8F:6C
Certificate issuer:       /CN=9339ae527b4ec756a097535cee3dee9ee1100752
Certificate serial:       01856F79A2285FE933F09995D56BB504C538
Authority key identifier: 93:39:AE:52:7B:4E:C7:56:A0:97:53:5C:EE:3D:EE:9E:E1:10:07:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzmuUntOx1agl1Nc7j3unuEQB1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/874c15-89ba-43ce-b9d9-a3569acb5a77/1/XMLiAtOzkzCORdOT4dlmlB-nj2w.roa
Signing time:             Sun 01 Jan 2023 22:35:20 +0000
ROA not before:           Sun 01 Jan 2023 22:35:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8849
IP address blocks:        31.222.226.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:a2:28:5f:e9:33:f0:99:95:d5:6b:b5:04:c5:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9339ae527b4ec756a097535cee3dee9ee1100752
        Validity
            Not Before: Jan  1 22:35:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cc2e202d3b393308e45d393e1d966941fa78f6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:5d:92:3e:29:a2:77:d2:73:c3:4b:73:39:44:
                    9f:74:55:c3:6b:40:06:b1:64:7f:2a:98:96:ce:fc:
                    44:4f:5a:f2:84:cf:66:c3:c2:6a:95:c7:e7:d0:05:
                    7b:77:5c:e8:10:26:90:f4:88:49:58:fc:d9:31:56:
                    1c:b9:55:ee:fd:6f:34:35:23:1a:7c:9d:aa:82:a8:
                    10:c6:e6:8b:8e:1f:ca:12:46:3f:2a:83:46:db:54:
                    d3:34:45:35:8c:a1:59:c0:c5:cf:30:91:23:ca:15:
                    1c:3a:57:f5:8f:43:3b:3b:c6:0d:fa:a8:7a:44:d8:
                    cb:11:41:96:6f:80:8d:97:07:14:93:70:38:5a:59:
                    36:a0:4d:8a:64:85:40:95:6e:9b:33:6b:3d:71:2c:
                    3d:ec:30:40:37:f3:f5:e2:46:d9:62:97:c1:c3:aa:
                    d4:f2:46:85:c7:31:bb:29:c2:cd:08:f9:f8:bf:dd:
                    65:31:fd:b3:86:26:5c:72:a8:61:f9:3f:db:df:d1:
                    7c:b4:45:0f:ae:53:05:61:9a:b8:a3:ae:f2:9a:37:
                    27:9c:52:e2:0d:eb:e0:64:88:89:d4:30:49:b0:41:
                    e3:18:be:2f:65:c1:ec:b3:0a:23:ee:db:59:12:ec:
                    3b:a4:46:20:42:08:2f:cb:e2:e6:e2:c7:b6:a6:8e:
                    e9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C2:E2:02:D3:B3:93:30:8E:45:D3:93:E1:D9:66:94:1F:A7:8F:6C
            X509v3 Authority Key Identifier:
                keyid:93:39:AE:52:7B:4E:C7:56:A0:97:53:5C:EE:3D:EE:9E:E1:10:07:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzmuUntOx1agl1Nc7j3unuEQB1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/874c15-89ba-43ce-b9d9-a3569acb5a77/1/XMLiAtOzkzCORdOT4dlmlB-nj2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/874c15-89ba-43ce-b9d9-a3569acb5a77/1/kzmuUntOx1agl1Nc7j3unuEQB1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:e9:f1:fe:8a:48:db:5d:91:9f:a2:e7:3c:98:0e:33:29:c4:
         2a:51:98:59:8d:7f:98:d8:68:0f:88:e9:2a:43:e0:31:92:2d:
         64:90:bd:6b:0b:07:bb:49:45:07:01:c6:f3:21:fd:ea:37:b7:
         80:97:d9:0b:e5:c6:ac:6b:59:5f:9b:4f:4c:68:4f:28:07:6e:
         46:7a:59:35:99:6e:99:a3:5c:1c:4b:bb:6c:84:9d:fb:c0:62:
         c7:7e:9c:88:3c:c0:67:0c:c4:2a:2b:bb:1d:f8:55:5a:72:41:
         38:75:99:36:54:d2:ea:34:c4:76:57:cb:0e:40:d5:62:cd:bf:
         c0:e1:78:67:a2:01:c5:61:7e:a2:31:87:62:41:31:09:4b:62:
         df:3f:b2:f9:a0:06:e1:3e:31:f3:75:0c:0a:22:cf:28:d3:b4:
         a0:5f:fd:5e:37:0c:66:60:e8:ad:2b:27:08:11:50:6b:58:a5:
         c5:de:df:42:e6:59:be:61:75:ca:5c:76:b8:d8:2d:30:91:5f:
         bb:e3:3f:04:2e:1f:65:e0:c1:55:8f:a6:07:b3:3e:d1:52:67:
         ca:1f:a3:11:01:85:bf:90:92:cb:d3:44:6e:d4:bd:33:2b:29:
         08:af:10:d0:eb:e5:82:ef:69:ba:92:ab:88:03:57:3e:61:e3:
         06:5e:30:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveaIoX+kz8JmV1Wu1BMU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzlhZTUyN2I0ZWM3NTZhMDk3NTM1Y2VlM2RlZTllZTEx
MDA3NTIwHhcNMjMwMTAxMjIzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2MyZTIwMmQzYjM5MzMwOGU0NWQzOTNlMWQ5NjY5NDFmYTc4ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV2SPimid9Jzw0tzOUSfdFXDa0AG
sWR/KpiWzvxET1ryhM9mw8Jqlcfn0AV7d1zoECaQ9IhJWPzZMVYcuVXu/W80NSMa
fJ2qgqgQxuaLjh/KEkY/KoNG21TTNEU1jKFZwMXPMJEjyhUcOlf1j0M7O8YN+qh6
RNjLEUGWb4CNlwcUk3A4Wlk2oE2KZIVAlW6bM2s9cSw97DBAN/P14kbZYpfBw6rU
8kaFxzG7KcLNCPn4v91lMf2zhiZccqhh+T/b39F8tEUPrlMFYZq4o67ymjcnnFLi
DevgZIiJ1DBJsEHjGL4vZcHsswoj7ttZEuw7pEYgQggvy+Lm4se2po7p0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzC4gLTs5MwjkXTk+HZZpQfp49sMB8GA1UdIwQY
MBaAFJM5rlJ7TsdWoJdTXO497p7hEAdSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ptdVVudE94MWFnbDFOYzdqM3VudUVRQjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84NzRjMTUtODliYS00M2NlLWI5ZDkt
YTM1NjlhY2I1YTc3LzEvWE1MaUF0T3prekNPUmRPVDRkbG1sQi1uajJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84NzRjMTUtODliYS00M2NlLWI5ZDktYTM1NjlhY2I1YTc3
LzEva3ptdVVudE94MWFnbDFOYzdqM3VudUVRQjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH97iMA0G
CSqGSIb3DQEBCwUAA4IBAQAX6fH+ikjbXZGfouc8mA4zKcQqUZhZjX+Y2GgPiOkq
Q+Axki1kkL1rCwe7SUUHAcbzIf3qN7eAl9kL5casa1lfm09MaE8oB25Gelk1mW6Z
o1wcS7tshJ37wGLHfpyIPMBnDMQqK7sd+FVackE4dZk2VNLqNMR2V8sOQNVizb/A
4XhnogHFYX6iMYdiQTEJS2LfP7L5oAbhPjHzdQwKIs8o07SgX/1eNwxmYOitKycI
EVBrWKXF3t9C5lm+YXXKXHa42C0wkV+74z8ELh9l4MFVj6YHsz7RUmfKH6MRAYW/
kJLL00Ru1L0zKykIrxDQ6+WC72m6kquIA1c+YeMGXjBS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:11 2024 by rpki-client on console-ams.rpki-client.org