Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/35mQU49T-8mXme5EgSSr-KHcvKY.roa
File:                     35mQU49T-8mXme5EgSSr-KHcvKY.roa (raw, json)
Hash identifier:          /5aVEEx0ukue1rAYcyOI+rPHjHH4eIpurKHZt2dbjs8=
Subject key identifier:   DF:99:90:53:8F:53:FB:C9:97:99:EE:44:81:24:AB:F8:A1:DC:BC:A6
Certificate issuer:       /CN=13ecf10b887f085887de8b2db64917ee2e424545
Certificate serial:       0185714C10367EA3B145C3AE243A486EF037
Authority key identifier: 13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/35mQU49T-8mXme5EgSSr-KHcvKY.roa
Signing time:             Mon 02 Jan 2023 07:04:48 +0000
ROA not before:           Mon 02 Jan 2023 07:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        45.65.116.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:4c:10:36:7e:a3:b1:45:c3:ae:24:3a:48:6e:f0:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13ecf10b887f085887de8b2db64917ee2e424545
        Validity
            Not Before: Jan  2 07:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df9990538f53fbc99799ee448124abf8a1dcbca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:78:d1:1f:c4:58:b2:c9:85:11:e0:a6:db:2a:
                    2d:1e:fc:02:d3:3d:0f:cf:4a:ad:40:7e:13:d6:ce:
                    db:cf:ea:90:fd:bb:de:f9:46:58:83:8c:a7:f0:67:
                    a8:f2:77:95:41:00:59:e1:c9:35:f8:ca:f7:d0:29:
                    00:f1:a6:09:11:a3:c1:45:2e:7b:77:ab:61:5e:3c:
                    fa:81:10:d5:df:4c:4c:7f:e2:b5:d6:53:80:e5:45:
                    d1:03:56:ec:03:80:ad:73:a5:e3:cd:77:98:2a:07:
                    a4:39:77:84:eb:6d:8a:5c:b7:b0:4a:bc:c0:b7:f9:
                    e7:b0:df:f9:ee:e8:29:3f:3c:be:99:d1:d6:1f:75:
                    cb:f2:e9:dd:22:66:2d:6c:68:86:51:75:c8:cc:41:
                    23:c5:d1:c8:11:99:5f:97:b8:6f:6b:00:b5:91:33:
                    90:c6:e1:65:47:3f:b3:f2:85:9e:df:cc:b6:84:41:
                    2e:7b:a4:d7:84:02:cc:4d:4b:65:65:75:a6:cb:b1:
                    90:f1:00:4a:ca:de:d1:cf:e9:44:3d:0b:49:e9:72:
                    2c:16:e6:21:e9:f4:03:b0:5b:69:80:6e:f5:4c:2e:
                    b6:8a:29:8e:0c:c5:ce:77:90:e5:08:2c:96:9e:74:
                    c7:57:1f:e5:42:46:be:5a:a1:96:ed:29:57:e4:b9:
                    e4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:99:90:53:8F:53:FB:C9:97:99:EE:44:81:24:AB:F8:A1:DC:BC:A6
            X509v3 Authority Key Identifier:
                keyid:13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/35mQU49T-8mXme5EgSSr-KHcvKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/E-zxC4h_CFiH3osttkkX7i5CRUU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:a4:7a:a4:1c:97:1d:41:23:33:dd:d4:bf:a1:93:cc:80:7f:
         a8:f7:91:a1:9c:ef:45:ab:44:24:63:b2:03:6b:86:6a:2a:0b:
         3c:d6:d9:37:28:3b:ae:b3:1c:a0:9d:f5:6c:0f:95:32:76:2e:
         e8:c4:29:7e:00:4a:34:07:6f:7e:a0:eb:f7:79:1a:3a:24:ef:
         d1:39:37:07:9a:6e:b7:02:32:aa:a2:5d:9e:2d:98:ee:5e:cc:
         df:e0:c2:cc:ae:82:3d:43:56:78:68:40:6c:7b:42:54:16:f9:
         60:02:98:fa:06:07:75:44:97:3a:62:02:9f:ed:73:86:a5:1d:
         f1:23:69:87:fe:c6:29:3e:4f:11:bb:35:87:52:ea:3e:43:bf:
         ce:1f:e8:8a:07:bd:4b:6d:1d:89:e6:4a:f0:5d:1d:23:fa:c4:
         b8:8c:83:fa:3f:98:cd:71:39:e8:8d:1f:f7:46:65:d0:b0:c6:
         e3:05:58:8a:1c:dd:46:8e:24:2e:50:8d:2d:18:cc:09:db:fd:
         29:80:d3:80:17:f2:af:05:23:00:40:b7:36:34:de:e9:82:f0:
         f4:83:32:82:82:22:7f:74:e4:c9:90:40:27:2d:88:dc:d4:07:
         3f:de:ef:dc:a7:87:91:00:f3:1b:63:b6:3a:7b:35:db:8b:55:
         72:a5:71:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTBA2fqOxRcOuJDpIbvA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWNmMTBiODg3ZjA4NTg4N2RlOGIyZGI2NDkxN2VlMmU0
MjQ1NDUwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk5OTA1MzhmNTNmYmM5OTc5OWVlNDQ4MTI0YWJmOGExZGNiY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3jRH8RYssmFEeCm2yotHvwC0z0P
z0qtQH4T1s7bz+qQ/bve+UZYg4yn8Geo8neVQQBZ4ck1+Mr30CkA8aYJEaPBRS57
d6thXjz6gRDV30xMf+K11lOA5UXRA1bsA4Ctc6XjzXeYKgekOXeE622KXLewSrzA
t/nnsN/57ugpPzy+mdHWH3XL8undImYtbGiGUXXIzEEjxdHIEZlfl7hvawC1kTOQ
xuFlRz+z8oWe38y2hEEue6TXhALMTUtlZXWmy7GQ8QBKyt7Rz+lEPQtJ6XIsFuYh
6fQDsFtpgG71TC62iimODMXOd5DlCCyWnnTHVx/lQka+WqGW7SlX5Lnk9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+ZkFOPU/vJl5nuRIEkq/ih3LymMB8GA1UdIwQY
MBaAFBPs8QuIfwhYh96LLbZJF+4uQkVFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS16eEM0aF9DRmlIM29zdHRra1g3aTVDUlVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jNDVhOWItNTA5Ni00ZTc1LTkzODkt
YmQ5YjQyZjQ4ZGRlLzEvMzVtUVU0OVQtOG1YbWU1RWdTU3ItS0hjdktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jNDVhOWItNTA5Ni00ZTc1LTkzODktYmQ5YjQyZjQ4ZGRl
LzEvRS16eEM0aF9DRmlIM29zdHRra1g3aTVDUlVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUF0MA0G
CSqGSIb3DQEBCwUAA4IBAQBQpHqkHJcdQSMz3dS/oZPMgH+o95GhnO9Fq0QkY7ID
a4ZqKgs81tk3KDuusxygnfVsD5Uydi7oxCl+AEo0B29+oOv3eRo6JO/ROTcHmm63
AjKqol2eLZjuXszf4MLMroI9Q1Z4aEBse0JUFvlgApj6Bgd1RJc6YgKf7XOGpR3x
I2mH/sYpPk8RuzWHUuo+Q7/OH+iKB71LbR2J5krwXR0j+sS4jIP6P5jNcTnojR/3
RmXQsMbjBViKHN1GjiQuUI0tGMwJ2/0pgNOAF/KvBSMAQLc2NN7pgvD0gzKCgiJ/
dOTJkEAnLYjc1Ac/3u/cp4eRAPMbY7Y6ezXbi1VypXG2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:16 2024 by rpki-client on console-fra.rpki-client.org