Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/KU7HimmsDE4MMCQ7CTkmprZsVWw.roa
File:                     KU7HimmsDE4MMCQ7CTkmprZsVWw.roa (raw, json)
Hash identifier:          VUXoWUPWIKgijWNXncEwFymk17Wl5H8why+l+fXdhiY=
Subject key identifier:   29:4E:C7:8A:69:AC:0C:4E:0C:30:24:3B:09:39:26:A6:B6:6C:55:6C
Certificate issuer:       /CN=13ecf10b887f085887de8b2db64917ee2e424545
Certificate serial:       04C2EE01
Authority key identifier: 13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/KU7HimmsDE4MMCQ7CTkmprZsVWw.roa
Signing time:             Wed 13 Apr 2022 08:11:58 +0000
ROA not before:           Wed 13 Apr 2022 08:11:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        194.150.204.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79883777 (0x4c2ee01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13ecf10b887f085887de8b2db64917ee2e424545
        Validity
            Not Before: Apr 13 08:11:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=294ec78a69ac0c4e0c30243b093926a6b66c556c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:cd:00:9e:f7:4f:47:6f:5d:ce:a5:3f:14:34:
                    88:16:fd:80:07:08:ef:b9:f4:0a:61:bf:02:70:43:
                    c2:93:ed:35:df:ef:15:9a:c7:71:0a:19:bc:20:cf:
                    4c:77:0a:2d:77:fb:75:00:7c:9d:92:fe:d6:86:e6:
                    a7:d0:76:33:c5:b9:65:ae:44:66:73:14:17:55:c5:
                    a9:5a:7e:16:3b:62:d8:da:b1:74:c3:92:50:4b:06:
                    b6:11:03:c3:8d:37:2b:1e:8a:96:3c:45:c8:1c:65:
                    76:38:36:79:b4:96:7f:74:a9:cd:28:1b:e0:fc:2e:
                    b7:d1:48:36:28:b5:89:90:1e:da:bf:ee:29:90:71:
                    15:52:42:a1:eb:22:0e:77:6c:17:42:ab:6e:c0:7c:
                    87:00:50:f1:1c:a3:43:00:4c:3f:26:44:1b:80:b6:
                    cf:b6:c2:02:71:87:6b:b9:35:4f:c9:8c:31:97:01:
                    d3:28:fd:a3:a4:02:2e:3f:ce:76:70:a0:14:20:54:
                    6a:6c:53:12:b5:cf:92:86:b2:ba:a9:1f:d4:8a:91:
                    e3:6f:d7:aa:d9:af:57:36:87:4e:3f:54:c2:f7:7b:
                    b0:ee:c6:63:e4:ee:3a:9b:90:8e:9d:98:dc:83:28:
                    ef:21:0c:4e:c6:dd:0b:42:55:2f:73:18:8d:b3:12:
                    62:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:4E:C7:8A:69:AC:0C:4E:0C:30:24:3B:09:39:26:A6:B6:6C:55:6C
            X509v3 Authority Key Identifier:
                keyid:13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/KU7HimmsDE4MMCQ7CTkmprZsVWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/E-zxC4h_CFiH3osttkkX7i5CRUU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.150.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:7f:01:6a:24:75:3c:a9:bc:d2:d3:5a:8d:48:e0:3a:f8:13:
         ce:09:46:a0:8b:c9:57:da:de:5e:13:61:c3:71:a6:df:97:34:
         f8:48:92:e7:12:86:f3:c6:3d:01:1c:c5:52:df:79:0f:65:53:
         2c:2f:29:84:29:c9:70:b9:e1:2a:c7:b3:14:03:f7:c4:7e:cf:
         ef:91:9d:e5:95:6d:6b:48:a6:03:57:40:8f:93:69:e9:45:0a:
         18:1b:13:d2:9c:3e:09:dd:2a:50:f7:5a:5c:a6:4b:49:e2:1b:
         de:ef:39:2b:63:e0:2b:3f:8b:0b:f6:98:e1:47:16:bf:e6:7c:
         74:3d:6a:01:68:8e:42:90:33:3a:0c:37:e0:5b:24:61:bd:b7:
         6f:9b:77:ea:14:e5:5f:85:51:ca:48:a1:c5:20:c1:92:09:76:
         95:5e:27:03:d1:ca:20:bb:56:ad:4a:27:8f:2c:a1:8e:e9:00:
         5b:44:86:bb:01:a1:41:53:68:70:b7:88:a6:ad:4b:fd:a5:75:
         7a:be:29:d5:92:05:11:9c:dc:c2:ba:83:fa:5a:f7:87:3e:02:
         84:0b:c2:25:f0:43:38:4b:91:be:4c:b7:e2:fd:b4:03:b7:50:
         48:77:4b:a6:e7:55:b8:ba:70:07:a8:56:3f:5a:25:56:3d:30:
         7c:ce:dc:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBMLuATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2VjZjEwYjg4N2YwODU4ODdkZThiMmRiNjQ5MTdlZTJlNDI0NTQ1MB4XDTIyMDQx
MzA4MTE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk0ZWM3OGE2OWFj
MGM0ZTBjMzAyNDNiMDkzOTI2YTZiNjZjNTU2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHNAJ73T0dvXc6lPxQ0iBb9gAcI77n0CmG/AnBDwpPtNd/v
FZrHcQoZvCDPTHcKLXf7dQB8nZL+1obmp9B2M8W5Za5EZnMUF1XFqVp+Fjti2Nqx
dMOSUEsGthEDw403Kx6KljxFyBxldjg2ebSWf3SpzSgb4Pwut9FINii1iZAe2r/u
KZBxFVJCoesiDndsF0KrbsB8hwBQ8RyjQwBMPyZEG4C2z7bCAnGHa7k1T8mMMZcB
0yj9o6QCLj/OdnCgFCBUamxTErXPkoayuqkf1IqR42/XqtmvVzaHTj9Uwvd7sO7G
Y+TuOpuQjp2Y3IMo7yEMTsbdC0JVL3MYjbMSYtUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpTseKaawMTgwwJDsJOSamtmxVbDAfBgNVHSMEGDAWgBQT7PELiH8IWIfe
iy22SRfuLkJFRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UtenhDNGhfQ0ZpSDNvc3R0a2tYN2k1Q1JVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8x
L0tVN0hpbW1zREU0TU1DUTdDVGttcHJac1ZXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8xL0UtenhDNGhfQ0Zp
SDNvc3R0a2tYN2k1Q1JVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcKWzDANBgkqhkiG9w0BAQsFAAOC
AQEAB38BaiR1PKm80tNajUjgOvgTzglGoIvJV9reXhNhw3Gm35c0+EiS5xKG88Y9
ARzFUt95D2VTLC8phCnJcLnhKsezFAP3xH7P75Gd5ZVta0imA1dAj5Np6UUKGBsT
0pw+Cd0qUPdaXKZLSeIb3u85K2PgKz+LC/aY4UcWv+Z8dD1qAWiOQpAzOgw34Fsk
Yb23b5t36hTlX4VRykihxSDBkgl2lV4nA9HKILtWrUonjyyhjukAW0SGuwGhQVNo
cLeIpq1L/aV1er4p1ZIFEZzcwrqD+lr3hz4ChAvCJfBDOEuRvky34v20A7dQSHdL
pudVuLpwB6hWP1olVj0wfM7cyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:16 2024 by rpki-client on console-fra.rpki-client.org