Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/pwALMk4xguByE4P9ulJmH7HxvFY.roa
File:                     pwALMk4xguByE4P9ulJmH7HxvFY.roa (raw, json)
Hash identifier:          HdtJBaWw8ehZQN5ZO8QLXU/Xm3Q23eTL1MHbs8s+4ks=
Subject key identifier:   A7:00:0B:32:4E:31:82:E0:72:13:83:FD:BA:52:66:1F:B1:F1:BC:56
Certificate issuer:       /CN=13ecf10b887f085887de8b2db64917ee2e424545
Certificate serial:       051E325C
Authority key identifier: 13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/pwALMk4xguByE4P9ulJmH7HxvFY.roa
Signing time:             Fri 20 May 2022 20:34:29 +0000
ROA not before:           Fri 20 May 2022 20:34:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        194.150.204.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85865052 (0x51e325c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13ecf10b887f085887de8b2db64917ee2e424545
        Validity
            Not Before: May 20 20:34:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a7000b324e3182e0721383fdba52661fb1f1bc56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:58:ba:2a:9b:b7:fa:34:ec:34:17:b6:9e:60:
                    ad:d3:aa:4c:07:f8:f2:45:ef:57:f1:63:ff:5f:2a:
                    67:13:a2:a6:99:a9:cf:6f:94:b5:93:d2:f1:1a:a1:
                    fd:38:d6:da:17:a7:9e:e4:97:4a:28:8f:4e:fb:55:
                    6d:3e:73:b6:3d:92:68:8e:89:2d:a4:08:ed:f3:04:
                    c8:81:1a:5f:6c:a8:a6:ce:25:b9:0a:60:d8:62:2b:
                    79:0e:f5:10:03:3e:7c:f3:13:f5:bc:2a:21:37:e6:
                    d6:c4:d5:57:8b:18:27:52:f0:f1:16:ce:4f:3d:6c:
                    d2:a0:7a:86:4f:6f:5a:54:e7:0a:da:73:fe:4b:82:
                    7b:1a:7a:e5:d7:23:ec:34:1e:58:93:23:cc:cf:ab:
                    30:98:af:e4:28:f6:6b:c5:2c:15:ea:5c:11:8d:e0:
                    58:e9:d0:25:13:5d:70:81:1a:c4:76:f3:54:ef:9c:
                    b6:f7:b4:5b:67:70:35:e4:04:e0:72:75:5a:16:ee:
                    98:15:cf:16:8a:9c:4a:ef:1c:69:61:a9:5c:96:f7:
                    85:0f:fd:bc:cc:f8:ea:d4:c3:74:eb:76:6e:0d:9b:
                    76:ee:f0:fd:da:70:e7:ab:98:19:2a:03:f6:ce:77:
                    23:56:ae:86:ef:de:22:cf:ef:95:a4:ea:7d:a5:78:
                    6b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:00:0B:32:4E:31:82:E0:72:13:83:FD:BA:52:66:1F:B1:F1:BC:56
            X509v3 Authority Key Identifier:
                keyid:13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/pwALMk4xguByE4P9ulJmH7HxvFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/E-zxC4h_CFiH3osttkkX7i5CRUU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.150.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:f9:ce:dd:f6:72:66:6f:f8:e9:52:36:08:29:bd:cc:92:6d:
         cb:27:bf:5c:23:4b:e3:91:b1:95:31:91:06:6c:29:13:2e:23:
         ee:bd:3b:20:67:d9:43:4d:10:77:48:5d:52:13:f9:0e:dc:7e:
         56:a2:2f:2b:dd:5c:37:c2:14:3d:c6:cc:1e:25:d1:f5:ed:61:
         57:1a:2b:c2:d5:e0:20:63:8f:7f:5a:c8:cd:c7:60:be:ce:e2:
         45:ba:0d:4c:4a:ff:7d:58:f3:2f:07:1a:bc:2b:19:5c:26:e0:
         9e:91:d8:29:59:af:18:94:03:89:47:23:21:49:75:aa:ad:bd:
         ea:f4:fb:30:ad:0d:ba:a5:51:2a:9a:04:97:4c:6f:43:df:72:
         9a:c2:e6:89:74:86:a9:29:f6:12:85:a6:40:32:51:78:60:88:
         a7:ee:6a:46:8e:de:50:a1:f4:3a:e2:15:1f:82:ec:1b:92:29:
         4c:d0:a7:1b:50:b3:d1:44:6f:5f:c4:09:41:ff:d8:c4:08:ae:
         2a:60:9e:1e:56:3c:14:64:9b:18:b2:09:63:22:c7:8d:1e:69:
         92:7a:0c:f5:96:e3:dc:e5:2b:cf:af:c7:55:ab:5f:d0:ae:40:
         75:fc:6d:3b:57:e1:7f:65:91:9b:fe:07:39:22:df:b9:8d:41:
         55:1a:9c:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBR4yXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2VjZjEwYjg4N2YwODU4ODdkZThiMmRiNjQ5MTdlZTJlNDI0NTQ1MB4XDTIyMDUy
MDIwMzQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcwMDBiMzI0ZTMx
ODJlMDcyMTM4M2ZkYmE1MjY2MWZiMWYxYmM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtYuiqbt/o07DQXtp5grdOqTAf48kXvV/Fj/18qZxOippmp
z2+UtZPS8Rqh/TjW2hennuSXSiiPTvtVbT5ztj2SaI6JLaQI7fMEyIEaX2yops4l
uQpg2GIreQ71EAM+fPMT9bwqITfm1sTVV4sYJ1Lw8RbOTz1s0qB6hk9vWlTnCtpz
/kuCexp65dcj7DQeWJMjzM+rMJiv5Cj2a8UsFepcEY3gWOnQJRNdcIEaxHbzVO+c
tve0W2dwNeQE4HJ1WhbumBXPFoqcSu8caWGpXJb3hQ/9vMz46tTDdOt2bg2bdu7w
/dpw56uYGSoD9s53I1auhu/eIs/vlaTqfaV4a3ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnAAsyTjGC4HITg/26UmYfsfG8VjAfBgNVHSMEGDAWgBQT7PELiH8IWIfe
iy22SRfuLkJFRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UtenhDNGhfQ0ZpSDNvc3R0a2tYN2k1Q1JVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8x
L3B3QUxNazR4Z3VCeUU0UDl1bEptSDdIeHZGWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8xL0UtenhDNGhfQ0Zp
SDNvc3R0a2tYN2k1Q1JVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKWzDANBgkqhkiG9w0BAQsFAAOC
AQEAsPnO3fZyZm/46VI2CCm9zJJtyye/XCNL45GxlTGRBmwpEy4j7r07IGfZQ00Q
d0hdUhP5Dtx+VqIvK91cN8IUPcbMHiXR9e1hVxorwtXgIGOPf1rIzcdgvs7iRboN
TEr/fVjzLwcavCsZXCbgnpHYKVmvGJQDiUcjIUl1qq296vT7MK0NuqVRKpoEl0xv
Q99ymsLmiXSGqSn2EoWmQDJReGCIp+5qRo7eUKH0OuIVH4LsG5IpTNCnG1Cz0URv
X8QJQf/YxAiuKmCeHlY8FGSbGLIJYyLHjR5pknoM9Zbj3OUrz6/HVatf0K5Adfxt
O1fhf2WRm/4HOSLfuY1BVRqcwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:16 2024 by rpki-client on console-fra.rpki-client.org