Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/q71Rmtgem8QelSNSjFoOvRAXwnw.roa
File:                     q71Rmtgem8QelSNSjFoOvRAXwnw.roa (raw, json)
Hash identifier:          lHuBnqvoqjzBchkIg/7yTGmxrozXS56B+y73XUGJmqc=
Subject key identifier:   AB:BD:51:9A:D8:1E:9B:C4:1E:95:23:52:8C:5A:0E:BD:10:17:C2:7C
Certificate issuer:       /CN=13ecf10b887f085887de8b2db64917ee2e424545
Certificate serial:       03D98BE5
Authority key identifier: 13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/q71Rmtgem8QelSNSjFoOvRAXwnw.roa
Signing time:             Sat 01 Jan 2022 05:55:54 +0000
ROA not before:           Sat 01 Jan 2022 05:55:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.65.116.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64588773 (0x3d98be5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13ecf10b887f085887de8b2db64917ee2e424545
        Validity
            Not Before: Jan  1 05:55:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=abbd519ad81e9bc41e9523528c5a0ebd1017c27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5e:a3:5c:fb:76:9e:0f:e0:79:1a:74:98:8a:
                    af:e5:b6:b5:27:b6:54:ce:56:67:3b:7f:96:6d:12:
                    f2:bd:85:ca:25:9f:1b:63:7d:fc:13:24:ad:27:80:
                    6a:d7:1f:40:0c:de:9e:64:e8:60:a7:47:0f:d6:d6:
                    58:85:8a:cb:74:d1:0f:8c:e6:d8:ac:55:a6:b5:3b:
                    a7:7b:fb:7d:62:b1:e6:e6:12:b0:85:22:58:34:2a:
                    5c:11:fb:6c:be:f4:b6:10:12:19:90:66:26:d6:18:
                    38:f8:c5:ca:b9:67:89:1c:ea:97:e7:82:12:de:60:
                    56:f2:e9:fd:66:1b:08:21:b7:07:c0:1f:0d:d8:c2:
                    18:c7:91:a5:f7:f1:84:6c:c2:26:2c:7b:17:54:30:
                    ff:fc:6b:25:5e:cf:fa:c2:34:77:4f:c3:e3:29:54:
                    dd:02:c8:0e:95:bf:29:f9:ac:64:14:d5:05:8a:d9:
                    a8:99:a7:49:2f:f4:56:b5:de:27:e8:24:4f:2f:5d:
                    3c:37:70:c9:55:46:0f:f5:16:12:89:af:62:6e:4e:
                    20:a3:f1:bd:54:e6:a9:a8:d6:71:24:bf:e9:a8:26:
                    75:14:b2:03:c1:9d:d1:4e:47:a0:5f:9d:b0:97:0f:
                    94:c5:42:bc:42:e9:b8:fe:05:c7:58:d9:85:9c:d8:
                    62:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:BD:51:9A:D8:1E:9B:C4:1E:95:23:52:8C:5A:0E:BD:10:17:C2:7C
            X509v3 Authority Key Identifier:
                keyid:13:EC:F1:0B:88:7F:08:58:87:DE:8B:2D:B6:49:17:EE:2E:42:45:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-zxC4h_CFiH3osttkkX7i5CRUU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/q71Rmtgem8QelSNSjFoOvRAXwnw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c45a9b-5096-4e75-9389-bd9b42f48dde/1/E-zxC4h_CFiH3osttkkX7i5CRUU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:ed:70:b5:60:72:3d:a4:66:40:cb:1a:c5:f8:66:17:d5:59:
         7c:a3:59:a5:07:ea:36:d1:c7:11:8b:19:e3:2f:ef:ee:0c:54:
         a5:ea:71:52:9b:b9:45:a7:ba:8b:45:6a:c6:b6:c8:35:57:59:
         43:18:8a:cc:8e:2f:78:d6:79:87:c8:98:d8:2c:8d:a7:71:85:
         0a:60:d8:e8:ac:ff:a6:eb:0e:31:c9:11:27:73:75:4f:8e:91:
         b0:45:c8:87:5a:da:b5:ca:bb:f6:30:98:8d:b7:62:c3:e3:79:
         36:63:a1:f0:a1:8f:06:16:d8:a5:1e:a5:c9:ec:cb:72:43:2f:
         b8:2d:f0:38:2c:ac:f4:78:33:83:e3:cd:8d:dc:6e:ff:76:ee:
         6f:f5:72:54:d8:d2:a7:c2:27:c3:12:3b:c1:fb:47:72:dd:4c:
         34:2b:bc:89:c2:61:49:1b:92:08:84:d8:29:c2:80:92:4d:57:
         bc:25:24:b6:e3:73:a6:ae:fe:33:df:00:d7:c3:ab:83:5f:b6:
         ae:08:1e:31:52:c0:69:6f:14:58:3d:d5:d1:ad:45:23:d8:f1:
         5c:4d:8c:16:9f:91:64:56:74:4e:df:e1:e7:9d:63:1a:7a:1a:
         31:63:60:a4:46:52:3c:1d:00:a4:44:f8:32:fc:16:ed:7c:85:
         05:00:aa:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9mL5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2VjZjEwYjg4N2YwODU4ODdkZThiMmRiNjQ5MTdlZTJlNDI0NTQ1MB4XDTIyMDEw
MTA1NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJiZDUxOWFkODFl
OWJjNDFlOTUyMzUyOGM1YTBlYmQxMDE3YzI3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFeo1z7dp4P4HkadJiKr+W2tSe2VM5WZzt/lm0S8r2FyiWf
G2N9/BMkrSeAatcfQAzenmToYKdHD9bWWIWKy3TRD4zm2KxVprU7p3v7fWKx5uYS
sIUiWDQqXBH7bL70thASGZBmJtYYOPjFyrlniRzql+eCEt5gVvLp/WYbCCG3B8Af
DdjCGMeRpffxhGzCJix7F1Qw//xrJV7P+sI0d0/D4ylU3QLIDpW/KfmsZBTVBYrZ
qJmnSS/0VrXeJ+gkTy9dPDdwyVVGD/UWEomvYm5OIKPxvVTmqajWcSS/6agmdRSy
A8Gd0U5HoF+dsJcPlMVCvELpuP4Fx1jZhZzYYvkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrvVGa2B6bxB6VI1KMWg69EBfCfDAfBgNVHSMEGDAWgBQT7PELiH8IWIfe
iy22SRfuLkJFRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UtenhDNGhfQ0ZpSDNvc3R0a2tYN2k1Q1JVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8x
L3E3MVJtdGdlbThRZWxTTlNqRm9PdlJBWHdudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzQ1YTliLTUwOTYtNGU3NS05Mzg5LWJkOWI0MmY0OGRkZS8xL0UtenhDNGhfQ0Zp
SDNvc3R0a2tYN2k1Q1JVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1BdDANBgkqhkiG9w0BAQsFAAOC
AQEAA+1wtWByPaRmQMsaxfhmF9VZfKNZpQfqNtHHEYsZ4y/v7gxUpepxUpu5Rae6
i0VqxrbINVdZQxiKzI4veNZ5h8iY2CyNp3GFCmDY6Kz/pusOMckRJ3N1T46RsEXI
h1ratcq79jCYjbdiw+N5NmOh8KGPBhbYpR6lyezLckMvuC3wOCys9Hgzg+PNjdxu
/3bub/VyVNjSp8InwxI7wftHct1MNCu8icJhSRuSCITYKcKAkk1XvCUktuNzpq7+
M98A18Org1+2rggeMVLAaW8UWD3V0a1FI9jxXE2MFp+RZFZ0Tt/h551jGnoaMWNg
pEZSPB0ApET4MvwW7XyFBQCqHw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:39 2023 by rpki-client on console-fra.rpki-client.org