Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/xDvEmHu9Rgs7jBacQj-SSl_R5YE.roa
File:                     xDvEmHu9Rgs7jBacQj-SSl_R5YE.roa (raw, json)
Hash identifier:          Ex3Q3WSC49MetPP5jDCv32M7U0dVfbcm4h12an2bTHs=
Subject key identifier:   C4:3B:C4:98:7B:BD:46:0B:3B:8C:16:9C:42:3F:92:4A:5F:D1:E5:81
Certificate issuer:       /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial:       0338EC79
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/xDvEmHu9Rgs7jBacQj-SSl_R5YE.roa
Signing time:             Sun 12 Jun 2022 22:02:03 +0000
ROA not before:           Sun 12 Jun 2022 22:02:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        31.6.12.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54062201 (0x338ec79)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
        Validity
            Not Before: Jun 12 22:02:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c43bc4987bbd460b3b8c169c423f924a5fd1e581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:af:da:b0:1b:0b:a6:93:31:5a:fb:16:55:37:
                    e6:23:22:b9:92:88:53:cd:21:75:82:70:21:0f:7c:
                    44:e5:bd:0c:ee:87:8b:01:b1:c9:e5:fd:25:d5:70:
                    ba:b7:db:b4:18:f4:8b:98:22:2d:a2:32:58:dc:0e:
                    50:13:f9:2a:d7:b1:ff:02:34:6e:fd:56:db:52:1a:
                    8c:9b:8b:e8:45:f9:69:cd:4d:5f:47:c4:0d:eb:56:
                    89:c1:3e:96:35:72:b1:cf:60:10:9e:81:db:78:1e:
                    0e:ad:41:1a:3d:a2:68:fb:59:a0:19:da:c7:67:65:
                    93:11:9d:c3:1e:1a:94:71:ba:86:3f:83:66:68:fc:
                    62:36:8b:9d:b2:7f:b2:b6:80:5e:8d:c9:6a:d9:19:
                    a8:00:53:5f:5e:9d:89:44:f5:5c:7c:17:2e:b5:0c:
                    93:a0:51:33:4d:85:d5:1b:40:cc:a4:a6:71:de:2f:
                    2c:cc:cf:a5:f4:02:a2:4a:b0:20:ac:25:da:f4:76:
                    2d:26:1d:40:13:e8:9b:2a:d6:fa:63:26:a2:6b:b2:
                    c8:12:c4:f9:56:2d:5a:77:cc:05:7b:7c:47:b9:57:
                    68:81:e9:d6:4e:dc:26:a8:a0:eb:84:41:d3:f8:d7:
                    38:59:bd:5f:fb:25:1e:5c:82:ef:f2:7a:79:e7:bd:
                    53:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:3B:C4:98:7B:BD:46:0B:3B:8C:16:9C:42:3F:92:4A:5F:D1:E5:81
            X509v3 Authority Key Identifier:
                keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/xDvEmHu9Rgs7jBacQj-SSl_R5YE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:ac:57:eb:69:7e:a4:48:86:06:ab:04:72:87:3d:5f:a6:50:
         c2:1b:cf:6b:19:4c:95:9e:58:ea:96:02:34:8e:e5:b1:1c:06:
         7b:dc:8d:80:25:f8:cd:55:2b:95:36:00:e7:d9:81:56:47:1c:
         88:d4:ce:ea:1b:9e:a4:de:ee:50:81:ec:ec:72:de:fd:c4:89:
         6b:0f:84:b4:e9:8c:3a:9e:d4:6c:4f:a6:5d:2b:15:b4:af:d3:
         aa:59:39:cc:46:e0:c2:2a:d5:23:13:0d:57:35:6e:0e:32:fc:
         a5:eb:ea:ca:fd:e9:57:b8:ab:b9:1d:f5:5f:6b:1d:24:2e:ad:
         cc:ac:9c:2a:cb:e0:ea:b1:e8:f5:51:ef:84:e6:e9:bb:c1:ce:
         d8:63:54:21:a0:99:7a:69:77:88:4f:7d:3d:23:4a:6f:1e:b5:
         e9:01:80:5d:55:d2:6d:03:a5:30:05:f6:c7:bf:c3:f6:00:20:
         9e:ed:9c:21:10:09:09:f2:5a:07:5d:6b:47:81:ad:1b:5e:80:
         a0:40:b6:5e:cc:7a:8d:3b:b0:59:bd:e6:af:d4:e5:00:2f:0c:
         20:a8:26:49:0b:97:06:4d:b9:5e:d4:5d:54:fc:de:28:a4:10:
         db:ff:b6:de:e6:6f:1a:25:06:17:34:e4:81:62:76:51:c9:8f:
         0f:4a:47:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzjseTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTNlY2U3MWVmNmViZjU1YmI3Yjg3ZTUwNjY1YmExMWZkYzc3ZjA4MB4XDTIyMDYx
MjIyMDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQzYmM0OTg3YmJk
NDYwYjNiOGMxNjljNDIzZjkyNGE1ZmQxZTU4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKv2rAbC6aTMVr7FlU35iMiuZKIU80hdYJwIQ98ROW9DO6H
iwGxyeX9JdVwurfbtBj0i5giLaIyWNwOUBP5Ktex/wI0bv1W21IajJuL6EX5ac1N
X0fEDetWicE+ljVysc9gEJ6B23geDq1BGj2iaPtZoBnax2dlkxGdwx4alHG6hj+D
Zmj8YjaLnbJ/sraAXo3JatkZqABTX16diUT1XHwXLrUMk6BRM02F1RtAzKSmcd4v
LMzPpfQCokqwIKwl2vR2LSYdQBPomyrW+mMmomuyyBLE+VYtWnfMBXt8R7lXaIHp
1k7cJqig64RB0/jXOFm9X/slHlyC7/J6eee9U9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEO8SYe71GCzuMFpxCP5JKX9HlgTAfBgNVHSMEGDAWgBTVPs5x726/Vbt7
h+UGZboR/cd/CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUN09jZTl1djFXN2U0ZmxCbVc2RWYzSGZ3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8x
L3hEdkVtSHU5UmdzN2pCYWNRai1TU2xfUjVZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YzgxNjY5LTI1MTktNGRhNS1iZDVkLTFjMjYyNjU5MGQyOC8xLzFUN09jZTl1djFX
N2U0ZmxCbVc2RWYzSGZ3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8GDDANBgkqhkiG9w0BAQsFAAOC
AQEAJaxX62l+pEiGBqsEcoc9X6ZQwhvPaxlMlZ5Y6pYCNI7lsRwGe9yNgCX4zVUr
lTYA59mBVkcciNTO6huepN7uUIHs7HLe/cSJaw+EtOmMOp7UbE+mXSsVtK/Tqlk5
zEbgwirVIxMNVzVuDjL8pevqyv3pV7iruR31X2sdJC6tzKycKsvg6rHo9VHvhObp
u8HO2GNUIaCZeml3iE99PSNKbx616QGAXVXSbQOlMAX2x7/D9gAgnu2cIRAJCfJa
B11rR4GtG16AoEC2Xsx6jTuwWb3mr9TlAC8MIKgmSQuXBk25XtRdVPzeKKQQ2/+2
3uZvGiUGFzTkgWJ2UcmPD0pH9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:08 2024 by rpki-client on console-ams.rpki-client.org