Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/936eab-094e-4903-9148-a76f86575247/1/aTdPF-KW50094VAHGJ--89Nndfw.roa
File:                     aTdPF-KW50094VAHGJ--89Nndfw.roa (raw, json)
Hash identifier:          MxIFMSZTDoH0wDFJoJVifJgPTkyyZAM3TwM8P1FUWRk=
Subject key identifier:   69:37:4F:17:E2:96:E7:4D:3D:E1:50:07:18:9F:BE:F3:D3:67:75:FC
Certificate issuer:       /CN=3124de2d6b780b3dbb5fbf5b926dcb8d2f0cc106
Certificate serial:       041DF814
Authority key identifier: 31:24:DE:2D:6B:78:0B:3D:BB:5F:BF:5B:92:6D:CB:8D:2F:0C:C1:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MSTeLWt4Cz27X79bkm3LjS8MwQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/936eab-094e-4903-9148-a76f86575247/1/aTdPF-KW50094VAHGJ--89Nndfw.roa
Signing time:             Fri 10 Jun 2022 08:24:02 +0000
ROA not before:           Fri 10 Jun 2022 08:24:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        141.98.6.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69072916 (0x41df814)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3124de2d6b780b3dbb5fbf5b926dcb8d2f0cc106
        Validity
            Not Before: Jun 10 08:24:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69374f17e296e74d3de15007189fbef3d36775fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:53:0f:9d:9e:40:ab:02:14:45:7d:50:2a:ad:
                    77:e3:1c:35:d2:d0:fb:ea:15:a6:cd:57:81:25:94:
                    a5:0b:13:46:19:a8:78:89:93:de:1e:bd:ba:c4:31:
                    c0:6a:04:7a:74:c1:91:5d:22:0d:b6:92:a0:35:ec:
                    be:59:ab:09:35:81:e8:db:5b:12:e3:84:ab:91:b9:
                    df:a3:de:ba:44:71:c4:81:28:ab:29:a6:4b:43:bc:
                    74:3e:e1:5a:c3:2d:4e:0c:f9:66:4f:ef:9b:dc:3b:
                    d9:2f:91:fa:9a:7c:1a:ae:24:c8:fd:bc:b0:e4:87:
                    39:2c:de:b6:09:ec:76:de:39:ec:00:d5:c9:3f:d7:
                    fb:8e:40:81:25:7f:8d:fa:2a:79:4e:d9:df:2d:2a:
                    6c:d5:67:67:3f:c9:98:82:98:e5:e0:ce:70:1d:bd:
                    91:0d:36:da:12:2c:ae:b1:e9:5c:e5:ae:d7:d7:fb:
                    77:b9:fa:63:fc:e3:94:f2:15:ac:c6:a1:cc:b7:d5:
                    21:4d:2f:aa:a3:90:49:40:c0:5e:15:47:2b:91:10:
                    e1:bd:b0:bb:a8:d7:81:37:0e:af:bb:8b:89:c6:09:
                    be:a9:1b:dd:52:5e:56:31:16:f0:56:3f:9a:7a:96:
                    e2:33:cd:f2:77:ee:83:f7:ef:80:c8:95:ce:7b:ae:
                    cd:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:37:4F:17:E2:96:E7:4D:3D:E1:50:07:18:9F:BE:F3:D3:67:75:FC
            X509v3 Authority Key Identifier:
                keyid:31:24:DE:2D:6B:78:0B:3D:BB:5F:BF:5B:92:6D:CB:8D:2F:0C:C1:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MSTeLWt4Cz27X79bkm3LjS8MwQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/936eab-094e-4903-9148-a76f86575247/1/aTdPF-KW50094VAHGJ--89Nndfw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/936eab-094e-4903-9148-a76f86575247/1/MSTeLWt4Cz27X79bkm3LjS8MwQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:93:82:16:56:30:84:85:26:39:ca:05:5b:4c:53:9d:bd:7d:
         47:ef:37:28:f4:40:d2:36:1b:56:67:9c:cd:09:20:97:13:74:
         81:14:0a:c7:43:c3:9c:b4:c1:5d:f8:ae:1d:0e:49:f7:d6:b7:
         7e:bc:8b:c2:89:5b:ef:a4:73:d3:df:a9:6c:8c:ef:ea:b3:9d:
         c7:e7:5f:88:0c:f2:c9:02:37:44:c6:4d:53:3c:df:f6:87:15:
         c2:b7:e2:a4:02:ac:ea:9c:5e:9f:b9:44:cd:89:e5:4f:a6:b6:
         ed:2e:6c:c3:91:0c:69:23:d6:5b:33:b2:59:87:77:32:bc:f8:
         41:51:4b:ed:45:fc:ad:9d:05:1e:32:f8:da:ca:07:22:1a:26:
         bf:7a:51:cf:63:de:8b:b2:ef:4c:fe:ae:71:66:0e:6b:da:34:
         bc:bc:29:84:c1:c7:e2:90:eb:a3:e3:03:29:d4:4a:b8:27:7e:
         c2:74:97:9d:c9:61:09:1e:5e:c9:b5:5a:78:1b:2a:4a:b2:00:
         b4:39:11:0b:52:aa:8d:40:e5:09:fe:24:76:f7:55:96:17:b6:
         7c:f2:93:33:6d:04:f5:13:56:c4:c6:02:ae:10:ab:59:a6:6e:
         e1:9b:52:48:a0:eb:0f:68:3b:07:29:98:b9:b3:91:63:f4:3e:
         79:43:48:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBB34FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTI0ZGUyZDZiNzgwYjNkYmI1ZmJmNWI5MjZkY2I4ZDJmMGNjMTA2MB4XDTIyMDYx
MDA4MjQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkzNzRmMTdlMjk2
ZTc0ZDNkZTE1MDA3MTg5ZmJlZjNkMzY3NzVmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNTD52eQKsCFEV9UCqtd+McNdLQ++oVps1XgSWUpQsTRhmo
eImT3h69usQxwGoEenTBkV0iDbaSoDXsvlmrCTWB6NtbEuOEq5G536PeukRxxIEo
qymmS0O8dD7hWsMtTgz5Zk/vm9w72S+R+pp8Gq4kyP28sOSHOSzetgnsdt457ADV
yT/X+45AgSV/jfoqeU7Z3y0qbNVnZz/JmIKY5eDOcB29kQ022hIsrrHpXOWu19f7
d7n6Y/zjlPIVrMahzLfVIU0vqqOQSUDAXhVHK5EQ4b2wu6jXgTcOr7uLicYJvqkb
3VJeVjEW8FY/mnqW4jPN8nfug/fvgMiVznuuzQUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpN08X4pbnTT3hUAcYn77z02d1/DAfBgNVHSMEGDAWgBQxJN4ta3gLPbtf
v1uSbcuNLwzBBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01TVGVMV3Q0Q3oyN1g3OWJrbTNMalM4TXdRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvOTM2ZWFiLTA5NGUtNDkwMy05MTQ4LWE3NmY4NjU3NTI0Ny8x
L2FUZFBGLUtXNTAwOTRWQUhHSi0tODlObmRmdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
OTM2ZWFiLTA5NGUtNDkwMy05MTQ4LWE3NmY4NjU3NTI0Ny8xL01TVGVMV3Q0Q3oy
N1g3OWJrbTNMalM4TXdRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1iBjANBgkqhkiG9w0BAQsFAAOC
AQEAg5OCFlYwhIUmOcoFW0xTnb19R+83KPRA0jYbVmeczQkglxN0gRQKx0PDnLTB
XfiuHQ5J99a3fryLwolb76Rz09+pbIzv6rOdx+dfiAzyyQI3RMZNUzzf9ocVwrfi
pAKs6pxen7lEzYnlT6a27S5sw5EMaSPWWzOyWYd3Mrz4QVFL7UX8rZ0FHjL42soH
Ihomv3pRz2Pei7LvTP6ucWYOa9o0vLwphMHH4pDro+MDKdRKuCd+wnSXnclhCR5e
ybVaeBsqSrIAtDkRC1KqjUDlCf4kdvdVlhe2fPKTM20E9RNWxMYCrhCrWaZu4ZtS
SKDrD2g7BymYubORY/Q+eUNIUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org