Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/205679-b6fc-4624-8763-e435d1b858fb/1/PWXqlz7b46myJ8ScfLkFxdsHm1o.roa
File:                     PWXqlz7b46myJ8ScfLkFxdsHm1o.roa (raw, json)
Hash identifier:          EsXneBepWjDxWY8XDlEpZZwpVOGG0CCVyjG+oOfqxCg=
Subject key identifier:   3D:65:EA:97:3E:DB:E3:A9:B2:27:C4:9C:7C:B9:05:C5:DB:07:9B:5A
Certificate issuer:       /CN=a3afa673d47919f6342317ba485da75e18a33bb2
Certificate serial:       C6D50A
Authority key identifier: A3:AF:A6:73:D4:79:19:F6:34:23:17:BA:48:5D:A7:5E:18:A3:3B:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6-mc9R5GfY0Ixe6SF2nXhijO7I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/205679-b6fc-4624-8763-e435d1b858fb/1/PWXqlz7b46myJ8ScfLkFxdsHm1o.roa
Signing time:             Sat 01 Jan 2022 09:02:08 +0000
ROA not before:           Sat 01 Jan 2022 09:02:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49392
IP address blocks:        31.222.237.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13030666 (0xc6d50a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3afa673d47919f6342317ba485da75e18a33bb2
        Validity
            Not Before: Jan  1 09:02:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d65ea973edbe3a9b227c49c7cb905c5db079b5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:07:31:60:9b:2e:5e:3d:eb:45:f5:6d:18:82:
                    42:33:29:41:f9:93:e6:df:4c:31:68:5b:ba:81:81:
                    81:20:36:6b:6d:78:9b:65:e8:04:01:db:a4:65:66:
                    4a:92:af:9b:ee:35:59:e5:3b:d8:b6:e7:d9:f7:3b:
                    20:a2:6a:90:74:52:27:d9:16:d7:e7:9f:b4:a3:a6:
                    d5:ee:2c:24:cd:88:0e:ae:e0:d0:d5:ca:d8:bd:a1:
                    99:58:9e:d6:55:4c:42:67:c6:c0:f2:2a:7e:ea:e7:
                    f7:1d:75:31:02:d3:d2:8e:ce:02:8f:7a:0c:1e:b3:
                    99:bb:aa:88:a5:02:92:f1:a8:b8:c2:44:31:da:7b:
                    4e:bf:f5:95:ee:59:40:b5:5e:4d:30:d4:e9:3a:60:
                    55:6f:0e:48:2f:56:fd:73:72:49:2b:3a:bb:c1:64:
                    35:df:df:af:fc:5c:f6:8b:75:0f:27:1b:90:07:3d:
                    84:2a:45:b6:43:66:f3:1e:63:06:84:22:8a:e5:a5:
                    73:58:f0:4f:41:56:11:0c:75:82:01:71:53:50:fb:
                    cd:d8:7b:77:2c:f5:2b:2d:fa:c6:cc:d5:16:92:1e:
                    a3:aa:23:e7:a0:64:c7:5f:1b:4c:83:23:76:2c:b2:
                    fe:bc:43:27:eb:96:62:b3:2f:04:5a:ee:90:b0:ad:
                    db:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:65:EA:97:3E:DB:E3:A9:B2:27:C4:9C:7C:B9:05:C5:DB:07:9B:5A
            X509v3 Authority Key Identifier:
                keyid:A3:AF:A6:73:D4:79:19:F6:34:23:17:BA:48:5D:A7:5E:18:A3:3B:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6-mc9R5GfY0Ixe6SF2nXhijO7I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/205679-b6fc-4624-8763-e435d1b858fb/1/PWXqlz7b46myJ8ScfLkFxdsHm1o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/205679-b6fc-4624-8763-e435d1b858fb/1/o6-mc9R5GfY0Ixe6SF2nXhijO7I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:90:c5:db:71:f0:58:f9:83:af:d8:d4:9f:2c:55:81:40:19:
         16:f4:ac:51:f5:a9:c8:81:af:c1:55:7f:80:b5:1f:e1:2d:de:
         6f:10:2a:b8:36:ce:8e:6b:b1:90:0c:83:72:2e:51:62:4c:f3:
         41:aa:da:b5:18:ba:b4:68:59:0a:0d:29:40:41:cc:48:3a:9c:
         59:e2:12:cb:1d:6c:c2:ae:e9:d5:0d:c4:1a:ed:80:d1:1b:ca:
         7f:1e:4c:f9:d7:f8:07:20:cf:53:16:51:59:f5:d8:62:93:75:
         ed:b7:67:b8:9b:0b:e5:9d:60:94:0f:45:d5:77:38:de:2c:10:
         0c:35:89:42:b8:2b:fa:73:0c:75:ce:ce:0c:f2:01:f7:89:40:
         1f:d0:43:b8:9c:de:5d:cc:91:d4:f3:4c:92:78:c7:28:c7:f9:
         4d:d9:28:45:6b:3a:3d:25:5b:b5:48:2c:61:4c:17:b3:01:10:
         99:28:9d:16:0f:2b:67:46:9a:10:03:14:b2:9c:21:f6:6a:f6:
         40:c5:89:47:c8:89:b6:a5:95:d2:12:9f:b0:8f:1f:82:2e:cd:
         86:0b:99:bf:ae:5b:df:a1:e1:ac:96:bc:ee:eb:6d:8e:29:25:
         52:9d:df:50:1f:1d:6c:ce:25:1e:d2:5b:de:e9:ac:b3:c7:d6:
         52:e0:b8:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMbVCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2FmYTY3M2Q0NzkxOWY2MzQyMzE3YmE0ODVkYTc1ZTE4YTMzYmIyMB4XDTIyMDEw
MTA5MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q2NWVhOTczZWRi
ZTNhOWIyMjdjNDljN2NiOTA1YzVkYjA3OWI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkHMWCbLl4960X1bRiCQjMpQfmT5t9MMWhbuoGBgSA2a214
m2XoBAHbpGVmSpKvm+41WeU72Lbn2fc7IKJqkHRSJ9kW1+eftKOm1e4sJM2IDq7g
0NXK2L2hmVie1lVMQmfGwPIqfurn9x11MQLT0o7OAo96DB6zmbuqiKUCkvGouMJE
Mdp7Tr/1le5ZQLVeTTDU6TpgVW8OSC9W/XNySSs6u8FkNd/fr/xc9ot1DycbkAc9
hCpFtkNm8x5jBoQiiuWlc1jwT0FWEQx1ggFxU1D7zdh7dyz1Ky36xszVFpIeo6oj
56Bkx18bTIMjdiyy/rxDJ+uWYrMvBFrukLCt29MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ9ZeqXPtvjqbInxJx8uQXF2webWjAfBgNVHSMEGDAWgBSjr6Zz1HkZ9jQj
F7pIXadeGKM7sjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L282LW1jOVI1R2ZZMEl4ZTZTRjJuWGhpak83SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMjA1Njc5LWI2ZmMtNDYyNC04NzYzLWU0MzVkMWI4NThmYi8x
L1BXWHFsejdiNDZteUo4U2NmTGtGeGRzSG0xby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MjA1Njc5LWI2ZmMtNDYyNC04NzYzLWU0MzVkMWI4NThmYi8xL282LW1jOVI1R2ZZ
MEl4ZTZTRjJuWGhpak83SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/e7TANBgkqhkiG9w0BAQsFAAOC
AQEAJ5DF23HwWPmDr9jUnyxVgUAZFvSsUfWpyIGvwVV/gLUf4S3ebxAquDbOjmux
kAyDci5RYkzzQaratRi6tGhZCg0pQEHMSDqcWeISyx1swq7p1Q3EGu2A0RvKfx5M
+df4ByDPUxZRWfXYYpN17bdnuJsL5Z1glA9F1Xc43iwQDDWJQrgr+nMMdc7ODPIB
94lAH9BDuJzeXcyR1PNMknjHKMf5TdkoRWs6PSVbtUgsYUwXswEQmSidFg8rZ0aa
EAMUspwh9mr2QMWJR8iJtqWV0hKfsI8fgi7NhguZv65b36HhrJa87uttjiklUp3f
UB8dbM4lHtJb3umss8fWUuC4vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:00 2024 by rpki-client on console-fra.rpki-client.org