Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/59ab25-6ba2-4da0-aaca-a1947e12d3d2/1/04lMqZnMV6FJQ94xcVq3-Q7rUb0.roa
File:                     04lMqZnMV6FJQ94xcVq3-Q7rUb0.roa (raw, json)
Hash identifier:          pS8lYIbl3S83v5x+MvQVpi6eEHQz4v1RWL6cFI7l048=
Subject key identifier:   D3:89:4C:A9:99:CC:57:A1:49:43:DE:31:71:5A:B7:F9:0E:EB:51:BD
Certificate issuer:       /CN=ce958855c6eb378ca71f8fcb3a7cf2db3435cd9f
Certificate serial:       088CEA8C
Authority key identifier: CE:95:88:55:C6:EB:37:8C:A7:1F:8F:CB:3A:7C:F2:DB:34:35:CD:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zpWIVcbrN4ynH4_LOnzy2zQ1zZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/59ab25-6ba2-4da0-aaca-a1947e12d3d2/1/04lMqZnMV6FJQ94xcVq3-Q7rUb0.roa
Signing time:             Sat 01 Jan 2022 11:53:50 +0000
ROA not before:           Sat 01 Jan 2022 11:53:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198610
IP address blocks:        45.12.17.0/24 maxlen: 24
                          45.12.16.0/24 maxlen: 24
                          45.12.18.0/24 maxlen: 24
                          45.12.19.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143452812 (0x88cea8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce958855c6eb378ca71f8fcb3a7cf2db3435cd9f
        Validity
            Not Before: Jan  1 11:53:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3894ca999cc57a14943de31715ab7f90eeb51bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:db:75:e7:8b:99:e3:a0:57:50:0f:1d:80:98:
                    10:6d:14:7e:db:bc:f5:6a:22:1e:31:5e:02:48:cf:
                    81:57:3c:94:13:7b:b1:61:5e:91:69:f3:d7:f4:a7:
                    57:db:16:52:ae:53:ca:26:6f:21:e7:0f:85:8d:b5:
                    82:5a:26:a7:3d:7d:e3:53:63:e2:8d:68:a4:4a:00:
                    c8:1d:42:9c:d0:9d:64:29:ec:c9:02:03:92:78:67:
                    9e:8a:55:37:8c:0a:18:98:96:d5:91:d5:58:2f:6b:
                    3f:0c:c7:21:c9:17:64:73:42:30:7e:6f:6e:34:a1:
                    8e:61:77:eb:61:a4:81:e8:07:f6:65:b1:68:0c:7a:
                    61:56:f9:64:a6:9e:60:eb:1c:30:35:04:53:a2:af:
                    58:f5:a7:66:b5:97:2e:08:09:9c:5c:d0:5c:c7:91:
                    e6:9e:70:fe:82:a7:23:45:9e:eb:79:a1:00:78:fb:
                    85:68:d8:1f:fd:81:3a:d6:c4:79:00:ae:bd:01:2d:
                    a0:f3:6a:84:78:cc:e7:25:48:04:de:23:c6:c4:8c:
                    4f:de:44:a8:1e:02:c2:f2:3c:f1:dd:1b:ee:c9:41:
                    e6:19:4d:15:46:44:03:55:b2:81:05:db:8e:95:98:
                    51:8d:e9:b3:c3:0d:0f:72:0e:53:5f:86:b4:8c:a9:
                    c2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:89:4C:A9:99:CC:57:A1:49:43:DE:31:71:5A:B7:F9:0E:EB:51:BD
            X509v3 Authority Key Identifier:
                keyid:CE:95:88:55:C6:EB:37:8C:A7:1F:8F:CB:3A:7C:F2:DB:34:35:CD:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpWIVcbrN4ynH4_LOnzy2zQ1zZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/59ab25-6ba2-4da0-aaca-a1947e12d3d2/1/04lMqZnMV6FJQ94xcVq3-Q7rUb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/59ab25-6ba2-4da0-aaca-a1947e12d3d2/1/zpWIVcbrN4ynH4_LOnzy2zQ1zZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:4a:11:22:82:32:55:01:19:61:f4:7f:ce:58:90:30:f4:13:
         cd:80:c5:5a:13:94:c3:4a:c6:e1:81:57:b3:1c:ea:7e:72:25:
         a8:cd:67:44:d5:b7:a9:9d:45:49:67:bd:00:06:55:1f:f6:a2:
         b5:24:ce:86:32:38:6a:b0:8e:c9:9e:65:31:19:0e:e6:ce:35:
         ee:c5:49:ad:90:84:49:cd:2d:27:07:5b:32:2c:c2:f8:7b:62:
         39:e8:5d:07:fe:5a:15:0b:7e:a6:c7:ce:0f:1b:d4:d3:69:f3:
         fc:bc:f4:d2:04:4b:29:50:b1:c9:53:9e:12:3a:96:a2:b4:25:
         2a:81:46:a8:04:3f:b6:32:89:f1:74:f7:49:b1:cd:8b:6f:d6:
         98:57:fd:64:a8:61:c7:70:07:90:d9:13:eb:db:1c:dd:7d:1a:
         af:cc:3e:80:1d:d2:7d:76:a2:a5:10:64:87:3e:7f:dd:45:ed:
         fb:f4:1d:44:77:f4:af:ca:91:db:fb:0c:44:2e:00:a3:f0:ac:
         7c:d1:26:02:63:3a:45:cf:ad:08:6a:55:c0:0e:31:12:2c:ce:
         8b:13:db:bb:a7:ab:80:6e:57:b4:12:cf:cf:c7:e2:01:a1:5d:
         5f:9e:34:90:6b:ef:45:24:ab:c7:d7:61:38:51:87:20:10:a7:
         37:4e:95:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIzqjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTk1ODg1NWM2ZWIzNzhjYTcxZjhmY2IzYTdjZjJkYjM0MzVjZDlmMB4XDTIyMDEw
MTExNTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM4OTRjYTk5OWNj
NTdhMTQ5NDNkZTMxNzE1YWI3ZjkwZWViNTFiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjbdeeLmeOgV1APHYCYEG0Uftu89WoiHjFeAkjPgVc8lBN7
sWFekWnz1/SnV9sWUq5TyiZvIecPhY21glompz1941Nj4o1opEoAyB1CnNCdZCns
yQIDknhnnopVN4wKGJiW1ZHVWC9rPwzHIckXZHNCMH5vbjShjmF362GkgegH9mWx
aAx6YVb5ZKaeYOscMDUEU6KvWPWnZrWXLggJnFzQXMeR5p5w/oKnI0We63mhAHj7
hWjYH/2BOtbEeQCuvQEtoPNqhHjM5yVIBN4jxsSMT95EqB4CwvI88d0b7slB5hlN
FUZEA1WygQXbjpWYUY3ps8MND3IOU1+GtIypwp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTiUypmcxXoUlD3jFxWrf5DutRvTAfBgNVHSMEGDAWgBTOlYhVxus3jKcf
j8s6fPLbNDXNnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pwV0lWY2JyTjR5bkg0X0xPbnp5MnpRMXpaOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNTlhYjI1LTZiYTItNGRhMC1hYWNhLWExOTQ3ZTEyZDNkMi8x
LzA0bE1xWm5NVjZGSlE5NHhjVnEzLVE3clViMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NTlhYjI1LTZiYTItNGRhMC1hYWNhLWExOTQ3ZTEyZDNkMi8xL3pwV0lWY2JyTjR5
bkg0X0xPbnp5MnpRMXpaOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0MEDANBgkqhkiG9w0BAQsFAAOC
AQEAKkoRIoIyVQEZYfR/zliQMPQTzYDFWhOUw0rG4YFXsxzqfnIlqM1nRNW3qZ1F
SWe9AAZVH/aitSTOhjI4arCOyZ5lMRkO5s417sVJrZCESc0tJwdbMizC+HtiOehd
B/5aFQt+psfODxvU02nz/Lz00gRLKVCxyVOeEjqWorQlKoFGqAQ/tjKJ8XT3SbHN
i2/WmFf9ZKhhx3AHkNkT69sc3X0ar8w+gB3SfXaipRBkhz5/3UXt+/QdRHf0r8qR
2/sMRC4Ao/CsfNEmAmM6Rc+tCGpVwA4xEizOixPbu6ergG5XtBLPz8fiAaFdX540
kGvvRSSrx9dhOFGHIBCnN06VPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org