Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9fbd08-d6cd-4738-8de4-5822f621e8c9/1/rFOl5ynTC0eZC-8eQQS5X6BPIPs.roa
File:                     rFOl5ynTC0eZC-8eQQS5X6BPIPs.roa (raw, json)
Hash identifier:          2HOjRFdTi5nQ+TFTUW0ualY6LDjKNwsCiCdblc5hMNo=
Subject key identifier:   AC:53:A5:E7:29:D3:0B:47:99:0B:EF:1E:41:04:B9:5F:A0:4F:20:FB
Certificate issuer:       /CN=e9c64bad94f940b013b691a1dbc5fb92910e2a7f
Certificate serial:       0349F622
Authority key identifier: E9:C6:4B:AD:94:F9:40:B0:13:B6:91:A1:DB:C5:FB:92:91:0E:2A:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6cZLrZT5QLATtpGh28X7kpEOKn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/9fbd08-d6cd-4738-8de4-5822f621e8c9/1/rFOl5ynTC0eZC-8eQQS5X6BPIPs.roa
Signing time:             Sat 01 Jan 2022 01:54:10 +0000
ROA not before:           Sat 01 Jan 2022 01:54:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50495
IP address blocks:        91.239.64.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55178786 (0x349f622)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9c64bad94f940b013b691a1dbc5fb92910e2a7f
        Validity
            Not Before: Jan  1 01:54:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac53a5e729d30b47990bef1e4104b95fa04f20fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:3e:0b:c9:eb:4f:dd:f9:73:78:e6:6d:e3:51:
                    37:34:07:10:02:e4:0c:5f:df:2c:09:5a:a6:e0:60:
                    f7:a1:fc:42:52:cd:dd:7d:a8:d7:25:b5:08:e5:eb:
                    93:01:ba:98:d1:d1:9b:3d:4e:16:df:9a:41:69:47:
                    39:fb:50:59:2d:5e:85:23:21:4d:3c:6b:46:83:85:
                    01:50:ee:2a:76:d8:5e:10:bf:e2:a4:6e:3b:73:12:
                    95:1b:03:70:87:16:89:5b:81:47:66:5b:5a:c1:fb:
                    1a:26:a2:e8:57:e1:f5:be:13:6d:e8:d1:20:07:54:
                    57:2b:2f:6d:97:7c:db:00:ee:96:e4:4b:c2:10:de:
                    5a:8f:dd:91:51:25:0a:bc:3c:d0:5d:21:fb:1e:cb:
                    ec:79:25:3a:84:f2:cf:70:6d:94:94:d0:f0:ff:97:
                    6f:a1:81:04:fc:ae:e6:1d:6c:bc:3b:fe:ad:02:da:
                    6d:e1:f7:3f:b4:95:c5:24:81:58:24:b0:1d:4d:ef:
                    1a:14:65:c0:e6:b5:f9:2f:71:66:c4:3f:d6:a5:33:
                    7c:94:e1:bf:3c:b8:c1:de:c6:b5:d0:01:da:2c:b1:
                    fa:47:d7:14:8b:fa:66:95:24:60:be:0f:2d:77:ea:
                    81:91:6f:01:c0:e4:25:d3:60:fe:a2:06:5f:56:49:
                    31:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:53:A5:E7:29:D3:0B:47:99:0B:EF:1E:41:04:B9:5F:A0:4F:20:FB
            X509v3 Authority Key Identifier:
                keyid:E9:C6:4B:AD:94:F9:40:B0:13:B6:91:A1:DB:C5:FB:92:91:0E:2A:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cZLrZT5QLATtpGh28X7kpEOKn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9fbd08-d6cd-4738-8de4-5822f621e8c9/1/rFOl5ynTC0eZC-8eQQS5X6BPIPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9fbd08-d6cd-4738-8de4-5822f621e8c9/1/6cZLrZT5QLATtpGh28X7kpEOKn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:3d:a0:87:8a:9a:8d:4f:76:6b:6a:52:7d:94:59:ec:da:bf:
         f1:8d:29:08:0e:8c:fb:43:3d:fa:aa:80:22:26:41:41:c3:a8:
         ef:b8:df:39:7d:01:ea:8d:33:f8:fb:b9:e6:33:34:ac:73:54:
         bb:1f:54:57:62:fa:f3:d8:17:63:1d:dd:5e:83:33:0f:75:45:
         e8:f3:b2:21:d9:cd:c9:f3:8d:f4:92:ad:b6:76:0d:96:6c:cf:
         b3:31:e5:e4:2c:5e:be:31:05:9d:94:15:c8:27:1e:11:e5:3e:
         07:94:05:94:fe:28:d2:a7:3c:8d:21:dd:f4:41:f4:a0:31:12:
         20:4b:80:02:e7:f5:56:99:d9:c1:19:69:72:5d:fd:b8:43:20:
         9e:c7:d0:9d:02:77:30:3b:e7:c6:1b:07:4f:e2:1a:6f:5b:fb:
         d8:2f:b9:78:1e:85:57:8f:65:3d:50:d2:26:d8:51:0c:51:19:
         fc:d4:b5:1e:b7:82:5b:92:f7:e8:09:df:5f:46:4c:de:c8:a3:
         1b:5d:eb:01:11:0e:c2:8c:cb:85:82:cd:f2:d8:dd:a6:f7:c1:
         de:22:40:0d:dc:14:a8:70:5f:ff:0f:d5:f7:48:90:09:21:c2:
         86:71:98:a3:fc:5f:c4:87:4f:f0:27:30:10:71:4a:4b:08:04:
         f0:91:86:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0n2IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWM2NGJhZDk0Zjk0MGIwMTNiNjkxYTFkYmM1ZmI5MjkxMGUyYTdmMB4XDTIyMDEw
MTAxNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM1M2E1ZTcyOWQz
MGI0Nzk5MGJlZjFlNDEwNGI5NWZhMDRmMjBmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4+C8nrT935c3jmbeNRNzQHEALkDF/fLAlapuBg96H8QlLN
3X2o1yW1COXrkwG6mNHRmz1OFt+aQWlHOftQWS1ehSMhTTxrRoOFAVDuKnbYXhC/
4qRuO3MSlRsDcIcWiVuBR2ZbWsH7Giai6Ffh9b4TbejRIAdUVysvbZd82wDuluRL
whDeWo/dkVElCrw80F0h+x7L7HklOoTyz3BtlJTQ8P+Xb6GBBPyu5h1svDv+rQLa
beH3P7SVxSSBWCSwHU3vGhRlwOa1+S9xZsQ/1qUzfJThvzy4wd7GtdAB2iyx+kfX
FIv6ZpUkYL4PLXfqgZFvAcDkJdNg/qIGX1ZJMZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsU6XnKdMLR5kL7x5BBLlfoE8g+zAfBgNVHSMEGDAWgBTpxkutlPlAsBO2
kaHbxfuSkQ4qfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZjWkxyWlQ1UUxBVHRwR2gyOFg3a3BFT0tuOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvOWZiZDA4LWQ2Y2QtNDczOC04ZGU0LTU4MjJmNjIxZThjOS8x
L3JGT2w1eW5UQzBlWkMtOGVRUVM1WDZCUElQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
OWZiZDA4LWQ2Y2QtNDczOC04ZGU0LTU4MjJmNjIxZThjOS8xLzZjWkxyWlQ1UUxB
VHRwR2gyOFg3a3BFT0tuOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvvQDANBgkqhkiG9w0BAQsFAAOC
AQEAAT2gh4qajU92a2pSfZRZ7Nq/8Y0pCA6M+0M9+qqAIiZBQcOo77jfOX0B6o0z
+Pu55jM0rHNUux9UV2L689gXYx3dXoMzD3VF6POyIdnNyfON9JKttnYNlmzPszHl
5CxevjEFnZQVyCceEeU+B5QFlP4o0qc8jSHd9EH0oDESIEuAAuf1VpnZwRlpcl39
uEMgnsfQnQJ3MDvnxhsHT+Iab1v72C+5eB6FV49lPVDSJthRDFEZ/NS1HreCW5L3
6AnfX0ZM3sijG13rAREOwozLhYLN8tjdpvfB3iJADdwUqHBf/w/V90iQCSHChnGY
o/xfxIdP8CcwEHFKSwgE8JGG4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org