Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/RaS6ZMwvNc7d4UzEZKFToAwf2k8.roa
File:                     RaS6ZMwvNc7d4UzEZKFToAwf2k8.roa (raw, json)
Hash identifier:          mTT3z9Tr5q1i4G39y1LHsDA98X0ENbLfE/Zd5yv2WcE=
Subject key identifier:   45:A4:BA:64:CC:2F:35:CE:DD:E1:4C:C4:64:A1:53:A0:0C:1F:DA:4F
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       01849ECE5FC2988B59073627F74FE02A76C3
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/RaS6ZMwvNc7d4UzEZKFToAwf2k8.roa
Signing time:             Tue 22 Nov 2022 10:07:15 +0000
ROA not before:           Tue 22 Nov 2022 10:07:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212669
IP address blocks:        193.108.104.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9e:ce:5f:c2:98:8b:59:07:36:27:f7:4f:e0:2a:76:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Nov 22 10:07:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=45a4ba64cc2f35cedde14cc464a153a00c1fda4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:9d:ea:7c:92:d0:a9:66:0d:bd:e1:dc:56:32:
                    08:1d:36:fc:a5:dc:d5:83:00:8b:51:0c:87:19:f2:
                    27:5c:22:be:c0:02:aa:7f:7e:d9:8d:15:fd:26:6c:
                    74:23:12:8c:0c:83:8c:69:42:fe:b0:6f:7d:31:93:
                    d1:46:05:fa:68:6c:01:13:a5:79:55:71:ee:e0:4a:
                    0c:49:b9:5a:61:1c:74:cd:15:6b:1d:7a:b2:1e:8f:
                    c0:7f:6b:a5:36:2d:ef:4e:bb:6d:b1:71:1c:d2:0b:
                    84:fb:7e:a3:4b:bd:3a:60:77:6d:fa:be:85:53:8d:
                    86:63:4b:c2:1c:dd:31:30:18:14:8a:cd:53:ca:e9:
                    64:01:0f:fc:21:82:28:a7:e8:10:cb:2b:9f:ee:59:
                    f1:1a:5b:05:13:fa:c4:72:b8:cb:44:f2:84:8b:27:
                    75:06:4f:af:28:47:a9:5c:d1:46:e7:91:75:c4:9d:
                    41:19:79:9c:9f:1d:54:8d:f7:f0:b3:a7:65:9f:da:
                    40:6e:7d:73:4e:64:b1:2a:fb:5f:71:fa:a4:e3:8c:
                    6f:01:a8:5d:95:ac:96:da:ef:20:58:b3:f0:66:ce:
                    9c:8b:ba:cb:e2:53:0f:87:1e:53:2d:14:a3:b5:a3:
                    92:d0:84:e0:c6:03:2e:88:c2:60:19:41:8f:20:d1:
                    0d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A4:BA:64:CC:2F:35:CE:DD:E1:4C:C4:64:A1:53:A0:0C:1F:DA:4F
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/RaS6ZMwvNc7d4UzEZKFToAwf2k8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:ca:08:2b:30:38:0d:0f:88:10:57:82:d3:58:14:12:f8:0e:
         49:65:72:2b:25:7e:dd:4f:2e:6b:2b:a7:55:0a:a8:46:50:f7:
         c8:db:97:c8:31:4c:f2:a4:86:d4:2a:93:2c:5e:69:c7:ce:89:
         ad:9d:cb:ec:72:80:44:7f:56:c3:84:94:6f:5d:67:57:23:64:
         d0:2f:09:8c:af:b1:28:60:f7:6a:95:63:98:53:04:01:7c:54:
         6d:69:2c:e9:ed:7a:48:c4:4f:55:b8:65:2f:6b:e7:3b:59:11:
         00:5f:84:69:c2:7d:7f:b2:f7:a2:7c:0c:dd:b5:d6:f0:ac:62:
         09:af:83:61:25:4f:65:cf:ae:93:19:d6:bc:19:55:ac:a4:cd:
         e1:24:df:10:b9:64:6c:82:45:b3:d4:9f:f7:32:ad:7a:5a:2c:
         17:cf:3b:c0:2e:32:f2:4a:31:fb:64:13:03:6c:b8:70:9e:d5:
         64:61:bf:2e:81:3a:ca:a9:b1:fb:e7:31:c9:65:8f:b5:74:74:
         d7:5b:fc:b2:ac:10:8c:22:ab:45:85:11:bf:6e:52:dc:72:fe:
         66:bf:44:b0:6b:f6:ad:91:5f:b5:22:d9:29:86:1a:9b:d1:bf:
         3d:bf:e7:0e:d2:44:d8:f4:e6:ea:e8:d9:f7:08:5f:49:8d:13:
         70:da:3d:b4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYSezl/CmItZBzYn90/gKnbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTE1N2U4MWI3YzllNDMzNjBhMWNiNTBhMzE0MDExNzU5
MjE4MDgwHhcNMjIxMTIyMTAwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE0YmE2NGNjMmYzNWNlZGRlMTRjYzQ2NGExNTNhMDBjMWZkYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj53qfJLQqWYNveHcVjIIHTb8pdzV
gwCLUQyHGfInXCK+wAKqf37ZjRX9Jmx0IxKMDIOMaUL+sG99MZPRRgX6aGwBE6V5
VXHu4EoMSblaYRx0zRVrHXqyHo/Af2ulNi3vTrttsXEc0guE+36jS706YHdt+r6F
U42GY0vCHN0xMBgUis1TyulkAQ/8IYIop+gQyyuf7lnxGlsFE/rEcrjLRPKEiyd1
Bk+vKEepXNFG55F1xJ1BGXmcnx1Ujffws6dln9pAbn1zTmSxKvtfcfqk44xvAahd
layW2u8gWLPwZs6ci7rL4lMPhx5TLRSjtaOS0ITgxgMuiMJgGUGPINENNwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEWkumTMLzXO3eFMxGShU6AMH9pPMB8GA1UdIwQY
MBaAFPsRV+gbfJ5DNgoctQoxQBF1khgIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14Rlg2QnQ4bmtNMkNoeTFDakZBRVhXU0dBZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2
LTQxNjY2NGYwMWEyYy8xL1JhUzZaTXd2TmM3ZDRVekVaS0ZUb0F3ZjJrOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2LTQxNjY2NGYwMWEy
Yy8xLzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBbGgw
DQYJKoZIhvcNAQELBQADggEBAArKCCswOA0PiBBXgtNYFBL4Dkllcislft1PLmsr
p1UKqEZQ98jbl8gxTPKkhtQqkyxeacfOia2dy+xygER/VsOElG9dZ1cjZNAvCYyv
sShg92qVY5hTBAF8VG1pLOntekjET1W4ZS9r5ztZEQBfhGnCfX+y96J8DN211vCs
Ygmvg2ElT2XPrpMZ1rwZVaykzeEk3xC5ZGyCRbPUn/cyrXpaLBfPO8AuMvJKMftk
EwNsuHCe1WRhvy6BOsqpsfvnMcllj7V0dNdb/LKsEIwiq0WFEb9uUtxy/ma/RLBr
9q2RX7Ui2SmGGpvRvz2/5w7SRNj05uro2fcIX0mNE3DaPbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:02 2024 by rpki-client on console-ams.rpki-client.org