Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/nvDmmcyhvplNLlK_bA6OXzzLXA8.roa
File:                     nvDmmcyhvplNLlK_bA6OXzzLXA8.roa (raw, json)
Hash identifier:          nxVfpN47W2ESPS//RSwIVH0acODnF/Z3VSDV89X+UbE=
Subject key identifier:   9E:F0:E6:99:CC:A1:BE:99:4D:2E:52:BF:6C:0E:8E:5F:3C:CB:5C:0F
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       023D96B9
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/nvDmmcyhvplNLlK_bA6OXzzLXA8.roa
Signing time:             Fri 08 Apr 2022 14:54:09 +0000
ROA not before:           Fri 08 Apr 2022 14:54:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        193.107.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37590713 (0x23d96b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Apr  8 14:54:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ef0e699cca1be994d2e52bf6c0e8e5f3ccb5c0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:28:82:1d:3a:3e:18:90:c1:4c:51:a3:24:f1:
                    0c:b3:ec:d8:9c:f7:2d:c3:57:c4:96:9b:42:d1:b8:
                    dc:51:8c:3b:7b:d7:1d:1d:12:1d:60:d1:d9:b2:d0:
                    f5:44:04:e4:7b:47:41:de:91:9d:8d:85:59:f5:67:
                    91:1a:55:ff:f9:4f:c1:73:6e:78:4f:09:dd:5c:6c:
                    c5:13:82:74:2d:fa:aa:0f:02:d1:a8:e7:ad:4b:36:
                    bb:01:a4:f0:b4:e2:87:d3:74:2a:8f:31:82:25:92:
                    68:45:a3:ae:3a:0c:f1:b8:5e:61:ce:7a:0c:f7:33:
                    b7:24:07:cd:53:34:a1:68:4e:0c:b5:bf:19:5b:67:
                    42:6e:9c:3b:cf:50:00:44:b1:e7:50:55:db:e9:b1:
                    47:fa:dd:81:85:a9:f2:8c:0f:25:78:2f:5c:bc:16:
                    48:5d:df:b2:36:78:bf:ef:3e:52:ca:9f:cb:ff:53:
                    b7:6a:d1:18:a3:6a:97:8b:d9:e7:be:1d:c1:dc:a1:
                    28:d5:d2:be:c5:3b:03:b3:f0:f6:3e:2d:93:ef:58:
                    60:3e:b7:26:29:79:54:0a:2c:9e:f6:f2:dd:8a:f7:
                    93:b1:d9:6c:1c:b1:9c:8c:5b:63:bd:1f:18:17:a1:
                    93:fe:66:3f:04:20:f6:9b:3e:80:2e:0a:5e:1b:8e:
                    0d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:F0:E6:99:CC:A1:BE:99:4D:2E:52:BF:6C:0E:8E:5F:3C:CB:5C:0F
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/nvDmmcyhvplNLlK_bA6OXzzLXA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:5b:59:c9:8d:af:76:6a:fb:bc:14:9c:be:5b:12:1f:46:ee:
         37:51:d9:33:d9:a6:cd:ce:04:c8:29:ce:df:19:c3:9f:b3:1a:
         e7:3e:a4:0e:04:85:a3:5e:a7:e0:3f:11:b0:d2:23:10:04:bf:
         08:1e:a4:a0:20:e4:55:b8:2d:e7:1d:fd:42:83:29:ff:b2:b2:
         06:11:fa:a7:80:a2:4e:0d:f9:4d:ed:77:d4:bc:6e:b1:36:f6:
         5b:9f:aa:6a:56:da:ff:20:2b:79:a4:42:bb:22:6c:2c:01:7b:
         59:6b:46:df:f1:8c:dc:1b:3f:a0:e4:1b:dc:32:fb:74:90:f4:
         7f:5a:f3:cd:df:ea:e7:0e:05:23:30:44:bd:33:4e:ae:c4:da:
         94:96:cd:f4:fd:1d:37:0d:46:85:6f:be:ff:e3:59:61:08:c0:
         ce:c6:77:2d:fc:0f:a2:74:43:f4:15:b0:c5:7e:ec:f8:f9:3b:
         d8:7b:a3:ed:a1:10:b0:63:36:07:5b:81:11:26:79:c8:b0:39:
         41:06:75:4b:fc:66:d5:3e:f4:18:c0:5b:92:dc:bf:41:b6:dc:
         3f:12:3b:78:5d:be:99:76:26:e0:0a:5e:e7:19:f9:02:62:58:
         5a:35:b6:46:f7:22:d3:10:6b:7b:47:05:b1:a6:4f:bf:02:1d:
         cf:09:99:d3
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAj2WuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExNTdlODFiN2M5ZTQzMzYwYTFjYjUwYTMxNDAxMTc1OTIxODA4MB4XDTIyMDQw
ODE0NTQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVmMGU2OTljY2Ex
YmU5OTRkMmU1MmJmNmMwZThlNWYzY2NiNWMwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUogh06PhiQwUxRoyTxDLPs2Jz3LcNXxJabQtG43FGMO3vX
HR0SHWDR2bLQ9UQE5HtHQd6RnY2FWfVnkRpV//lPwXNueE8J3VxsxROCdC36qg8C
0ajnrUs2uwGk8LTih9N0Ko8xgiWSaEWjrjoM8bheYc56DPcztyQHzVM0oWhODLW/
GVtnQm6cO89QAESx51BV2+mxR/rdgYWp8owPJXgvXLwWSF3fsjZ4v+8+Usqfy/9T
t2rRGKNql4vZ574dwdyhKNXSvsU7A7Pw9j4tk+9YYD63Jil5VAosnvby3Yr3k7HZ
bByxnIxbY70fGBehk/5mPwQg9ps+gC4KXhuODScCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSe8OaZzKG+mU0uUr9sDo5fPMtcDzAfBgNVHSMEGDAWgBT7EVfoG3yeQzYK
HLUKMUARdZIYCDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMv
MS9udkRtbWN5aHZwbE5MbEtfYkE2T1h6ekxYQTgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMvMS8xLXhGWDZCdDhu
a00yQ2h5MUNqRkFFWFdTR0FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsVMA0GCSqGSIb3DQEBCwUA
A4IBAQDOW1nJja92avu8FJy+WxIfRu43Udkz2abNzgTIKc7fGcOfsxrnPqQOBIWj
XqfgPxGw0iMQBL8IHqSgIORVuC3nHf1Cgyn/srIGEfqngKJODflN7XfUvG6xNvZb
n6pqVtr/ICt5pEK7ImwsAXtZa0bf8YzcGz+g5BvcMvt0kPR/WvPN3+rnDgUjMES9
M06uxNqUls30/R03DUaFb77/41lhCMDOxnct/A+idEP0FbDFfuz4+TvYe6PtoRCw
YzYHW4ERJnnIsDlBBnVL/GbVPvQYwFuS3L9Bttw/Ejt4Xb6ZdibgCl7nGfkCYlha
NbZG9yLTEGt7RwWxpk+/Ah3PCZnT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:00 2024 by rpki-client on console-fra.rpki-client.org