Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oC-f1A9fpeZyEmmvX8NBw5KiqDc.roa
File:                     oC-f1A9fpeZyEmmvX8NBw5KiqDc.roa (raw, json)
Hash identifier:          8eJUZyWSIIuEj1Z8wOGpJtZzraoIr7CCLPSO7EqUsXI=
Subject key identifier:   A0:2F:9F:D4:0F:5F:A5:E6:72:12:69:AF:5F:C3:41:C3:92:A2:A8:37
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       01483814
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oC-f1A9fpeZyEmmvX8NBw5KiqDc.roa
Signing time:             Sat 01 Jan 2022 09:00:14 +0000
ROA not before:           Sat 01 Jan 2022 09:00:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        193.107.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21510164 (0x1483814)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Jan  1 09:00:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a02f9fd40f5fa5e6721269af5fc341c392a2a837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b0:20:f1:8d:0f:e0:ff:d2:46:8f:b3:c9:ca:
                    36:64:94:6f:80:9b:40:55:2d:86:fa:17:64:5e:7e:
                    88:25:b5:5f:0f:dd:02:1a:49:be:1d:e8:60:ac:63:
                    5c:33:9e:a9:87:2d:1d:35:32:04:f7:cb:e3:d7:90:
                    4b:85:13:c1:5a:9b:f8:07:f0:66:00:b3:17:87:6a:
                    ad:76:0a:f1:7d:d8:5d:f0:ba:7d:74:fd:34:fa:4c:
                    1d:75:ed:2b:d4:ce:af:bb:98:95:fa:fd:e8:f3:a3:
                    c2:61:d6:88:30:d6:78:89:e4:c4:aa:32:ec:a0:4d:
                    75:db:63:91:de:b7:d6:1e:6b:c9:d5:f5:aa:f4:a9:
                    73:9b:c7:50:87:55:7e:18:04:5e:2b:8c:bb:cd:d0:
                    c2:2c:a1:ac:98:e2:c1:b7:7d:b5:2d:e9:18:52:e9:
                    ca:84:25:34:1d:e2:b5:db:37:46:9d:06:b4:a4:7a:
                    50:e8:d3:82:61:69:1d:4b:59:48:51:2e:92:10:be:
                    fd:f5:91:05:49:67:ee:4f:b7:8d:03:fc:23:90:73:
                    0d:51:57:02:2c:34:86:75:8b:cd:5d:5c:8f:7f:40:
                    31:fc:0e:61:90:65:2b:c9:6b:8d:cd:27:43:31:80:
                    76:6e:33:87:94:9c:ab:2c:15:bc:55:eb:17:4e:73:
                    ca:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:2F:9F:D4:0F:5F:A5:E6:72:12:69:AF:5F:C3:41:C3:92:A2:A8:37
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oC-f1A9fpeZyEmmvX8NBw5KiqDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:0f:dd:49:e2:35:58:01:c8:89:26:9e:7e:95:2d:c9:2e:6b:
         5c:cd:de:cc:f5:bc:9c:58:a2:a9:a2:b5:de:4a:04:87:ed:62:
         f1:d1:3d:31:05:f4:e0:1c:f8:b2:97:bd:c9:c8:2b:bc:95:de:
         9b:77:f1:a3:01:18:64:84:c0:e2:8d:20:8c:9b:a7:5b:6a:17:
         70:27:b4:10:d8:ae:8e:23:f8:b8:18:cc:8a:ff:31:df:4f:cd:
         96:c2:b8:01:53:d0:10:5a:8a:24:fd:88:ff:62:d9:9d:7d:eb:
         f5:c6:b7:b2:68:94:cb:35:07:77:c9:54:09:bb:35:42:ba:6c:
         a3:d2:a9:1c:d9:ee:43:31:b4:a1:1e:27:3b:95:c5:ae:7e:13:
         83:40:6c:2e:ec:15:6e:64:fa:ac:62:7e:34:27:db:9d:8a:87:
         6c:4c:38:ba:f2:f3:64:e2:dd:88:f1:07:e1:35:0a:d1:71:c7:
         da:a9:40:5c:df:31:ee:23:ab:7e:8e:a8:a1:b0:fb:68:31:fe:
         eb:70:09:31:57:f6:86:f3:a3:e3:95:85:f6:a4:a8:8e:90:cf:
         d9:3e:a5:4e:93:26:d0:bc:cd:2d:64:ca:b5:99:33:4f:57:60:
         af:d4:1f:ef:a1:29:06:12:a3:ba:9d:27:0d:1c:0f:24:66:66:
         96:aa:83:bd
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAUg4FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExNTdlODFiN2M5ZTQzMzYwYTFjYjUwYTMxNDAxMTc1OTIxODA4MB4XDTIyMDEw
MTA5MDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAyZjlmZDQwZjVm
YTVlNjcyMTI2OWFmNWZjMzQxYzM5MmEyYTgzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiwIPGND+D/0kaPs8nKNmSUb4CbQFUthvoXZF5+iCW1Xw/d
AhpJvh3oYKxjXDOeqYctHTUyBPfL49eQS4UTwVqb+AfwZgCzF4dqrXYK8X3YXfC6
fXT9NPpMHXXtK9TOr7uYlfr96POjwmHWiDDWeInkxKoy7KBNddtjkd631h5rydX1
qvSpc5vHUIdVfhgEXiuMu83QwiyhrJjiwbd9tS3pGFLpyoQlNB3itds3Rp0GtKR6
UOjTgmFpHUtZSFEukhC+/fWRBUln7k+3jQP8I5BzDVFXAiw0hnWLzV1cj39AMfwO
YZBlK8lrjc0nQzGAdm4zh5ScqywVvFXrF05zypkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSgL5/UD1+l5nISaa9fw0HDkqKoNzAfBgNVHSMEGDAWgBT7EVfoG3yeQzYK
HLUKMUARdZIYCDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMv
MS9vQy1mMUE5ZnBlWnlFbW12WDhOQnc1S2lxRGMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMvMS8xLXhGWDZCdDhu
a00yQ2h5MUNqRkFFWFdTR0FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsVMA0GCSqGSIb3DQEBCwUA
A4IBAQBeD91J4jVYAciJJp5+lS3JLmtczd7M9bycWKKporXeSgSH7WLx0T0xBfTg
HPiyl73JyCu8ld6bd/GjARhkhMDijSCMm6dbahdwJ7QQ2K6OI/i4GMyK/zHfT82W
wrgBU9AQWook/Yj/Ytmdfev1xreyaJTLNQd3yVQJuzVCumyj0qkc2e5DMbShHic7
lcWufhODQGwu7BVuZPqsYn40J9udiodsTDi68vNk4t2I8QfhNQrRccfaqUBc3zHu
I6t+jqihsPtoMf7rcAkxV/aG86PjlYX2pKiOkM/ZPqVOkybQvM0tZMq1mTNPV2Cv
1B/voSkGEqO6nScNHA8kZmaWqoO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:02 2024 by rpki-client on console-ams.rpki-client.org