Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OM35pZBaJcjRRERUsBKkslHFu3M.roa
File:                     OM35pZBaJcjRRERUsBKkslHFu3M.roa (raw, json)
Hash identifier:          g5gKTFrRbYSH3c7cH4vUd7idTgQ5r0PxPbsXGTtapbU=
Subject key identifier:   38:CD:F9:A5:90:5A:25:C8:D1:44:44:54:B0:12:A4:B2:51:C5:BB:73
Certificate issuer:       /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial:       01856F8C4EDE0F347B4959A726813457844E
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OM35pZBaJcjRRERUsBKkslHFu3M.roa
Signing time:             Sun 01 Jan 2023 22:55:44 +0000
ROA not before:           Sun 01 Jan 2023 22:55:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142430
IP address blocks:        2.59.57.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8c:4e:de:0f:34:7b:49:59:a7:26:81:34:57:84:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
        Validity
            Not Before: Jan  1 22:55:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38cdf9a5905a25c8d1444454b012a4b251c5bb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:00:3a:59:94:ae:20:cb:ee:ad:71:4e:73:31:
                    d8:3d:07:17:e8:18:c0:1b:3f:e5:bc:e5:04:6d:e4:
                    6e:9a:72:5f:1f:e6:74:4d:0f:b5:12:06:2b:00:d8:
                    77:dc:ef:80:d4:85:ee:cb:48:1f:b1:06:26:05:3b:
                    4d:f4:75:1e:75:e7:55:46:0c:61:72:5e:8e:01:bd:
                    06:3c:8c:8d:19:70:65:c3:5d:d1:ef:c7:a3:95:24:
                    03:77:0d:1a:74:9f:0d:59:8c:3f:37:77:b1:76:f9:
                    81:12:36:66:b2:03:80:d1:d2:82:c3:05:95:6d:f0:
                    ce:d3:66:08:7d:16:97:d3:11:fc:b1:b1:78:65:38:
                    01:00:89:9e:a1:30:d3:47:50:dc:e6:fb:36:ae:ac:
                    52:de:b7:96:84:eb:90:cf:cb:75:a5:46:a0:e9:b3:
                    46:7b:b8:1d:6f:58:fd:ae:9e:87:01:cf:b4:7f:af:
                    1b:51:93:7a:03:07:0a:b4:6b:8c:29:89:39:1f:0c:
                    d5:e2:d7:eb:e5:be:5f:bd:41:46:45:7b:1f:e5:02:
                    ed:4f:45:d1:cf:53:40:48:9d:89:db:8b:7d:68:b7:
                    80:dd:e9:4b:6c:82:5e:44:63:9a:7e:42:95:64:99:
                    1e:66:ee:9b:0f:97:aa:55:ac:c5:11:93:4d:12:33:
                    88:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:CD:F9:A5:90:5A:25:C8:D1:44:44:54:B0:12:A4:B2:51:C5:BB:73
            X509v3 Authority Key Identifier:
                keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OM35pZBaJcjRRERUsBKkslHFu3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:21:3f:c1:42:5c:88:f8:8a:a9:72:3d:36:e1:c3:bf:d6:85:
         f6:71:8f:cf:cc:e7:eb:19:3c:aa:07:23:88:23:9c:24:08:97:
         2a:ae:a3:4d:65:53:cd:a6:2e:7a:6d:0f:7b:37:e3:38:7c:a3:
         12:bc:71:2a:d9:72:88:8c:ef:9b:c4:96:77:b9:8f:30:a3:1c:
         7b:0d:89:41:41:19:bd:1f:54:d7:bf:2f:56:a1:69:81:a2:5b:
         2c:0d:ec:a1:bd:e0:d4:41:0d:a2:9f:63:4a:c3:3b:17:f7:b9:
         7b:aa:7a:c0:e1:52:9f:d8:35:da:55:d5:42:63:b5:16:32:74:
         d1:f9:8a:60:48:ba:ce:37:26:d7:d1:36:6b:02:76:47:00:89:
         78:f8:12:d4:ef:d7:73:6f:3a:18:bb:39:14:85:fd:64:e8:b6:
         f0:5d:c3:e7:0d:83:7e:76:81:7f:77:09:23:79:e6:f0:6b:2b:
         10:a3:e4:a1:d0:09:2c:7c:18:ee:3d:ce:2c:22:91:c5:47:e1:
         d7:7d:e6:21:bd:b3:d5:c7:35:28:ca:6e:91:cc:41:ee:65:4d:
         66:73:02:f9:66:03:ef:ad:f6:3c:f7:34:8f:69:45:ee:a1:da:
         23:74:eb:0e:5b:6b:c3:c1:f4:35:7d:98:b6:c4:82:49:ef:df:
         da:c6:56:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvjE7eDzR7SVmnJoE0V4ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjMwMTAxMjI1NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkZjlhNTkwNWEyNWM4ZDE0NDQ0NTRiMDEyYTRiMjUxYzViYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQA6WZSuIMvurXFOczHYPQcX6BjA
Gz/lvOUEbeRumnJfH+Z0TQ+1EgYrANh33O+A1IXuy0gfsQYmBTtN9HUededVRgxh
cl6OAb0GPIyNGXBlw13R78ejlSQDdw0adJ8NWYw/N3exdvmBEjZmsgOA0dKCwwWV
bfDO02YIfRaX0xH8sbF4ZTgBAImeoTDTR1Dc5vs2rqxS3reWhOuQz8t1pUag6bNG
e7gdb1j9rp6HAc+0f68bUZN6AwcKtGuMKYk5HwzV4tfr5b5fvUFGRXsf5QLtT0XR
z1NASJ2J24t9aLeA3elLbIJeRGOafkKVZJkeZu6bD5eqVazFEZNNEjOIAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjN+aWQWiXI0UREVLASpLJRxbtzMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvT00zNXBaQmFKY2pSUkVSVXNCS2tzbEhGdTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs5MA0G
CSqGSIb3DQEBCwUAA4IBAQC5IT/BQlyI+Iqpcj024cO/1oX2cY/PzOfrGTyqByOI
I5wkCJcqrqNNZVPNpi56bQ97N+M4fKMSvHEq2XKIjO+bxJZ3uY8woxx7DYlBQRm9
H1TXvy9WoWmBolssDeyhveDUQQ2in2NKwzsX97l7qnrA4VKf2DXaVdVCY7UWMnTR
+YpgSLrONybX0TZrAnZHAIl4+BLU79dzbzoYuzkUhf1k6LbwXcPnDYN+doF/dwkj
eebwaysQo+Sh0AksfBjuPc4sIpHFR+HXfeYhvbPVxzUoym6RzEHuZU1mcwL5ZgPv
rfY89zSPaUXuodojdOsOW2vDwfQ1fZi2xIJJ79/axlYj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org