Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OspXhAoEgKp1LTprBytVWcYmbBQ.roa
File:                     OspXhAoEgKp1LTprBytVWcYmbBQ.roa (raw, json)
Hash identifier:          JWsuZrjtxZzOBm97a1NorEuwu8yI1RqSFNiZAiC74dQ=
Subject key identifier:   3A:CA:57:84:0A:04:80:AA:75:2D:3A:6B:07:2B:55:59:C6:26:6C:14
Certificate issuer:       /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial:       094AF9E2
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OspXhAoEgKp1LTprBytVWcYmbBQ.roa
Signing time:             Sat 01 Jan 2022 12:04:01 +0000
ROA not before:           Sat 01 Jan 2022 12:04:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25780
IP address blocks:        171.22.76.0/22 maxlen: 22
                          185.172.172.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155908578 (0x94af9e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
        Validity
            Not Before: Jan  1 12:04:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3aca57840a0480aa752d3a6b072b5559c6266c14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:72:33:ed:e5:74:11:dc:2b:72:7f:73:f9:5c:
                    21:61:69:d4:f5:90:f9:8d:e9:6a:11:60:47:7b:4b:
                    09:4f:5a:5b:ed:b2:6c:79:46:5a:c5:b2:5b:42:69:
                    28:a6:33:aa:8a:a9:be:76:2d:fd:d2:cf:bc:73:4b:
                    2b:90:6a:ca:27:f8:3a:57:20:84:4d:4c:bd:06:22:
                    ed:4d:ff:92:14:52:2f:89:80:6f:19:e1:ca:44:58:
                    4f:7c:1b:9b:5b:33:0b:0e:17:47:e3:fa:a2:44:5d:
                    c5:4b:59:c4:d0:0c:a3:69:8c:02:a0:18:a7:96:6d:
                    6b:ab:ce:72:29:60:02:9c:0d:3a:d5:7a:5b:2d:05:
                    84:cf:45:e9:05:b9:95:ba:4f:4f:09:b8:dd:f0:99:
                    d3:2d:41:b3:f0:82:ca:9a:ba:dc:65:3b:04:6d:fe:
                    03:62:63:39:9f:f7:e2:ff:dc:f3:00:24:f9:11:52:
                    55:cb:2f:e7:e1:5f:bd:b8:a5:f9:f5:09:f8:51:6d:
                    55:bf:40:fe:0c:a5:33:93:b5:a7:60:10:79:c9:c9:
                    c3:b0:2e:77:07:20:7b:89:d9:e1:ba:7d:81:55:b2:
                    74:fe:50:76:a4:f6:93:6e:2f:44:09:d7:8d:4f:4d:
                    de:ea:a6:6d:b4:8c:ae:16:c7:a2:2d:7c:3d:07:b1:
                    50:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:CA:57:84:0A:04:80:AA:75:2D:3A:6B:07:2B:55:59:C6:26:6C:14
            X509v3 Authority Key Identifier:
                keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/OspXhAoEgKp1LTprBytVWcYmbBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.76.0/22
                  185.172.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:41:82:c8:30:34:6c:ad:5d:28:c4:a5:e8:d1:76:c5:f8:62:
         7b:85:50:87:04:da:d1:4e:c1:6a:70:89:82:f0:ae:0a:3b:36:
         9c:6f:3b:7d:41:18:53:04:48:22:f0:1d:e1:6f:f4:dd:3d:87:
         96:ad:bb:61:7a:56:81:60:fe:b2:c7:8e:b8:86:1c:bb:60:8e:
         f2:ec:f7:a3:f0:9e:71:01:46:98:03:8e:9e:89:a8:c7:c6:35:
         02:2a:70:6e:cf:81:5d:30:08:b3:d1:d3:66:52:77:96:1a:84:
         7e:df:e6:53:b4:47:3c:eb:e5:7e:1f:37:07:dc:49:95:80:35:
         30:e7:cb:81:55:1d:ec:6e:37:66:c7:8f:24:f3:f5:10:ce:d5:
         ce:79:65:88:ac:e4:a6:94:9c:3e:f5:2e:11:b2:b7:6f:85:37:
         52:7a:f9:92:05:7e:9f:26:97:90:8b:c0:32:5e:14:17:d5:9f:
         a7:42:87:b7:a8:80:fb:73:de:3a:2d:e3:f0:31:52:b5:20:32:
         7c:c9:0b:42:71:a5:42:73:4e:39:61:fd:34:7e:36:96:d1:e7:
         0e:c9:35:06:79:57:63:d9:40:8e:d0:0d:b9:79:81:bf:b1:dd:
         a3:05:13:d6:90:45:dc:56:a4:c9:3c:9e:a5:af:20:a2:4b:98:
         f6:dc:89:db
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECUr54jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDRjMjY3ZmE3NTRjZDY1MDllOWY4MDcyNzMxMjNiZWU5NmM1MjVkMB4XDTIyMDEw
MTEyMDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FjYTU3ODQwYTA0
ODBhYTc1MmQzYTZiMDcyYjU1NTljNjI2NmMxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxyM+3ldBHcK3J/c/lcIWFp1PWQ+Y3pahFgR3tLCU9aW+2y
bHlGWsWyW0JpKKYzqoqpvnYt/dLPvHNLK5Bqyif4OlcghE1MvQYi7U3/khRSL4mA
bxnhykRYT3wbm1szCw4XR+P6okRdxUtZxNAMo2mMAqAYp5Zta6vOcilgApwNOtV6
Wy0FhM9F6QW5lbpPTwm43fCZ0y1Bs/CCypq63GU7BG3+A2JjOZ/34v/c8wAk+RFS
Vcsv5+Ffvbil+fUJ+FFtVb9A/gylM5O1p2AQecnJw7Audwcge4nZ4bp9gVWydP5Q
dqT2k24vRAnXjU9N3uqmbbSMrhbHoi18PQexUAECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6yleECgSAqnUtOmsHK1VZxiZsFDAfBgNVHSMEGDAWgBSkTCZ/p1TNZQnp
+AcnMSO+6WxSXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BFd21mNmRVeldVSjZmZ0hKekVqdnVsc1VsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8x
L09zcFhoQW9FZ0twMUxUcHJCeXRWV2NZbWJCUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8xL3BFd21mNmRVeldV
SjZmZ0hKekVqdnVsc1VsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAqsWTAMEArmsrDANBgkqhkiG9w0B
AQsFAAOCAQEAF0GCyDA0bK1dKMSl6NF2xfhie4VQhwTa0U7BanCJgvCuCjs2nG87
fUEYUwRIIvAd4W/03T2Hlq27YXpWgWD+sseOuIYcu2CO8uz3o/CecQFGmAOOnomo
x8Y1Aipwbs+BXTAIs9HTZlJ3lhqEft/mU7RHPOvlfh83B9xJlYA1MOfLgVUd7G43
ZsePJPP1EM7VznlliKzkppScPvUuEbK3b4U3Unr5kgV+nyaXkIvAMl4UF9Wfp0KH
t6iA+3PeOi3j8DFStSAyfMkLQnGlQnNOOWH9NH42ltHnDsk1BnlXY9lAjtANuXmB
v7HdowUT1pBF3FakyTyepa8gokuY9tyJ2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org