Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/WQEQtFjgoWE5fwhpud1st_teKXM.roa
File:                     WQEQtFjgoWE5fwhpud1st_teKXM.roa (raw, json)
Hash identifier:          sewOSWOx1PKu0ETmnuCgOX8ED+v893WILmlLWrFxHr0=
Subject key identifier:   59:01:10:B4:58:E0:A1:61:39:7F:08:69:B9:DD:6C:B7:FB:5E:29:73
Certificate issuer:       /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial:       09A62314
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/WQEQtFjgoWE5fwhpud1st_teKXM.roa
Signing time:             Thu 03 Feb 2022 17:00:57 +0000
ROA not before:           Thu 03 Feb 2022 17:00:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64267
IP address blocks:        85.209.220.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161882900 (0x9a62314)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
        Validity
            Not Before: Feb  3 17:00:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=590110b458e0a161397f0869b9dd6cb7fb5e2973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:db:56:3c:ab:54:8b:19:73:33:1e:0b:08:3a:
                    cb:47:c9:bf:83:ce:db:f8:70:2e:4b:bf:9f:37:73:
                    c6:2f:fc:66:3d:bb:35:25:13:31:f1:8a:7c:37:2e:
                    45:10:12:22:82:aa:a7:2a:66:30:7c:d4:32:a1:c6:
                    6d:e9:29:3c:42:0f:2f:60:3f:14:38:67:a9:ae:14:
                    a0:99:5b:d9:5f:28:b6:ee:57:10:71:b9:d4:c6:fe:
                    36:ba:65:f8:27:a0:e6:6f:30:23:ba:c3:78:3b:65:
                    5e:17:66:86:e1:f1:54:ec:75:6b:02:04:05:7e:45:
                    ce:1e:f6:1e:84:bd:30:bb:f5:0d:93:17:87:30:c4:
                    e7:e1:b8:ab:98:a6:2b:6a:10:80:27:c4:10:41:51:
                    61:4e:4d:ff:1d:94:f4:f1:5e:39:42:b9:4a:6a:d8:
                    a3:fd:f9:1c:65:ce:50:d5:53:a1:2f:ab:a6:d0:e9:
                    4d:68:c2:ee:8a:90:8b:65:fa:dd:6e:b7:ea:6f:0c:
                    71:c5:10:c0:49:66:10:0c:70:e5:ca:3e:6d:b6:e6:
                    51:4a:f9:35:b7:9c:02:14:b7:a5:9e:23:38:43:ac:
                    24:28:94:f4:22:03:65:76:58:19:a4:70:67:74:f1:
                    0a:82:d8:22:3b:e2:0f:1e:d8:d3:9d:d3:78:b6:ce:
                    20:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:01:10:B4:58:E0:A1:61:39:7F:08:69:B9:DD:6C:B7:FB:5E:29:73
            X509v3 Authority Key Identifier:
                keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/WQEQtFjgoWE5fwhpud1st_teKXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:f4:7e:5d:95:3f:f4:ca:f4:d8:0a:96:80:20:95:96:bc:dc:
         8b:ed:18:5f:a4:42:57:d6:3a:f9:94:7b:86:42:d3:af:52:64:
         d9:22:2d:08:63:4f:1b:59:ab:05:c9:41:de:c5:aa:e9:82:53:
         77:64:f3:8f:35:db:af:d8:7b:88:7c:15:d3:2f:88:76:0d:98:
         8f:84:dc:ee:ae:20:d0:c7:2e:a3:c4:0b:10:06:6f:71:a5:96:
         b5:f8:56:6c:60:48:30:da:82:ee:c3:c2:d0:7a:a5:a9:e4:99:
         09:19:ac:72:65:2e:1c:f2:92:29:91:f6:8d:fb:a7:3a:21:9c:
         1b:d4:0c:18:99:6d:f5:44:3e:de:97:29:18:71:f4:8b:e6:bf:
         4a:14:c9:53:da:75:5d:ad:09:8a:7b:b1:80:33:8b:fe:4e:a9:
         21:85:84:e1:c6:33:6b:61:bc:6f:ab:d0:26:e7:2f:7c:ec:35:
         c0:aa:03:03:2d:42:13:15:9f:93:1b:3c:c4:62:a8:3e:b0:50:
         72:07:99:e4:e2:b6:78:9a:65:14:03:3f:66:0e:0e:34:0b:2f:
         47:0f:a0:ab:8f:00:0e:fa:20:c7:09:26:3d:f3:73:cc:74:5d:
         7d:42:83:8c:20:20:d6:d1:34:ee:f3:b9:53:20:16:36:24:e7:
         db:6e:17:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaYjFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDRjMjY3ZmE3NTRjZDY1MDllOWY4MDcyNzMxMjNiZWU5NmM1MjVkMB4XDTIyMDIw
MzE3MDA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkwMTEwYjQ1OGUw
YTE2MTM5N2YwODY5YjlkZDZjYjdmYjVlMjk3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPbVjyrVIsZczMeCwg6y0fJv4PO2/hwLku/nzdzxi/8Zj27
NSUTMfGKfDcuRRASIoKqpypmMHzUMqHGbekpPEIPL2A/FDhnqa4UoJlb2V8otu5X
EHG51Mb+Nrpl+Ceg5m8wI7rDeDtlXhdmhuHxVOx1awIEBX5Fzh72HoS9MLv1DZMX
hzDE5+G4q5imK2oQgCfEEEFRYU5N/x2U9PFeOUK5SmrYo/35HGXOUNVToS+rptDp
TWjC7oqQi2X63W636m8MccUQwElmEAxw5co+bbbmUUr5NbecAhS3pZ4jOEOsJCiU
9CIDZXZYGaRwZ3TxCoLYIjviDx7Y053TeLbOIG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRZARC0WOChYTl/CGm53Wy3+14pczAfBgNVHSMEGDAWgBSkTCZ/p1TNZQnp
+AcnMSO+6WxSXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BFd21mNmRVeldVSjZmZ0hKekVqdnVsc1VsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8x
L1dRRVF0Rmpnb1dFNWZ3aHB1ZDFzdF90ZUtYTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8xL3BFd21mNmRVeldV
SjZmZ0hKekVqdnVsc1VsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXR3DANBgkqhkiG9w0BAQsFAAOC
AQEAlPR+XZU/9Mr02AqWgCCVlrzci+0YX6RCV9Y6+ZR7hkLTr1Jk2SItCGNPG1mr
BclB3sWq6YJTd2TzjzXbr9h7iHwV0y+Idg2Yj4Tc7q4g0Mcuo8QLEAZvcaWWtfhW
bGBIMNqC7sPC0HqlqeSZCRmscmUuHPKSKZH2jfunOiGcG9QMGJlt9UQ+3pcpGHH0
i+a/ShTJU9p1Xa0JinuxgDOL/k6pIYWE4cYza2G8b6vQJucvfOw1wKoDAy1CExWf
kxs8xGKoPrBQcgeZ5OK2eJplFAM/Zg4ONAsvRw+gq48ADvogxwkmPfNzzHRdfUKD
jCAg1tE07vO5UyAWNiTn224Xrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org