Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/uM-5P3Gv6m-OSkGaOpbqWv731WU.roa
File:                     uM-5P3Gv6m-OSkGaOpbqWv731WU.roa (raw, json)
Hash identifier:          Tvjywzt9TJGCTXrIXBfdKfZR3lsjrlt6mmRg1Qnmv00=
Subject key identifier:   B8:CF:B9:3F:71:AF:EA:6F:8E:4A:41:9A:3A:96:EA:5A:FE:F7:D5:65
Certificate issuer:       /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial:       01868A3555C1A600515F9805934D47C24C40
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/uM-5P3Gv6m-OSkGaOpbqWv731WU.roa
Signing time:             Sat 25 Feb 2023 20:13:16 +0000
ROA not before:           Sat 25 Feb 2023 20:13:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        45.91.136.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:8a:35:55:c1:a6:00:51:5f:98:05:93:4d:47:c2:4c:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
        Validity
            Not Before: Feb 25 20:13:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8cfb93f71afea6f8e4a419a3a96ea5afef7d565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:52:b3:cb:64:f6:9f:bc:2f:b5:fe:58:97:8b:
                    7c:cc:fb:00:d8:c5:17:46:63:a5:1a:09:7f:34:70:
                    3f:0d:f2:9d:4b:6c:bd:2d:7d:5e:70:ca:87:57:e4:
                    5a:d7:ed:b4:48:50:a3:01:2d:18:cc:b7:e8:b8:bb:
                    fd:dd:3a:65:f7:40:38:ef:b9:cc:c7:85:e1:23:d3:
                    cf:36:1e:9f:16:8d:34:de:04:a9:d1:6f:1b:1d:27:
                    94:7d:71:52:0d:26:f9:dc:0a:54:d7:61:30:e4:70:
                    c8:94:49:02:a0:3b:1d:bb:b8:b5:92:f3:7f:bc:65:
                    d0:83:aa:5d:f8:5d:77:0f:14:dc:1a:e6:58:6a:fe:
                    63:53:ae:b5:bf:13:df:62:5f:72:0e:f0:7f:40:dd:
                    fd:c1:bb:73:62:6f:9d:4c:50:22:a0:22:18:78:a7:
                    16:44:eb:b8:30:6f:52:4d:2e:4b:cf:16:1f:30:ee:
                    af:66:55:ac:85:96:12:07:00:66:86:ad:8b:34:0b:
                    64:15:e4:0e:17:07:b2:4c:d8:f0:71:1d:e9:31:18:
                    8e:3e:e1:20:22:d4:ef:52:b6:0b:c2:f5:27:46:c4:
                    8d:e7:9f:3c:e6:1c:54:19:fe:bf:ab:ba:49:95:40:
                    7d:0d:3b:71:32:ed:95:8b:bc:ef:df:74:ac:b8:73:
                    11:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:CF:B9:3F:71:AF:EA:6F:8E:4A:41:9A:3A:96:EA:5A:FE:F7:D5:65
            X509v3 Authority Key Identifier:
                keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/uM-5P3Gv6m-OSkGaOpbqWv731WU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:64:cd:f5:43:25:70:d5:5d:f7:56:5e:9a:ef:6f:8c:8f:34:
         eb:fd:63:99:f7:8c:a3:7f:1b:90:09:e3:8b:4f:f1:02:15:5f:
         bf:eb:50:1c:28:09:a7:ad:a0:46:8d:7e:9d:9e:a3:3e:07:9c:
         1e:eb:7d:39:33:e5:ae:09:70:a4:75:10:be:e3:d5:ee:59:11:
         f1:be:3c:a5:07:af:72:94:25:70:ea:b9:23:62:93:57:a6:4e:
         c8:eb:d3:7e:68:fb:ba:d2:c8:18:66:a4:12:82:39:df:e7:cf:
         fb:3e:e1:9e:52:9b:3c:48:77:0b:0e:7c:b1:7e:1f:11:d7:63:
         47:f6:94:96:07:e9:5e:d5:06:bb:92:22:6c:81:70:5a:75:bc:
         bb:e3:6c:a6:a3:51:a8:3c:a5:a7:66:10:d3:41:cc:f6:ba:bf:
         9f:d6:dc:1d:43:f5:b7:d5:fa:b3:01:57:1c:36:cd:eb:97:3c:
         a0:43:cb:39:2d:1e:54:f0:02:f8:d8:7e:a5:1d:d6:0a:16:20:
         32:f7:9c:ee:71:4e:3d:c9:26:36:f3:60:58:71:9e:fa:1f:ee:
         8b:3e:15:92:40:4a:b4:76:c1:29:c4:02:3c:a7:73:8e:fa:6a:
         30:ad:2b:e2:c1:42:ab:98:7f:a2:81:1b:8e:2c:d8:98:b6:55:
         1b:89:da:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaKNVXBpgBRX5gFk01HwkxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjMwMjI1MjAxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNmYjkzZjcxYWZlYTZmOGU0YTQxOWEzYTk2ZWE1YWZlZjdkNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFKzy2T2n7wvtf5Yl4t8zPsA2MUX
RmOlGgl/NHA/DfKdS2y9LX1ecMqHV+Ra1+20SFCjAS0YzLfouLv93Tpl90A477nM
x4XhI9PPNh6fFo003gSp0W8bHSeUfXFSDSb53ApU12Ew5HDIlEkCoDsdu7i1kvN/
vGXQg6pd+F13DxTcGuZYav5jU661vxPfYl9yDvB/QN39wbtzYm+dTFAioCIYeKcW
ROu4MG9STS5LzxYfMO6vZlWshZYSBwBmhq2LNAtkFeQOFweyTNjwcR3pMRiOPuEg
ItTvUrYLwvUnRsSN55885hxUGf6/q7pJlUB9DTtxMu2Vi7zv33SsuHMRSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjPuT9xr+pvjkpBmjqW6lr+99VlMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvdU0tNVAzR3Y2bS1PU2tHYU9wYnFXdjczMVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVuIMA0G
CSqGSIb3DQEBCwUAA4IBAQCBZM31QyVw1V33Vl6a72+MjzTr/WOZ94yjfxuQCeOL
T/ECFV+/61AcKAmnraBGjX6dnqM+B5we6305M+WuCXCkdRC+49XuWRHxvjylB69y
lCVw6rkjYpNXpk7I69N+aPu60sgYZqQSgjnf58/7PuGeUps8SHcLDnyxfh8R12NH
9pSWB+le1Qa7kiJsgXBadby742ymo1GoPKWnZhDTQcz2ur+f1twdQ/W31fqzAVcc
Ns3rlzygQ8s5LR5U8AL42H6lHdYKFiAy95zucU49ySY282BYcZ76H+6LPhWSQEq0
dsEpxAI8p3OO+mowrSviwUKrmH+igRuOLNiYtlUbidon
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org