Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/88105c-b79f-47fa-9364-03d7494d3552/1/4rKlJDN2RuW9l3QeUMWsO2F64cU.roa
File:                     4rKlJDN2RuW9l3QeUMWsO2F64cU.roa (raw, json)
Hash identifier:          F8pgtKUtfaEvcl42RvKBNpR9Sa6iDj0fM7c8Ve4vjZI=
Subject key identifier:   E2:B2:A5:24:33:76:46:E5:BD:97:74:1E:50:C5:AC:3B:61:7A:E1:C5
Certificate issuer:       /CN=e97f0e77239b7bf86965075529b23dc97e332066
Certificate serial:       011FD278
Authority key identifier: E9:7F:0E:77:23:9B:7B:F8:69:65:07:55:29:B2:3D:C9:7E:33:20:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6X8OdyObe_hpZQdVKbI9yX4zIGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/88105c-b79f-47fa-9364-03d7494d3552/1/4rKlJDN2RuW9l3QeUMWsO2F64cU.roa
Signing time:             Sat 01 Jan 2022 00:56:24 +0000
ROA not before:           Sat 01 Jan 2022 00:56:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        176.56.37.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18862712 (0x11fd278)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e97f0e77239b7bf86965075529b23dc97e332066
        Validity
            Not Before: Jan  1 00:56:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2b2a524337646e5bd97741e50c5ac3b617ae1c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2b:7e:6a:27:eb:31:69:3d:b0:0c:e8:c5:20:
                    d3:dc:97:1b:66:9f:51:e8:2d:28:5e:d2:39:51:f7:
                    3f:9c:24:86:73:62:0b:af:c2:39:59:49:23:09:fe:
                    ea:a3:46:5b:71:66:11:99:bc:b3:69:35:c3:df:26:
                    66:17:9b:59:36:d3:da:8a:01:65:86:ff:58:07:a6:
                    7e:17:d7:96:44:46:06:67:f3:0d:be:9d:5c:4f:bd:
                    d7:2e:67:7f:98:53:84:58:65:97:35:00:f5:fc:2e:
                    03:7d:28:84:34:12:6f:49:b6:ec:7a:ab:61:aa:32:
                    91:0f:21:85:a3:ab:14:04:cc:e3:a2:fa:7d:8f:64:
                    8a:be:7f:0a:8b:04:55:fb:61:cd:a2:ce:6f:9b:5a:
                    48:ff:b5:a5:8b:49:bd:57:5b:34:25:ba:e7:5c:3f:
                    dc:4a:67:b8:e9:d5:77:0e:10:4c:93:51:36:12:53:
                    6b:e2:1f:4d:48:57:77:a8:1c:93:a2:37:d7:b1:82:
                    b9:36:c0:10:27:31:4d:1d:55:48:1e:9a:34:02:d2:
                    75:5e:a8:41:61:b9:f1:00:01:e2:54:95:23:c3:f1:
                    cc:81:88:50:d2:cd:94:ca:39:9e:d4:91:d6:92:4e:
                    6d:e1:c9:d7:76:06:59:8f:ba:52:d6:5e:e1:73:48:
                    65:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:B2:A5:24:33:76:46:E5:BD:97:74:1E:50:C5:AC:3B:61:7A:E1:C5
            X509v3 Authority Key Identifier:
                keyid:E9:7F:0E:77:23:9B:7B:F8:69:65:07:55:29:B2:3D:C9:7E:33:20:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6X8OdyObe_hpZQdVKbI9yX4zIGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/88105c-b79f-47fa-9364-03d7494d3552/1/4rKlJDN2RuW9l3QeUMWsO2F64cU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/88105c-b79f-47fa-9364-03d7494d3552/1/6X8OdyObe_hpZQdVKbI9yX4zIGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.56.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:b7:85:cd:4a:45:89:f9:25:34:db:80:f1:43:af:33:0a:33:
         36:bb:8f:68:74:2e:50:82:72:57:b5:1b:6e:db:62:04:04:fe:
         d4:d8:40:fa:34:43:fc:e3:d3:f3:3e:27:38:77:21:62:8d:1d:
         59:b0:84:2c:57:bc:c6:b7:5f:12:72:1c:6e:6f:75:84:a1:d4:
         ce:4b:4d:37:dd:c3:a4:f9:24:f8:41:b5:2f:b2:09:00:e4:47:
         75:e4:1a:25:86:fb:42:e6:95:a2:2b:6d:70:39:4c:5d:29:96:
         07:ae:02:b6:57:73:a3:7c:cd:00:81:88:e4:66:75:f7:3b:e4:
         33:69:a5:ec:48:15:2e:c2:46:e9:84:4a:35:c0:7b:67:97:60:
         1c:96:a9:82:8e:9b:67:09:15:14:7b:86:93:7e:f6:91:31:cd:
         f1:02:cb:f4:1d:e4:8c:ea:a9:79:f0:8b:7e:f1:5e:b9:f0:15:
         93:b1:89:15:41:44:a3:e3:ea:60:23:ab:3b:af:fa:2c:03:cb:
         f2:2b:2c:33:03:ba:7a:4c:73:e9:b2:db:5c:39:1b:cc:6d:f7:
         a0:41:79:2b:f1:86:31:20:16:1c:2f:a1:d2:88:e6:3e:94:31:
         1a:c8:f4:86:41:cb:78:c4:29:95:0c:7c:0c:d4:ef:c4:8d:09:
         d2:64:e8:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAR/SeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTdmMGU3NzIzOWI3YmY4Njk2NTA3NTUyOWIyM2RjOTdlMzMyMDY2MB4XDTIyMDEw
MTAwNTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiMmE1MjQzMzc2
NDZlNWJkOTc3NDFlNTBjNWFjM2I2MTdhZTFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKorfmon6zFpPbAM6MUg09yXG2afUegtKF7SOVH3P5wkhnNi
C6/COVlJIwn+6qNGW3FmEZm8s2k1w98mZhebWTbT2ooBZYb/WAemfhfXlkRGBmfz
Db6dXE+91y5nf5hThFhllzUA9fwuA30ohDQSb0m27HqrYaoykQ8hhaOrFATM46L6
fY9kir5/CosEVfthzaLOb5taSP+1pYtJvVdbNCW651w/3EpnuOnVdw4QTJNRNhJT
a+IfTUhXd6gck6I317GCuTbAECcxTR1VSB6aNALSdV6oQWG58QAB4lSVI8PxzIGI
UNLNlMo5ntSR1pJObeHJ13YGWY+6UtZe4XNIZW0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTisqUkM3ZG5b2XdB5Qxaw7YXrhxTAfBgNVHSMEGDAWgBTpfw53I5t7+Gll
B1Upsj3JfjMgZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZYOE9keU9iZV9ocFpRZFZLYkk5eVg0eklHWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvODgxMDVjLWI3OWYtNDdmYS05MzY0LTAzZDc0OTRkMzU1Mi8x
LzRyS2xKRE4yUnVXOWwzUWVVTVdzTzJGNjRjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ODgxMDVjLWI3OWYtNDdmYS05MzY0LTAzZDc0OTRkMzU1Mi8xLzZYOE9keU9iZV9o
cFpRZFZLYkk5eVg0eklHWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALA4JTANBgkqhkiG9w0BAQsFAAOC
AQEAqreFzUpFifklNNuA8UOvMwozNruPaHQuUIJyV7UbbttiBAT+1NhA+jRD/OPT
8z4nOHchYo0dWbCELFe8xrdfEnIcbm91hKHUzktNN93DpPkk+EG1L7IJAORHdeQa
JYb7QuaVoittcDlMXSmWB64Ctldzo3zNAIGI5GZ19zvkM2ml7EgVLsJG6YRKNcB7
Z5dgHJapgo6bZwkVFHuGk372kTHN8QLL9B3kjOqpefCLfvFeufAVk7GJFUFEo+Pq
YCOrO6/6LAPL8issMwO6ekxz6bLbXDkbzG33oEF5K/GGMSAWHC+h0ojmPpQxGsj0
hkHLeMQplQx8DNTvxI0J0mToHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:22 2024 by rpki-client on console-ams.rpki-client.org