Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/afW8fPfPZmHciUF7WD8wxjA1fSU.roa
File:                     afW8fPfPZmHciUF7WD8wxjA1fSU.roa (raw, json)
Hash identifier:          ua2XpgaudV5lF+p07jI51NstpP86ax1L20G1nGTOPTQ=
Subject key identifier:   69:F5:BC:7C:F7:CF:66:61:DC:89:41:7B:58:3F:30:C6:30:35:7D:25
Certificate issuer:       /CN=c743e8fa71bb7eee461e015306629831c7fb5db8
Certificate serial:       034CE0
Authority key identifier: C7:43:E8:FA:71:BB:7E:EE:46:1E:01:53:06:62:98:31:C7:FB:5D:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/afW8fPfPZmHciUF7WD8wxjA1fSU.roa
Signing time:             Thu 03 Feb 2022 15:32:59 +0000
ROA not before:           Thu 03 Feb 2022 15:32:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49424
IP address blocks:        91.213.99.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 216288 (0x34ce0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c743e8fa71bb7eee461e015306629831c7fb5db8
        Validity
            Not Before: Feb  3 15:32:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69f5bc7cf7cf6661dc89417b583f30c630357d25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:11:b0:e6:29:f2:17:99:87:e1:d9:a8:a1:cd:
                    01:12:98:67:bc:52:91:cb:63:be:1d:98:bc:be:bf:
                    9c:7b:17:f5:d7:57:90:95:5e:28:f1:d4:cd:e6:88:
                    76:94:a8:23:0b:f5:b6:6a:32:73:80:84:70:10:b9:
                    98:92:1b:6e:27:3d:31:f6:11:d3:12:e7:a7:64:ee:
                    71:60:28:b2:64:b7:30:0f:24:c8:48:b9:a5:87:6a:
                    1f:da:cc:9d:0c:9f:65:c4:8d:1d:84:2c:db:e3:75:
                    b8:13:7e:ff:60:e1:84:30:be:8c:ca:6c:da:58:f1:
                    eb:3f:61:1e:99:5a:be:63:69:dc:e1:16:f7:76:f2:
                    98:b4:ee:67:49:d9:d4:57:df:04:00:29:f2:7f:6e:
                    5a:d7:5f:6d:17:89:1b:8c:51:a5:18:b7:df:63:49:
                    0b:69:44:13:de:cb:e4:85:67:a1:8f:03:e8:3d:56:
                    54:71:7e:5e:c4:42:7f:d8:25:3e:37:b6:8d:c1:ff:
                    53:2e:4c:d3:6b:12:ae:a3:25:ee:0f:f3:62:fd:0a:
                    5e:33:ba:11:1d:2c:87:4f:23:6e:14:62:ba:06:11:
                    9a:00:ef:a4:a0:61:22:8c:42:7a:7e:8e:b7:5c:1a:
                    02:d4:68:11:15:68:ea:1a:1e:1b:38:c3:21:4f:f1:
                    6f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F5:BC:7C:F7:CF:66:61:DC:89:41:7B:58:3F:30:C6:30:35:7D:25
            X509v3 Authority Key Identifier:
                keyid:C7:43:E8:FA:71:BB:7E:EE:46:1E:01:53:06:62:98:31:C7:FB:5D:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/afW8fPfPZmHciUF7WD8wxjA1fSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:99:6b:40:66:15:57:53:f5:3d:7c:29:a5:66:dc:09:8b:fb:
         1e:44:bb:8c:17:47:00:86:59:c4:3b:55:37:d4:e1:61:bd:ca:
         67:17:11:61:eb:c1:21:bb:10:5a:d3:65:d2:67:d1:34:0d:2e:
         09:41:bf:78:3c:ae:1b:ef:53:20:d3:33:55:bb:e6:94:44:1f:
         8f:d5:48:81:fe:8f:51:77:41:54:3c:28:22:84:a1:c4:79:f9:
         a2:ea:24:0f:d8:4d:6c:f4:46:31:fa:f0:5d:4c:e1:22:fa:60:
         a8:78:9d:3f:47:4e:53:0e:f7:59:96:af:90:f8:92:44:76:95:
         ec:bf:da:95:ed:53:e0:5f:9d:46:42:09:91:3d:24:63:e0:a9:
         60:b4:12:12:ee:4e:68:5e:66:e9:93:93:45:47:1d:1d:f3:76:
         8a:8b:6e:7d:8f:4e:eb:fb:67:a1:ce:33:44:f6:8d:02:38:46:
         11:e1:60:55:b0:c8:f4:31:9b:96:f1:98:6d:bc:83:94:6e:19:
         20:fb:79:61:04:83:7c:1c:5a:53:07:1f:94:86:79:cc:3e:66:
         2d:b9:68:a4:85:ed:30:7b:ba:24:bf:2a:08:b4:a9:26:0e:22:
         a2:ec:a6:54:9b:ff:ec:72:20:1a:d4:4b:be:47:e7:df:ba:54:
         2c:76:2d:3a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA0zgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM3
NDNlOGZhNzFiYjdlZWU0NjFlMDE1MzA2NjI5ODMxYzdmYjVkYjgwHhcNMjIwMjAz
MTUzMjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2OWY1YmM3Y2Y3Y2Y2
NjYxZGM4OTQxN2I1ODNmMzBjNjMwMzU3ZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyRGw5inyF5mH4dmooc0BEphnvFKRy2O+HZi8vr+cexf111eQ
lV4o8dTN5oh2lKgjC/W2ajJzgIRwELmYkhtuJz0x9hHTEuenZO5xYCiyZLcwDyTI
SLmlh2of2sydDJ9lxI0dhCzb43W4E37/YOGEML6MymzaWPHrP2EemVq+Y2nc4Rb3
dvKYtO5nSdnUV98EACnyf25a119tF4kbjFGlGLffY0kLaUQT3svkhWehjwPoPVZU
cX5exEJ/2CU+N7aNwf9TLkzTaxKuoyXuD/Ni/QpeM7oRHSyHTyNuFGK6BhGaAO+k
oGEijEJ6fo63XBoC1GgRFWjqGh4bOMMhT/FvkwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGn1vHz3z2Zh3IlBe1g/MMYwNX0lMB8GA1UdIwQYMBaAFMdD6Ppxu37uRh4B
UwZimDHH+124MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eDBQby1uRzdmdTVHSGdGVEJtS1lNY2Y3WGJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Yi9iYThkYWQtOTU1Zi00ODYzLWFkZjEtMDU4NjY0NjQ2YmVjLzEv
YWZXOGZQZlBabUhjaVVGN1dEOHd4akExZlNVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9i
YThkYWQtOTU1Zi00ODYzLWFkZjEtMDU4NjY0NjQ2YmVjLzEveDBQby1uRzdmdTVH
SGdGVEJtS1lNY2Y3WGJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VjMA0GCSqGSIb3DQEBCwUAA4IB
AQA0mWtAZhVXU/U9fCmlZtwJi/seRLuMF0cAhlnEO1U31OFhvcpnFxFh68EhuxBa
02XSZ9E0DS4JQb94PK4b71Mg0zNVu+aURB+P1UiB/o9Rd0FUPCgihKHEefmi6iQP
2E1s9EYx+vBdTOEi+mCoeJ0/R05TDvdZlq+Q+JJEdpXsv9qV7VPgX51GQgmRPSRj
4KlgtBIS7k5oXmbpk5NFRx0d83aKi259j07r+2ehzjNE9o0COEYR4WBVsMj0MZuW
8ZhtvIOUbhkg+3lhBIN8HFpTBx+UhnnMPmYtuWikhe0we7okvyoItKkmDiKi7KZU
m//sciAa1Eu+R+ffulQsdi06
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:09 2024 by rpki-client on console-fra.rpki-client.org