Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/xXZG7zA-hRYxzq6l9-8wxb-2ubs.roa
File:                     xXZG7zA-hRYxzq6l9-8wxb-2ubs.roa (raw, json)
Hash identifier:          ZON3yU+UpRS8B7F7ekskePcgf9M0+cyhJ2Ov87hIvXM=
Subject key identifier:   C5:76:46:EF:30:3E:85:16:31:CE:AE:A5:F7:EF:30:C5:BF:B6:B9:BB
Certificate issuer:       /CN=c743e8fa71bb7eee461e015306629831c7fb5db8
Certificate serial:       0185729EFF8DC18D5DD50BD2DD5D2768DFCA
Authority key identifier: C7:43:E8:FA:71:BB:7E:EE:46:1E:01:53:06:62:98:31:C7:FB:5D:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/xXZG7zA-hRYxzq6l9-8wxb-2ubs.roa
Signing time:             Mon 02 Jan 2023 13:15:00 +0000
ROA not before:           Mon 02 Jan 2023 13:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49424
IP address blocks:        91.213.99.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:ff:8d:c1:8d:5d:d5:0b:d2:dd:5d:27:68:df:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c743e8fa71bb7eee461e015306629831c7fb5db8
        Validity
            Not Before: Jan  2 13:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c57646ef303e851631ceaea5f7ef30c5bfb6b9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d2:2a:5f:40:83:90:4c:96:f1:61:5e:1f:d5:
                    9e:78:4f:21:e6:83:e6:18:f4:d3:cc:27:71:92:f1:
                    07:68:72:cc:07:e2:62:f4:8a:ae:95:79:b7:33:2c:
                    7b:55:7d:10:f8:3d:44:4f:9e:4d:6a:66:19:73:b4:
                    14:4a:a7:fc:4a:06:28:6d:ca:b0:31:a5:30:78:34:
                    fe:63:e2:dc:38:b9:8e:d0:e7:d0:4c:8f:15:11:69:
                    6a:51:d3:8e:0b:80:4c:a7:68:55:1e:32:b9:48:bb:
                    83:bb:cd:32:d8:b2:93:da:29:89:6b:cd:6a:cc:fe:
                    0d:08:18:a5:fa:55:59:a4:8f:b8:fb:7b:71:aa:79:
                    f9:55:40:80:47:0c:b2:21:1c:84:e4:5d:05:fb:a1:
                    56:a2:26:ec:07:64:68:bf:2c:97:98:e6:56:02:ce:
                    1b:5e:3a:13:d9:0e:4b:5a:d5:a6:5f:99:49:85:d6:
                    5d:53:cd:e8:63:4b:cc:81:2f:42:a9:26:c4:35:a4:
                    0e:ae:92:34:3f:e5:33:23:80:cb:ab:d9:d2:ef:bf:
                    fe:ad:b2:87:5d:a4:69:ee:28:ce:49:28:da:d5:d4:
                    90:85:40:a7:29:c1:38:cf:6f:3c:e9:10:01:9c:3d:
                    77:8c:62:b0:a9:c9:63:c5:ae:45:4d:86:a0:54:47:
                    9d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:76:46:EF:30:3E:85:16:31:CE:AE:A5:F7:EF:30:C5:BF:B6:B9:BB
            X509v3 Authority Key Identifier:
                keyid:C7:43:E8:FA:71:BB:7E:EE:46:1E:01:53:06:62:98:31:C7:FB:5D:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/xXZG7zA-hRYxzq6l9-8wxb-2ubs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ba8dad-955f-4863-adf1-058664646bec/1/x0Po-nG7fu5GHgFTBmKYMcf7Xbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:9e:a8:02:bc:96:26:c6:70:fe:84:bb:e4:a8:9e:b6:41:5b:
         c0:61:a2:b5:07:b5:9f:01:4b:59:53:79:73:1a:2f:97:d9:79:
         aa:7e:83:af:05:94:32:72:88:7d:2c:63:69:30:ec:4f:c8:8d:
         38:0e:21:b7:7e:18:91:e5:b4:2f:f9:d0:a8:8f:4d:60:f6:0f:
         90:ac:a0:53:b3:78:ac:c9:d5:27:c2:d8:a3:43:20:ca:38:a0:
         d6:ee:20:40:11:c6:47:df:d8:7d:45:fb:bd:98:e1:f5:48:40:
         b4:19:22:6b:6f:cc:74:b5:07:5c:bb:ee:39:25:eb:f9:03:d2:
         a9:35:a0:b9:ca:ae:0b:a9:f2:68:12:6a:ef:26:22:68:4c:48:
         da:ca:c9:70:80:7a:eb:3d:e8:c0:96:73:ca:eb:d8:24:f2:72:
         71:6d:e7:29:7a:07:dc:db:13:00:03:74:94:44:a3:58:e1:db:
         a0:61:4e:1a:11:32:95:de:eb:24:36:51:91:a4:a0:65:d1:aa:
         b6:0f:2b:c9:36:8e:a5:8b:ea:c9:48:65:5b:48:36:15:c9:42:
         96:c3:50:ea:c2:ce:21:bf:34:d1:4a:4b:4e:c5:a1:0c:c7:04:
         a6:28:6a:a6:fe:4a:d0:b3:8a:5e:a3:96:cf:42:1d:e3:66:4c:
         33:2e:94:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynv+NwY1d1QvS3V0naN/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NDNlOGZhNzFiYjdlZWU0NjFlMDE1MzA2NjI5ODMxYzdm
YjVkYjgwHhcNMjMwMTAyMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc2NDZlZjMwM2U4NTE2MzFjZWFlYTVmN2VmMzBjNWJmYjZiOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidIqX0CDkEyW8WFeH9WeeE8h5oPm
GPTTzCdxkvEHaHLMB+Ji9IqulXm3Myx7VX0Q+D1ET55NamYZc7QUSqf8SgYobcqw
MaUweDT+Y+LcOLmO0OfQTI8VEWlqUdOOC4BMp2hVHjK5SLuDu80y2LKT2imJa81q
zP4NCBil+lVZpI+4+3txqnn5VUCARwyyIRyE5F0F+6FWoibsB2RovyyXmOZWAs4b
XjoT2Q5LWtWmX5lJhdZdU83oY0vMgS9CqSbENaQOrpI0P+UzI4DLq9nS77/+rbKH
XaRp7ijOSSja1dSQhUCnKcE4z2886RABnD13jGKwqcljxa5FTYagVEedSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMV2Ru8wPoUWMc6upffvMMW/trm7MB8GA1UdIwQY
MBaAFMdD6Ppxu37uRh4BUwZimDHH+124MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDBQby1uRzdmdTVHSGdGVEJtS1lNY2Y3WGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iYThkYWQtOTU1Zi00ODYzLWFkZjEt
MDU4NjY0NjQ2YmVjLzEveFhaRzd6QS1oUll4enE2bDktOHd4Yi0ydWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iYThkYWQtOTU1Zi00ODYzLWFkZjEtMDU4NjY0NjQ2YmVj
LzEveDBQby1uRzdmdTVHSGdGVEJtS1lNY2Y3WGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VjMA0G
CSqGSIb3DQEBCwUAA4IBAQCOnqgCvJYmxnD+hLvkqJ62QVvAYaK1B7WfAUtZU3lz
Gi+X2XmqfoOvBZQycoh9LGNpMOxPyI04DiG3fhiR5bQv+dCoj01g9g+QrKBTs3is
ydUnwtijQyDKOKDW7iBAEcZH39h9Rfu9mOH1SEC0GSJrb8x0tQdcu+45Jev5A9Kp
NaC5yq4LqfJoEmrvJiJoTEjayslwgHrrPejAlnPK69gk8nJxbecpegfc2xMAA3SU
RKNY4dugYU4aETKV3uskNlGRpKBl0aq2DyvJNo6li+rJSGVbSDYVyUKWw1Dqws4h
vzTRSktOxaEMxwSmKGqm/krQs4peo5bPQh3jZkwzLpQO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:09 2024 by rpki-client on console-fra.rpki-client.org