Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2e9c8d-0afe-4f34-ba6b-4fc4354d873a/1/APIXrbYFQj-Za7FTx3NRgqwGoRs.roa
File:                     APIXrbYFQj-Za7FTx3NRgqwGoRs.roa (raw, json)
Hash identifier:          Qr23VCFMmigRrgShgTcWEaBAHcHiW8cghUIxLAj64VM=
Subject key identifier:   00:F2:17:AD:B6:05:42:3F:99:6B:B1:53:C7:73:51:82:AC:06:A1:1B
Certificate issuer:       /CN=f2be78be3515acb09e58317f06950d8e881f37a7
Certificate serial:       0391B964
Authority key identifier: F2:BE:78:BE:35:15:AC:B0:9E:58:31:7F:06:95:0D:8E:88:1F:37:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8r54vjUVrLCeWDF_BpUNjogfN6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/2e9c8d-0afe-4f34-ba6b-4fc4354d873a/1/APIXrbYFQj-Za7FTx3NRgqwGoRs.roa
Signing time:             Sat 01 Jan 2022 11:05:08 +0000
ROA not before:           Sat 01 Jan 2022 11:05:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35635
IP address blocks:        195.254.144.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59881828 (0x391b964)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f2be78be3515acb09e58317f06950d8e881f37a7
        Validity
            Not Before: Jan  1 11:05:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=00f217adb605423f996bb153c7735182ac06a11b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:7e:cd:67:bf:1c:8d:2b:fe:1c:ba:45:51:63:
                    83:52:76:33:6d:e2:bd:7f:db:97:e0:8c:f4:6f:4b:
                    30:f4:64:a9:22:75:9c:79:a5:54:4f:73:47:eb:e0:
                    59:dd:dc:63:5a:a4:f7:7b:f3:cb:dd:aa:63:53:6d:
                    a2:d7:7a:6e:14:bf:21:46:bb:ac:13:00:e2:49:cc:
                    7c:a9:1a:59:65:88:a3:fb:d3:ba:13:2a:49:21:5c:
                    cf:00:b6:93:9e:47:a3:34:45:03:2e:22:fc:ca:1c:
                    e8:de:52:4d:69:7b:d0:92:be:70:64:44:08:6f:b8:
                    1e:f3:90:f7:9c:2d:45:c0:7b:ad:f1:05:f6:82:4d:
                    52:80:03:e4:86:c3:55:dd:23:d7:f7:a4:0e:e7:b1:
                    26:49:2c:48:dc:f9:76:fa:7c:a9:08:44:7b:ef:92:
                    ba:c6:21:c8:f6:63:4e:58:f1:3f:53:ce:90:68:fe:
                    ac:e0:31:d1:32:93:51:06:e6:a6:4c:51:0f:66:86:
                    2b:9f:ac:00:5d:7d:de:dc:c2:42:d3:d0:38:75:b1:
                    e5:0e:a0:da:c6:c6:89:3c:37:10:c6:d4:02:cc:33:
                    67:95:62:44:a1:7b:db:99:36:de:2f:28:55:63:6b:
                    ef:16:6d:87:43:80:69:5f:c9:dd:a1:25:2d:18:f9:
                    87:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:F2:17:AD:B6:05:42:3F:99:6B:B1:53:C7:73:51:82:AC:06:A1:1B
            X509v3 Authority Key Identifier:
                keyid:F2:BE:78:BE:35:15:AC:B0:9E:58:31:7F:06:95:0D:8E:88:1F:37:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8r54vjUVrLCeWDF_BpUNjogfN6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2e9c8d-0afe-4f34-ba6b-4fc4354d873a/1/APIXrbYFQj-Za7FTx3NRgqwGoRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2e9c8d-0afe-4f34-ba6b-4fc4354d873a/1/8r54vjUVrLCeWDF_BpUNjogfN6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.254.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:5e:92:f5:36:43:ab:2d:e6:7a:0e:5d:ea:37:d9:9d:8a:f1:
         71:72:5a:a1:42:aa:73:ac:95:25:e6:9e:2d:80:e6:f9:78:49:
         a4:49:e8:19:27:9a:88:e3:ef:e8:98:9b:61:6d:f0:8e:11:d7:
         6a:9c:46:0c:cb:25:87:54:4a:bf:1f:34:01:47:41:df:ac:16:
         26:27:6c:dc:07:12:44:aa:57:79:33:33:c5:d3:d6:95:9b:dc:
         9d:9b:e5:68:45:3a:ad:6c:f3:33:fb:ee:47:27:82:9f:61:d7:
         ea:b7:73:06:6c:ed:dc:b1:b3:05:51:d5:e2:6f:f2:d8:e4:a0:
         fb:13:bd:b2:df:a9:1b:9c:be:38:1e:c9:e0:cb:05:27:dc:c5:
         c8:6d:2c:3d:0d:c8:ad:54:0e:cf:ab:dc:bd:19:1a:2f:1c:44:
         8e:87:44:44:d0:ce:9c:10:e8:08:a4:83:15:6f:8e:5b:83:a1:
         d4:d9:aa:e5:fc:54:eb:04:0e:60:52:1c:b9:34:27:00:b8:37:
         73:3e:47:ce:0c:48:d6:74:e5:66:df:b1:8c:56:d6:07:52:1d:
         8a:ce:9f:c7:82:5b:e4:e0:50:35:fa:fa:5d:1f:39:27:25:56:
         4a:ca:94:aa:60:ba:95:d5:f5:1e:dd:fb:58:2f:5b:08:2b:e0:
         6a:49:9c:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5G5ZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MmJlNzhiZTM1MTVhY2IwOWU1ODMxN2YwNjk1MGQ4ZTg4MWYzN2E3MB4XDTIyMDEw
MTExMDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBmMjE3YWRiNjA1
NDIzZjk5NmJiMTUzYzc3MzUxODJhYzA2YTExYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV+zWe/HI0r/hy6RVFjg1J2M23ivX/bl+CM9G9LMPRkqSJ1
nHmlVE9zR+vgWd3cY1qk93vzy92qY1Ntotd6bhS/IUa7rBMA4knMfKkaWWWIo/vT
uhMqSSFczwC2k55HozRFAy4i/Moc6N5STWl70JK+cGRECG+4HvOQ95wtRcB7rfEF
9oJNUoAD5IbDVd0j1/ekDuexJkksSNz5dvp8qQhEe++SusYhyPZjTljxP1POkGj+
rOAx0TKTUQbmpkxRD2aGK5+sAF193tzCQtPQOHWx5Q6g2sbGiTw3EMbUAswzZ5Vi
RKF725k23i8oVWNr7xZth0OAaV/J3aElLRj5hw0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQA8hettgVCP5lrsVPHc1GCrAahGzAfBgNVHSMEGDAWgBTyvni+NRWssJ5Y
MX8GlQ2OiB83pzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhyNTR2alVWckxDZVdERl9CcFVOam9nZk42Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMmU5YzhkLTBhZmUtNGYzNC1iYTZiLTRmYzQzNTRkODczYS8x
L0FQSVhyYllGUWotWmE3RlR4M05SZ3F3R29Scy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MmU5YzhkLTBhZmUtNGYzNC1iYTZiLTRmYzQzNTRkODczYS8xLzhyNTR2alVWckxD
ZVdERl9CcFVOam9nZk42Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP+kDANBgkqhkiG9w0BAQsFAAOC
AQEAh16S9TZDqy3meg5d6jfZnYrxcXJaoUKqc6yVJeaeLYDm+XhJpEnoGSeaiOPv
6JibYW3wjhHXapxGDMslh1RKvx80AUdB36wWJids3AcSRKpXeTMzxdPWlZvcnZvl
aEU6rWzzM/vuRyeCn2HX6rdzBmzt3LGzBVHV4m/y2OSg+xO9st+pG5y+OB7J4MsF
J9zFyG0sPQ3IrVQOz6vcvRkaLxxEjodERNDOnBDoCKSDFW+OW4Oh1Nmq5fxU6wQO
YFIcuTQnALg3cz5HzgxI1nTlZt+xjFbWB1Idis6fx4Jb5OBQNfr6XR85JyVWSsqU
qmC6ldX1Ht37WC9bCCvgakmcEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:21 2024 by rpki-client on console-ams.rpki-client.org