Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ed6cad-8218-40fd-8bf1-347b590d341e/1/7PNp-UY0wLK6FgS1hcY83vdFw6g.roa
File:                     7PNp-UY0wLK6FgS1hcY83vdFw6g.roa (raw, json)
Hash identifier:          dCv20Z13jbGnSkNYVqwxCkKSlFKPtmXvZypE6hxC2a0=
Subject key identifier:   EC:F3:69:F9:46:34:C0:B2:BA:16:04:B5:85:C6:3C:DE:F7:45:C3:A8
Certificate issuer:       /CN=da46adf12391ffb0cf2bd92c10e0a55309dbbbb7
Certificate serial:       01FCC341
Authority key identifier: DA:46:AD:F1:23:91:FF:B0:CF:2B:D9:2C:10:E0:A5:53:09:DB:BB:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2kat8SOR_7DPK9ksEOClUwnbu7c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ed6cad-8218-40fd-8bf1-347b590d341e/1/7PNp-UY0wLK6FgS1hcY83vdFw6g.roa
Signing time:             Sat 01 Jan 2022 08:01:35 +0000
ROA not before:           Sat 01 Jan 2022 08:01:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        176.96.128.0/22 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33342273 (0x1fcc341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da46adf12391ffb0cf2bd92c10e0a55309dbbbb7
        Validity
            Not Before: Jan  1 08:01:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecf369f94634c0b2ba1604b585c63cdef745c3a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:cb:5c:47:11:97:26:cb:b4:4b:7e:cf:6e:76:
                    44:6d:d0:6f:5f:3a:06:e8:77:3b:ec:bb:77:31:a2:
                    98:02:99:e8:b2:be:a4:03:2c:62:11:0d:1f:5a:bd:
                    0a:23:76:7d:e0:ef:5a:6d:b9:ca:89:ed:25:2e:ec:
                    e7:6a:2a:21:93:28:66:13:18:72:ef:96:bd:bf:56:
                    95:c8:39:ba:df:f4:c2:42:8a:d4:5d:26:c1:19:27:
                    1d:c9:bc:95:e0:47:36:4e:30:b3:2c:14:bc:d9:55:
                    11:c8:80:85:ce:76:b5:c6:a0:48:e6:f0:8a:e3:d0:
                    19:cb:1c:5a:45:e0:e2:2e:9d:eb:9f:2c:36:e5:7b:
                    71:ed:8b:2a:b5:86:c8:cb:7a:5b:95:c1:95:5d:a4:
                    51:1e:d0:6c:b2:50:3f:7b:b4:dd:38:4c:ae:fe:58:
                    0b:7e:a2:3b:39:3f:e6:61:46:1d:bd:4f:4e:a7:0b:
                    e3:6a:4e:ea:c1:d9:d4:a0:53:5b:52:17:f2:b3:98:
                    43:f4:e3:25:df:7a:60:5e:04:2d:a8:c5:e8:79:04:
                    8b:ac:25:55:81:36:60:a4:40:40:f2:3e:55:28:e8:
                    8f:5b:a9:d8:b7:bd:63:bd:b9:da:5d:95:10:91:b3:
                    7d:ac:b3:7c:bd:96:23:ed:ba:62:02:46:fe:13:dc:
                    c7:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F3:69:F9:46:34:C0:B2:BA:16:04:B5:85:C6:3C:DE:F7:45:C3:A8
            X509v3 Authority Key Identifier:
                keyid:DA:46:AD:F1:23:91:FF:B0:CF:2B:D9:2C:10:E0:A5:53:09:DB:BB:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2kat8SOR_7DPK9ksEOClUwnbu7c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed6cad-8218-40fd-8bf1-347b590d341e/1/7PNp-UY0wLK6FgS1hcY83vdFw6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed6cad-8218-40fd-8bf1-347b590d341e/1/2kat8SOR_7DPK9ksEOClUwnbu7c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.96.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:94:68:db:21:08:df:d7:ab:86:6e:68:5a:b2:3d:3b:15:92:
         08:40:50:13:73:59:dc:16:fd:1d:83:cb:ce:34:c4:7b:48:08:
         3b:7b:13:d5:8e:ef:f0:c1:0b:65:12:6f:bd:65:91:7c:ea:0c:
         36:98:71:be:19:88:bf:ff:ed:18:10:4e:8b:ec:29:a6:cd:b2:
         9d:a1:5c:ea:a7:26:59:3a:ed:9d:89:6c:ac:c9:f0:e0:51:29:
         77:c9:ab:3c:bc:05:ee:49:56:65:45:69:ca:0f:3f:b7:0b:36:
         3c:a5:42:6e:54:a7:35:b6:db:35:0a:71:6f:c3:68:a4:25:6f:
         d2:56:96:5f:6a:d5:c2:72:c8:27:66:67:1a:e1:a3:6d:9e:64:
         9f:65:11:99:0b:4d:24:45:3b:03:6e:75:41:51:5b:d5:69:fd:
         93:bb:ac:09:35:9e:0e:4c:78:be:66:5f:02:fb:33:27:f7:bf:
         cf:d2:f7:81:ce:86:61:df:ee:b5:18:a0:a6:4f:64:59:0c:71:
         8f:8a:f1:e2:71:c1:66:bd:94:9d:c6:ab:7b:66:5b:64:d7:cd:
         c8:d1:cd:21:2e:d8:65:22:b1:af:59:e8:66:27:99:91:9e:3a:
         c0:99:9d:33:c8:67:9c:2b:66:5d:5f:f9:d6:81:bc:14:eb:6d:
         0f:d8:37:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfzDQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTQ2YWRmMTIzOTFmZmIwY2YyYmQ5MmMxMGUwYTU1MzA5ZGJiYmI3MB4XDTIyMDEw
MTA4MDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNmMzY5Zjk0NjM0
YzBiMmJhMTYwNGI1ODVjNjNjZGVmNzQ1YzNhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPLXEcRlybLtEt+z252RG3Qb186Buh3O+y7dzGimAKZ6LK+
pAMsYhENH1q9CiN2feDvWm25yontJS7s52oqIZMoZhMYcu+Wvb9Wlcg5ut/0wkKK
1F0mwRknHcm8leBHNk4wsywUvNlVEciAhc52tcagSObwiuPQGcscWkXg4i6d658s
NuV7ce2LKrWGyMt6W5XBlV2kUR7QbLJQP3u03ThMrv5YC36iOzk/5mFGHb1PTqcL
42pO6sHZ1KBTW1IX8rOYQ/TjJd96YF4ELajF6HkEi6wlVYE2YKRAQPI+VSjoj1up
2Le9Y7252l2VEJGzfayzfL2WI+26YgJG/hPcx8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTs82n5RjTAsroWBLWFxjze90XDqDAfBgNVHSMEGDAWgBTaRq3xI5H/sM8r
2SwQ4KVTCdu7tzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJrYXQ4U09SXzdEUEs5a3NFT0NsVXduYnU3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvZWQ2Y2FkLTgyMTgtNDBmZC04YmYxLTM0N2I1OTBkMzQxZS8x
LzdQTnAtVVkwd0xLNkZnUzFoY1k4M3ZkRnc2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
ZWQ2Y2FkLTgyMTgtNDBmZC04YmYxLTM0N2I1OTBkMzQxZS8xLzJrYXQ4U09SXzdE
UEs5a3NFT0NsVXduYnU3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArBggDANBgkqhkiG9w0BAQsFAAOC
AQEACpRo2yEI39erhm5oWrI9OxWSCEBQE3NZ3Bb9HYPLzjTEe0gIO3sT1Y7v8MEL
ZRJvvWWRfOoMNphxvhmIv//tGBBOi+wpps2ynaFc6qcmWTrtnYlsrMnw4FEpd8mr
PLwF7klWZUVpyg8/tws2PKVCblSnNbbbNQpxb8NopCVv0laWX2rVwnLIJ2ZnGuGj
bZ5kn2URmQtNJEU7A251QVFb1Wn9k7usCTWeDkx4vmZfAvszJ/e/z9L3gc6GYd/u
tRigpk9kWQxxj4rx4nHBZr2Uncare2ZbZNfNyNHNIS7YZSKxr1noZieZkZ46wJmd
M8hnnCtmXV/51oG8FOttD9g3sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:42 2024 by rpki-client on console-ams.rpki-client.org