Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/f3e0f2-0bb6-495b-ad3a-6c3f69b18735/1/1-y5gsKYeMTaPekbdKUs918P2Yec.roa
File:                     1-y5gsKYeMTaPekbdKUs918P2Yec.roa (raw, json)
Hash identifier:          iO1PVT9ePZ2ocU6FwyP5qU7eR8SRCFw0R621Rf2qGbo=
Subject key identifier:   FB:2E:60:B0:A6:1E:31:36:8F:7A:46:DD:29:4B:3D:D7:C3:F6:61:E7
Certificate issuer:       /CN=51ea07606b286288cedfd25fee8f8b76e416d7fd
Certificate serial:       F2D27E
Authority key identifier: 51:EA:07:60:6B:28:62:88:CE:DF:D2:5F:EE:8F:8B:76:E4:16:D7:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UeoHYGsoYojO39Jf7o-LduQW1_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/f3e0f2-0bb6-495b-ad3a-6c3f69b18735/1/1-y5gsKYeMTaPekbdKUs918P2Yec.roa
Signing time:             Sat 01 Jan 2022 11:58:20 +0000
ROA not before:           Sat 01 Jan 2022 11:58:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        193.3.20.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15913598 (0xf2d27e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51ea07606b286288cedfd25fee8f8b76e416d7fd
        Validity
            Not Before: Jan  1 11:58:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb2e60b0a61e31368f7a46dd294b3dd7c3f661e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f7:9b:52:61:c5:41:37:e8:19:7b:1c:b8:23:
                    05:69:3c:6a:83:ad:f3:3b:1a:7d:96:4d:c9:60:f2:
                    f6:b8:c2:9b:60:48:4f:52:6a:59:10:f7:58:d2:15:
                    78:bf:15:a7:8e:13:42:57:bb:86:d2:eb:81:ef:f2:
                    d3:7e:69:04:1e:05:f9:9f:56:ae:33:33:c4:c4:41:
                    5f:25:12:b8:ad:8a:f7:01:5a:7a:5e:1e:3a:ed:df:
                    02:05:35:67:cc:db:55:da:71:53:6d:12:61:c8:20:
                    1e:9b:cd:57:17:37:22:48:52:80:46:f5:0b:5f:10:
                    92:66:cc:44:c4:f0:58:61:cc:ec:16:04:54:c5:e3:
                    96:97:52:09:97:46:e6:45:d2:56:e6:18:76:53:56:
                    98:98:a2:f0:18:16:07:30:7f:44:ae:e2:af:c7:33:
                    d7:46:1f:d2:77:a1:94:85:dc:4f:14:06:cb:1a:fe:
                    ce:4c:68:13:1a:4e:ca:df:44:c2:a3:b2:9a:e8:02:
                    50:fc:46:86:29:91:78:ce:46:e5:af:59:ba:aa:47:
                    b9:88:23:ff:b4:74:4a:7c:25:3b:05:5f:4b:ea:18:
                    ec:88:17:55:5c:3a:c1:48:19:b4:46:21:ed:03:e1:
                    de:a0:06:38:2f:c8:fd:1c:4f:8d:d8:14:31:5a:0a:
                    48:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:2E:60:B0:A6:1E:31:36:8F:7A:46:DD:29:4B:3D:D7:C3:F6:61:E7
            X509v3 Authority Key Identifier:
                keyid:51:EA:07:60:6B:28:62:88:CE:DF:D2:5F:EE:8F:8B:76:E4:16:D7:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UeoHYGsoYojO39Jf7o-LduQW1_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/f3e0f2-0bb6-495b-ad3a-6c3f69b18735/1/1-y5gsKYeMTaPekbdKUs918P2Yec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/f3e0f2-0bb6-495b-ad3a-6c3f69b18735/1/UeoHYGsoYojO39Jf7o-LduQW1_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:66:77:c9:49:75:f5:26:a3:16:0b:36:f8:74:a0:07:22:ee:
         d1:a1:9d:42:dd:2a:b5:70:16:b2:18:48:dd:6c:b4:97:5d:7a:
         ca:13:7f:b2:a1:0e:31:95:15:a2:ac:12:23:55:88:63:f9:49:
         de:ef:dd:54:67:f9:04:7a:84:3b:a1:79:8b:03:fc:c7:0b:fc:
         3a:51:8b:ef:66:7c:91:5a:f1:62:3e:e2:34:78:5e:bd:12:ff:
         fa:d6:5a:87:70:68:54:ee:47:86:f0:13:38:08:43:c9:f6:d1:
         33:a1:71:29:ec:3e:9c:b4:5d:2b:46:a2:ad:66:4e:e0:da:2f:
         e5:bc:29:2f:f3:47:4b:ce:39:39:e5:f7:aa:40:85:d1:06:10:
         b7:23:fd:0a:25:cb:20:fd:b1:3d:5a:03:7e:cc:9e:3a:f2:e0:
         f8:12:46:18:e5:c4:17:c2:76:a1:b2:bd:df:9f:42:44:30:16:
         a5:5d:39:44:2c:7b:76:b8:a0:0b:8a:57:2b:67:35:0c:ac:a2:
         4a:eb:a2:04:5a:5e:25:93:62:2a:09:c2:22:85:56:5a:22:29:
         05:fc:cd:ef:94:ed:58:3b:be:1d:6d:38:e7:31:57:54:bd:45:
         9a:98:58:53:de:40:19:89:8a:aa:61:91:02:76:ec:9e:1d:ec:
         b3:66:f9:5e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAPLSfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWVhMDc2MDZiMjg2Mjg4Y2VkZmQyNWZlZThmOGI3NmU0MTZkN2ZkMB4XDTIyMDEw
MTExNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIyZTYwYjBhNjFl
MzEzNjhmN2E0NmRkMjk0YjNkZDdjM2Y2NjFlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD3m1JhxUE36Bl7HLgjBWk8aoOt8zsafZZNyWDy9rjCm2BI
T1JqWRD3WNIVeL8Vp44TQle7htLrge/y035pBB4F+Z9WrjMzxMRBXyUSuK2K9wFa
el4eOu3fAgU1Z8zbVdpxU20SYcggHpvNVxc3IkhSgEb1C18QkmbMRMTwWGHM7BYE
VMXjlpdSCZdG5kXSVuYYdlNWmJii8BgWBzB/RK7ir8cz10Yf0nehlIXcTxQGyxr+
zkxoExpOyt9EwqOymugCUPxGhimReM5G5a9ZuqpHuYgj/7R0SnwlOwVfS+oY7IgX
VVw6wUgZtEYh7QPh3qAGOC/I/RxPjdgUMVoKSLkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT7LmCwph4xNo96Rt0pSz3Xw/Zh5zAfBgNVHSMEGDAWgBRR6gdgayhiiM7f
0l/uj4t25BbX/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vlb0hZR3NvWW9qTzM5SmY3by1MZHVRVzFfMC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvZjNlMGYyLTBiYjYtNDk1Yi1hZDNhLTZjM2Y2OWIxODczNS8x
LzEteTVnc0tZZU1UYVBla2JkS1VzOTE4UDJZZWMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYz
L2YzZTBmMi0wYmI2LTQ5NWItYWQzYS02YzNmNjliMTg3MzUvMS9VZW9IWUdzb1lv
ak8zOUpmN28tTGR1UVcxXzAuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBAxQwDQYJKoZIhvcNAQELBQAD
ggEBAF5md8lJdfUmoxYLNvh0oAci7tGhnULdKrVwFrIYSN1stJddesoTf7KhDjGV
FaKsEiNViGP5Sd7v3VRn+QR6hDuheYsD/McL/DpRi+9mfJFa8WI+4jR4Xr0S//rW
WodwaFTuR4bwEzgIQ8n20TOhcSnsPpy0XStGoq1mTuDaL+W8KS/zR0vOOTnl96pA
hdEGELcj/QolyyD9sT1aA37Mnjry4PgSRhjlxBfCdqGyvd+fQkQwFqVdOUQse3a4
oAuKVytnNQysokrrogRaXiWTYioJwiKFVloiKQX8ze+U7Vg7vh1tOOcxV1S9RZqY
WFPeQBmJiqphkQJ27J4d7LNm+V4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:44 2024 by rpki-client on console-fra.rpki-client.org