Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/IpzNuV6nJqYCaH7wV2AIAyZ3xMY.roa
File:                     IpzNuV6nJqYCaH7wV2AIAyZ3xMY.roa (raw, json)
Hash identifier:          +0GepSZZia9qhUhmmKztcmQWmrc+Jefb0j/gI1rq4Os=
Subject key identifier:   22:9C:CD:B9:5E:A7:26:A6:02:68:7E:F0:57:60:08:03:26:77:C4:C6
Certificate issuer:       /CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
Certificate serial:       0138901A
Authority key identifier: 0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/IpzNuV6nJqYCaH7wV2AIAyZ3xMY.roa
Signing time:             Sat 01 Jan 2022 07:04:39 +0000
ROA not before:           Sat 01 Jan 2022 07:04:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        31.41.249.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20484122 (0x138901a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
        Validity
            Not Before: Jan  1 07:04:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=229ccdb95ea726a602687ef0576008032677c4c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:74:93:92:72:08:d1:29:98:1e:9d:52:0e:86:
                    5e:48:e6:0d:55:94:71:9c:48:c1:48:16:35:bc:01:
                    4e:63:3b:04:d3:67:95:e0:0e:66:28:a5:8d:3b:fa:
                    cc:b9:51:25:a5:3b:38:06:85:fa:29:de:f0:a8:a2:
                    37:9e:8a:0a:9a:ca:cc:cf:0f:1a:4f:b7:f2:6c:e8:
                    0f:4a:32:33:de:8c:40:c3:8b:b6:d2:e2:4f:5a:f8:
                    ff:3e:41:32:8c:78:89:11:62:67:3d:69:0f:62:a4:
                    15:3b:2f:ee:28:c2:85:c4:e4:91:e1:8d:95:d4:b9:
                    41:51:d2:4a:e5:ec:1e:8d:38:72:d5:cb:2f:fb:1a:
                    34:0f:28:8f:bf:d9:d3:1c:1e:5f:70:7a:c8:79:e6:
                    cd:22:91:fc:4f:6c:7f:75:05:01:f4:a0:bf:79:ce:
                    bc:b5:73:09:5f:8d:5f:66:4b:02:fe:4e:94:14:58:
                    f0:9a:73:b7:a6:9c:c0:63:d8:a3:58:82:78:5a:92:
                    29:6d:27:9c:fb:be:2c:9b:1a:03:31:f5:ec:cd:d3:
                    12:47:6b:ef:5e:bb:0e:61:18:f7:d8:27:46:6e:8b:
                    f1:ed:bf:f3:3a:74:9b:07:c8:1f:9a:dc:89:10:1d:
                    31:99:5e:c6:4f:9a:10:05:94:80:ce:a1:3c:f5:6f:
                    9a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:9C:CD:B9:5E:A7:26:A6:02:68:7E:F0:57:60:08:03:26:77:C4:C6
            X509v3 Authority Key Identifier:
                keyid:0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/IpzNuV6nJqYCaH7wV2AIAyZ3xMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/CwJi65tDeBr0e_2DPXsqjtW9acA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:63:ff:c5:c2:57:7f:1a:ee:92:b5:7f:e2:34:cf:5f:e2:9d:
         ba:29:85:c3:ad:1d:c8:e5:c7:de:81:86:ac:8f:18:df:b8:68:
         86:51:95:c8:7c:dc:c0:6d:32:fc:81:bd:4d:48:c8:64:01:bf:
         0e:b7:d7:db:78:e3:7e:a6:6b:bb:1b:31:4e:c2:db:ee:3d:1a:
         97:ba:de:de:10:46:fb:86:5c:34:a3:cc:87:ab:37:14:1d:9f:
         42:6a:68:bb:5c:f6:d2:10:06:a9:c4:47:ba:e9:6b:66:57:38:
         ff:e8:d8:c0:d1:24:58:24:96:dc:56:0c:f1:e5:3e:77:80:11:
         ad:f7:86:dc:40:c5:3a:1b:6b:9f:b4:6e:5e:98:60:7e:6b:55:
         ae:b7:18:95:c0:21:ef:f2:46:68:7a:2d:fc:f9:ec:b4:ef:45:
         c1:7f:80:ba:1a:8b:4e:6d:f3:6b:2a:d6:8e:b2:4f:8e:af:41:
         05:a3:6b:06:c2:dc:b8:f9:3e:20:f2:7e:8f:97:d2:36:6b:9f:
         93:4d:b9:de:96:2b:06:97:f6:55:ef:2c:e0:1c:28:30:26:70:
         cd:05:12:34:36:5e:4c:04:30:5f:de:d8:ee:3c:bc:bc:7b:8c:
         f0:02:3d:48:3a:39:7f:43:60:6a:16:38:25:b2:4b:34:20:7b:
         fe:05:09:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATiQGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjAyNjJlYjliNDM3ODFhZjQ3YmZkODMzZDdiMmE4ZWQ1YmQ2OWMwMB4XDTIyMDEw
MTA3MDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5Y2NkYjk1ZWE3
MjZhNjAyNjg3ZWYwNTc2MDA4MDMyNjc3YzRjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANN0k5JyCNEpmB6dUg6GXkjmDVWUcZxIwUgWNbwBTmM7BNNn
leAOZiiljTv6zLlRJaU7OAaF+ine8KiiN56KCprKzM8PGk+38mzoD0oyM96MQMOL
ttLiT1r4/z5BMox4iRFiZz1pD2KkFTsv7ijChcTkkeGNldS5QVHSSuXsHo04ctXL
L/saNA8oj7/Z0xweX3B6yHnmzSKR/E9sf3UFAfSgv3nOvLVzCV+NX2ZLAv5OlBRY
8Jpzt6acwGPYo1iCeFqSKW0nnPu+LJsaAzH17M3TEkdr7167DmEY99gnRm6L8e2/
8zp0mwfIH5rciRAdMZlexk+aEAWUgM6hPPVvmiECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQinM25XqcmpgJofvBXYAgDJnfExjAfBgNVHSMEGDAWgBQLAmLrm0N4GvR7
/YM9eyqO1b1pwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N3Smk2NXREZUJyMGVfMkRQWHNxanRXOWFjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvYTA0YjI4LTM5MTgtNDI1OS1iZDI1LTczZDhkZjVlYjI4OC8x
L0lwek51VjZuSnFZQ2FIN3dWMkFJQXlaM3hNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
YTA0YjI4LTM5MTgtNDI1OS1iZDI1LTczZDhkZjVlYjI4OC8xL0N3Smk2NXREZUJy
MGVfMkRQWHNxanRXOWFjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8p+TANBgkqhkiG9w0BAQsFAAOC
AQEAcWP/xcJXfxrukrV/4jTPX+KduimFw60dyOXH3oGGrI8Y37hohlGVyHzcwG0y
/IG9TUjIZAG/DrfX23jjfqZruxsxTsLb7j0al7re3hBG+4ZcNKPMh6s3FB2fQmpo
u1z20hAGqcRHuulrZlc4/+jYwNEkWCSW3FYM8eU+d4ARrfeG3EDFOhtrn7RuXphg
fmtVrrcYlcAh7/JGaHot/PnstO9FwX+AuhqLTm3zayrWjrJPjq9BBaNrBsLcuPk+
IPJ+j5fSNmufk0253pYrBpf2Ve8s4BwoMCZwzQUSNDZeTAQwX97Y7jy8vHuM8AI9
SDo5f0NgahY4JbJLNCB7/gUJXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:28 2024 by rpki-client on console-ams.rpki-client.org