Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/e55af7-b7fb-40f3-bad3-203d5e009223/1/l6_diwqyibL6lhLpcrrvR-zGBvk.roa
File:                     l6_diwqyibL6lhLpcrrvR-zGBvk.roa (raw, json)
Hash identifier:          MF//DV1NzUMew7lE/icb8djF7azQys1C7RmwFxbllUA=
Subject key identifier:   97:AF:DD:8B:0A:B2:89:B2:FA:96:12:E9:72:BA:EF:47:EC:C6:06:F9
Certificate issuer:       /CN=a35daae54836813feb72d5b45ed4042237aa0bd6
Certificate serial:       041067DF
Authority key identifier: A3:5D:AA:E5:48:36:81:3F:EB:72:D5:B4:5E:D4:04:22:37:AA:0B:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o12q5Ug2gT_rctW0XtQEIjeqC9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/e55af7-b7fb-40f3-bad3-203d5e009223/1/l6_diwqyibL6lhLpcrrvR-zGBvk.roa
Signing time:             Sat 01 Jan 2022 13:00:15 +0000
ROA not before:           Sat 01 Jan 2022 13:00:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200424
IP address blocks:        45.128.240.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68184031 (0x41067df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a35daae54836813feb72d5b45ed4042237aa0bd6
        Validity
            Not Before: Jan  1 13:00:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97afdd8b0ab289b2fa9612e972baef47ecc606f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:53:04:72:36:c7:bb:26:8a:cb:ad:6f:43:e9:
                    08:75:ed:69:cc:4b:72:98:81:1c:68:bd:5e:40:02:
                    75:69:66:41:2a:f7:60:e9:64:49:b0:ac:c7:33:95:
                    48:bd:42:3e:93:08:76:f8:1a:9e:02:49:ee:8e:b8:
                    e9:67:2d:95:af:84:be:5f:5f:be:10:a2:eb:97:80:
                    dc:c7:18:a3:7f:5f:30:a8:b0:08:5e:e6:e6:5f:05:
                    fa:c2:9f:95:31:2a:f5:62:5e:5b:de:01:b1:59:a7:
                    da:45:37:ab:56:21:80:63:6e:55:fc:62:07:e4:0c:
                    1a:a8:65:99:91:4c:c6:e6:dd:de:ed:c0:d9:78:68:
                    ae:9e:94:80:e6:0f:74:58:3e:90:33:40:86:56:2f:
                    b1:4e:8c:d2:e5:90:bd:50:f7:56:58:18:0c:0a:61:
                    f7:a9:6a:1f:d1:08:c3:0f:76:c1:cd:80:73:3f:f8:
                    b2:c5:5d:dc:5f:5f:86:c2:6c:20:f3:37:37:d1:12:
                    ef:5f:2d:85:50:43:d4:4b:77:21:74:f4:d1:76:20:
                    2a:dc:9c:b6:ce:91:69:6a:32:8f:4f:f9:a3:94:0f:
                    7a:02:65:09:61:8f:88:bf:fa:1e:42:e5:7e:51:92:
                    8e:3d:f7:bd:76:2b:a5:e5:19:3a:f0:69:ce:02:cc:
                    10:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:AF:DD:8B:0A:B2:89:B2:FA:96:12:E9:72:BA:EF:47:EC:C6:06:F9
            X509v3 Authority Key Identifier:
                keyid:A3:5D:AA:E5:48:36:81:3F:EB:72:D5:B4:5E:D4:04:22:37:AA:0B:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o12q5Ug2gT_rctW0XtQEIjeqC9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/e55af7-b7fb-40f3-bad3-203d5e009223/1/l6_diwqyibL6lhLpcrrvR-zGBvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/e55af7-b7fb-40f3-bad3-203d5e009223/1/o12q5Ug2gT_rctW0XtQEIjeqC9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:97:2d:c8:4f:2f:95:c5:cd:40:36:5f:54:b1:43:46:02:e8:
         e2:6d:07:58:ef:01:f9:87:be:a6:fa:c8:7b:cc:b0:b4:bd:3c:
         87:97:7d:d9:d1:25:4c:0b:f2:a3:2b:18:82:53:f8:9e:8e:4a:
         78:b3:47:e4:e8:28:46:39:98:77:83:82:9c:d1:c6:63:7e:9d:
         8a:bb:43:86:a5:43:0a:07:8c:a8:27:2d:2b:18:65:73:bc:85:
         f6:2a:00:58:16:9d:d6:b8:64:3b:a7:6e:b6:df:e1:18:e9:04:
         b0:d6:5e:e8:4b:47:34:ad:84:a2:9e:b0:93:99:8f:d2:c4:3e:
         06:75:16:90:d1:e5:e1:80:39:0d:77:3d:09:6d:1f:38:51:a7:
         5d:3d:1e:09:88:98:ad:c6:36:31:39:2f:8b:11:fd:bf:b5:e1:
         8e:60:51:04:42:11:46:c6:d0:94:3e:1a:ec:83:8d:5c:f6:11:
         ba:0b:9e:b8:8f:78:42:1e:91:7d:23:ec:17:36:60:2a:71:8d:
         48:0f:ee:8c:b0:7e:b0:6c:0a:ce:1b:99:a8:78:be:6e:d4:d4:
         fe:b1:c3:61:94:55:46:85:cf:64:e1:9f:bd:53:37:98:95:1a:
         3d:87:61:a1:0d:20:f3:cc:41:c5:35:3c:4d:4c:ac:c5:55:f4:
         30:3d:34:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBBBn3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzVkYWFlNTQ4MzY4MTNmZWI3MmQ1YjQ1ZWQ0MDQyMjM3YWEwYmQ2MB4XDTIyMDEw
MTEzMDAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdhZmRkOGIwYWIy
ODliMmZhOTYxMmU5NzJiYWVmNDdlY2M2MDZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlTBHI2x7smisutb0PpCHXtacxLcpiBHGi9XkACdWlmQSr3
YOlkSbCsxzOVSL1CPpMIdvgangJJ7o646Wctla+Evl9fvhCi65eA3McYo39fMKiw
CF7m5l8F+sKflTEq9WJeW94BsVmn2kU3q1YhgGNuVfxiB+QMGqhlmZFMxubd3u3A
2Xhorp6UgOYPdFg+kDNAhlYvsU6M0uWQvVD3VlgYDAph96lqH9EIww92wc2Acz/4
ssVd3F9fhsJsIPM3N9ES718thVBD1Et3IXT00XYgKtycts6RaWoyj0/5o5QPegJl
CWGPiL/6HkLlflGSjj33vXYrpeUZOvBpzgLMEEUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXr92LCrKJsvqWEulyuu9H7MYG+TAfBgNVHSMEGDAWgBSjXarlSDaBP+ty
1bRe1AQiN6oL1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28xMnE1VWcyZ1RfcmN0VzBYdFFFSWplcUM5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvZTU1YWY3LWI3ZmItNDBmMy1iYWQzLTIwM2Q1ZTAwOTIyMy8x
L2w2X2Rpd3F5aWJMNmxoTHBjcnJ2Ui16R0J2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
ZTU1YWY3LWI3ZmItNDBmMy1iYWQzLTIwM2Q1ZTAwOTIyMy8xL28xMnE1VWcyZ1Rf
cmN0VzBYdFFFSWplcUM5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2A8DANBgkqhkiG9w0BAQsFAAOC
AQEAOJctyE8vlcXNQDZfVLFDRgLo4m0HWO8B+Ye+pvrIe8ywtL08h5d92dElTAvy
oysYglP4no5KeLNH5OgoRjmYd4OCnNHGY36dirtDhqVDCgeMqCctKxhlc7yF9ioA
WBad1rhkO6dutt/hGOkEsNZe6EtHNK2Eop6wk5mP0sQ+BnUWkNHl4YA5DXc9CW0f
OFGnXT0eCYiYrcY2MTkvixH9v7XhjmBRBEIRRsbQlD4a7IONXPYRugueuI94Qh6R
fSPsFzZgKnGNSA/ujLB+sGwKzhuZqHi+btTU/rHDYZRVRoXPZOGfvVM3mJUaPYdh
oQ0g88xBxTU8TUysxVX0MD00hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:32 2024 by rpki-client on console-ams.rpki-client.org