Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/sb6ddfQj9ezMOmBUf9z6yJ0j-d0.roa
File:                     sb6ddfQj9ezMOmBUf9z6yJ0j-d0.roa (raw, json)
Hash identifier:          EIHfTwJDVVa0rqR12fxyI/ywTKUUkZcEXeEz312hT8s=
Subject key identifier:   B1:BE:9D:75:F4:23:F5:EC:CC:3A:60:54:7F:DC:FA:C8:9D:23:F9:DD
Certificate issuer:       /CN=b70d0e166fa5f2c7855b024b35c47e57bdc55656
Certificate serial:       049DEAE0
Authority key identifier: B7:0D:0E:16:6F:A5:F2:C7:85:5B:02:4B:35:C4:7E:57:BD:C5:56:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tw0OFm-l8seFWwJLNcR-V73FVlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/sb6ddfQj9ezMOmBUf9z6yJ0j-d0.roa
Signing time:             Sat 01 Jan 2022 10:03:09 +0000
ROA not before:           Sat 01 Jan 2022 10:03:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42101
IP address blocks:        2a10:4646:3::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 77458144 (0x49deae0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b70d0e166fa5f2c7855b024b35c47e57bdc55656
        Validity
            Not Before: Jan  1 10:03:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1be9d75f423f5eccc3a60547fdcfac89d23f9dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:33:3f:ba:54:cb:76:f7:53:c2:8d:5b:32:a1:
                    60:5f:17:b7:9f:27:22:de:aa:38:c4:50:ca:3f:4e:
                    de:db:9c:ae:fa:26:e4:db:08:92:72:75:a8:1e:79:
                    b5:8e:10:02:fa:67:88:7a:1f:25:26:cb:74:27:28:
                    d0:0e:91:ad:9f:0b:15:8e:0a:de:52:0e:a3:ec:5f:
                    c9:48:8a:80:00:07:08:fb:09:1e:35:a3:10:fe:7f:
                    f9:13:97:68:f3:3f:59:df:3f:d1:6a:56:b1:86:bd:
                    86:06:76:c5:f0:03:b9:16:d7:e1:26:48:b0:d2:b6:
                    b7:5b:bd:f4:38:a7:a1:c1:ef:1c:2d:3d:7e:80:e1:
                    02:15:9d:ca:58:58:aa:c1:10:c1:e8:b9:27:40:d2:
                    9a:2f:1d:63:ad:e7:4b:77:03:15:63:61:f0:97:48:
                    6b:83:47:bb:c1:0e:1b:00:b1:9e:f8:6b:30:be:15:
                    c0:f5:a4:b8:d8:24:63:83:2c:76:50:b8:45:56:ff:
                    5e:0a:21:d7:9e:0a:c8:57:54:11:15:24:d6:31:03:
                    e7:12:de:df:90:c3:79:76:c9:dd:24:e6:3e:a0:63:
                    dc:2d:d2:9c:0a:c9:ed:d7:29:d4:d8:dd:cd:30:fa:
                    3a:8b:67:a1:16:9d:96:32:51:e8:27:a8:d0:59:d0:
                    05:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:BE:9D:75:F4:23:F5:EC:CC:3A:60:54:7F:DC:FA:C8:9D:23:F9:DD
            X509v3 Authority Key Identifier:
                keyid:B7:0D:0E:16:6F:A5:F2:C7:85:5B:02:4B:35:C4:7E:57:BD:C5:56:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tw0OFm-l8seFWwJLNcR-V73FVlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/sb6ddfQj9ezMOmBUf9z6yJ0j-d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/tw0OFm-l8seFWwJLNcR-V73FVlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:20:96:92:48:a6:4b:de:c1:5c:74:49:d9:db:83:ca:6a:c1:
         57:ef:57:c7:1b:f1:6a:77:3b:44:9d:f3:b8:18:e0:20:cc:38:
         37:64:31:e9:2e:27:5c:c9:00:b4:74:dc:a8:d6:6a:a1:4c:15:
         ef:41:5c:02:eb:e9:20:bf:c7:7d:93:fb:cb:62:9c:d7:19:43:
         f5:ff:b1:5e:03:a8:61:11:63:fe:9f:ef:b1:e0:bf:2b:6c:85:
         6d:c4:13:37:27:72:c7:f9:0c:6a:b4:90:63:a0:f0:c1:0b:38:
         01:9e:e9:a6:65:d7:b5:85:a6:64:dd:16:67:a4:16:75:50:c3:
         20:91:7c:fb:c8:d6:8b:ab:5e:73:95:d0:ba:c5:e7:cb:fb:d8:
         87:05:54:0b:12:a3:7e:3f:14:9d:01:2b:d9:aa:11:02:d8:26:
         5d:e5:ed:84:25:61:e2:fa:cd:46:af:44:13:4d:e0:da:01:10:
         69:84:84:14:01:4e:6c:d7:48:ee:f6:7a:5f:5f:96:36:2f:7b:
         23:51:a5:0e:df:f7:d0:44:82:c8:ef:06:ee:f7:ca:a0:21:f4:
         d4:d1:55:38:1e:bf:43:71:b9:74:36:8d:38:b9:d8:c7:fd:5b:
         93:7e:c0:d9:5a:4c:e4:51:99:5d:f1:84:fc:d1:97:d1:fd:72:
         75:d1:f1:41
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBJ3q4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzBkMGUxNjZmYTVmMmM3ODU1YjAyNGIzNWM0N2U1N2JkYzU1NjU2MB4XDTIyMDEw
MTEwMDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFiZTlkNzVmNDIz
ZjVlY2NjM2E2MDU0N2ZkY2ZhYzg5ZDIzZjlkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUzP7pUy3b3U8KNWzKhYF8Xt58nIt6qOMRQyj9O3tucrvom
5NsIknJ1qB55tY4QAvpniHofJSbLdCco0A6RrZ8LFY4K3lIOo+xfyUiKgAAHCPsJ
HjWjEP5/+ROXaPM/Wd8/0WpWsYa9hgZ2xfADuRbX4SZIsNK2t1u99DinocHvHC09
foDhAhWdylhYqsEQwei5J0DSmi8dY63nS3cDFWNh8JdIa4NHu8EOGwCxnvhrML4V
wPWkuNgkY4MsdlC4RVb/Xgoh154KyFdUERUk1jED5xLe35DDeXbJ3STmPqBj3C3S
nArJ7dcp1NjdzTD6OotnoRadljJR6Ceo0FnQBZMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSxvp119CP17Mw6YFR/3PrInSP53TAfBgNVHSMEGDAWgBS3DQ4Wb6Xyx4Vb
Aks1xH5XvcVWVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R3ME9GbS1sOHNlRld3SkxOY1ItVjczRlZsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvYzdjNGE4LTM0MmMtNGVkOS1iNTIxLWEyZmE0MmVjMzYyZS8x
L3NiNmRkZlFqOWV6TU9tQlVmOXo2eUowai1kMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
YzdjNGE4LTM0MmMtNGVkOS1iNTIxLWEyZmE0MmVjMzYyZS8xL3R3ME9GbS1sOHNl
Rld3SkxOY1ItVjczRlZsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQRkYAAzANBgkqhkiG9w0BAQsF
AAOCAQEAXiCWkkimS97BXHRJ2duDymrBV+9Xxxvxanc7RJ3zuBjgIMw4N2Qx6S4n
XMkAtHTcqNZqoUwV70FcAuvpIL/HfZP7y2Kc1xlD9f+xXgOoYRFj/p/vseC/K2yF
bcQTNydyx/kMarSQY6DwwQs4AZ7ppmXXtYWmZN0WZ6QWdVDDIJF8+8jWi6tec5XQ
usXny/vYhwVUCxKjfj8UnQEr2aoRAtgmXeXthCVh4vrNRq9EE03g2gEQaYSEFAFO
bNdI7vZ6X1+WNi97I1GlDt/30ESCyO8G7vfKoCH01NFVOB6/Q3G5dDaNOLnYx/1b
k37A2VpM5FGZXfGE/NGX0f1yddHxQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:35 2024 by rpki-client on console-fra.rpki-client.org