Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/hFogUaHaVsNPP1SvVaG42nhUSfM.roa
File:                     hFogUaHaVsNPP1SvVaG42nhUSfM.roa (raw, json)
Hash identifier:          qnt13hYlwVaSTT2kQZQlF7Ox5OQXL29Q0G3spwXZKEs=
Subject key identifier:   84:5A:20:51:A1:DA:56:C3:4F:3F:54:AF:55:A1:B8:DA:78:54:49:F3
Certificate issuer:       /CN=09a8c234f2b0d6c9ca13e5411da29cf2c44f2891
Certificate serial:       7B2EBB
Authority key identifier: 09:A8:C2:34:F2:B0:D6:C9:CA:13:E5:41:1D:A2:9C:F2:C4:4F:28:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CajCNPKw1snKE-VBHaKc8sRPKJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/hFogUaHaVsNPP1SvVaG42nhUSfM.roa
Signing time:             Sat 01 Jan 2022 01:55:19 +0000
ROA not before:           Sat 01 Jan 2022 01:55:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        212.52.28.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8072891 (0x7b2ebb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09a8c234f2b0d6c9ca13e5411da29cf2c44f2891
        Validity
            Not Before: Jan  1 01:55:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=845a2051a1da56c34f3f54af55a1b8da785449f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c3:1e:24:4a:b0:be:ee:93:3a:57:4f:af:5a:
                    b1:1b:93:b6:1c:91:c3:9d:3e:30:73:ca:fe:23:01:
                    e2:80:13:39:cb:e0:f0:f9:e1:54:14:6a:f6:0c:9f:
                    f0:11:b8:a9:ab:09:1b:02:c4:d7:6f:70:c7:a4:55:
                    1c:05:24:98:f6:54:4f:43:68:77:75:a1:0f:18:20:
                    23:87:dc:1a:3c:13:f9:5d:1c:43:68:7c:01:d2:a1:
                    e8:3c:9a:5c:95:0e:f8:63:21:6d:c4:c0:a9:2d:28:
                    08:2f:8e:e6:4f:46:08:2a:c7:d4:99:39:5b:c6:c0:
                    d0:ae:4c:a9:e7:cd:a0:d7:72:7b:49:cd:ab:39:e5:
                    77:16:27:f5:a8:e3:f4:e3:ea:57:b0:3a:08:d1:2f:
                    cb:4c:d1:eb:b7:80:c2:42:cf:75:c5:13:55:43:32:
                    a0:75:ae:45:de:dd:09:3c:ef:03:53:58:52:12:3c:
                    11:00:50:9a:97:f5:66:22:fe:05:a5:41:dd:74:08:
                    dd:70:5c:8a:ab:90:fe:93:e9:73:b8:c4:59:5c:29:
                    a4:88:4b:30:5e:ef:67:b0:bf:8a:80:c9:f1:38:61:
                    14:20:4c:d5:45:d5:ca:55:59:90:fb:eb:0d:4b:0d:
                    1f:ad:72:4c:41:42:2d:5c:38:1c:88:70:9f:96:b5:
                    01:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5A:20:51:A1:DA:56:C3:4F:3F:54:AF:55:A1:B8:DA:78:54:49:F3
            X509v3 Authority Key Identifier:
                keyid:09:A8:C2:34:F2:B0:D6:C9:CA:13:E5:41:1D:A2:9C:F2:C4:4F:28:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CajCNPKw1snKE-VBHaKc8sRPKJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/hFogUaHaVsNPP1SvVaG42nhUSfM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eaf169-fd91-48f7-953b-7e69c7283de4/1/CajCNPKw1snKE-VBHaKc8sRPKJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.52.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:f5:a8:7e:e8:e9:f0:9d:37:f2:e9:cd:27:69:6c:af:a4:fe:
         78:92:17:0c:c6:f5:d0:e0:62:33:62:55:f2:29:95:8a:f1:41:
         4d:a0:35:b1:77:e1:d3:9b:87:f2:99:39:6e:0e:14:14:1d:fe:
         23:1e:22:9a:d5:4c:37:f0:a4:6e:bc:fd:17:b2:10:03:89:ae:
         9b:d1:e7:f7:bc:f6:d7:12:92:c3:4b:a6:36:7c:ed:c2:47:c8:
         81:21:e5:21:0c:b0:91:94:f5:b3:da:89:51:7e:88:eb:2a:b8:
         39:b6:ad:cb:31:d8:89:fc:5a:20:9f:89:9e:23:98:04:f5:59:
         d2:84:7b:40:52:d7:03:06:ac:d6:dc:c1:0c:f7:2b:40:75:3a:
         df:ba:67:35:bc:70:de:72:a5:f9:03:0e:51:02:77:cd:db:4a:
         2d:f7:20:67:b9:c0:af:10:68:e1:e4:eb:78:84:4d:3d:6d:1d:
         72:5b:6e:cb:ad:c1:85:b0:d6:5a:4e:af:cb:a0:dc:c7:31:9e:
         18:92:9e:ca:e2:fd:8b:c0:d3:a5:40:1d:39:97:13:7a:ee:a9:
         12:23:4e:ab:a3:dc:75:d7:0a:6c:ea:07:81:48:d3:b4:81:7c:
         5c:ec:b3:ec:06:dd:5b:7d:21:79:69:f9:be:91:ff:20:d7:e9:
         7f:94:3e:5d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDey67MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA5
YThjMjM0ZjJiMGQ2YzljYTEzZTU0MTFkYTI5Y2YyYzQ0ZjI4OTEwHhcNMjIwMTAx
MDE1NTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NDVhMjA1MWExZGE1
NmMzNGYzZjU0YWY1NWExYjhkYTc4NTQ0OWYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA48MeJEqwvu6TOldPr1qxG5O2HJHDnT4wc8r+IwHigBM5y+Dw
+eFUFGr2DJ/wEbipqwkbAsTXb3DHpFUcBSSY9lRPQ2h3daEPGCAjh9waPBP5XRxD
aHwB0qHoPJpclQ74YyFtxMCpLSgIL47mT0YIKsfUmTlbxsDQrkyp582g13J7Sc2r
OeV3Fif1qOP04+pXsDoI0S/LTNHrt4DCQs91xRNVQzKgda5F3t0JPO8DU1hSEjwR
AFCal/VmIv4FpUHddAjdcFyKq5D+k+lzuMRZXCmkiEswXu9nsL+KgMnxOGEUIEzV
RdXKVVmQ++sNSw0frXJMQUItXDgciHCflrUB4QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIRaIFGh2lbDTz9Ur1WhuNp4VEnzMB8GA1UdIwQYMBaAFAmowjTysNbJyhPl
QR2inPLETyiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q2FqQ05QS3cxc25LRS1WQkhhS2M4c1JQS0pFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82YS9lYWYxNjktZmQ5MS00OGY3LTk1M2ItN2U2OWM3MjgzZGU0LzEv
aEZvZ1VhSGFWc05QUDFTdlZhRzQybmhVU2ZNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9l
YWYxNjktZmQ5MS00OGY3LTk1M2ItN2U2OWM3MjgzZGU0LzEvQ2FqQ05QS3cxc25L
RS1WQkhhS2M4c1JQS0pFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQcMA0GCSqGSIb3DQEBCwUAA4IB
AQA09ah+6OnwnTfy6c0naWyvpP54khcMxvXQ4GIzYlXyKZWK8UFNoDWxd+HTm4fy
mTluDhQUHf4jHiKa1Uw38KRuvP0XshADia6b0ef3vPbXEpLDS6Y2fO3CR8iBIeUh
DLCRlPWz2olRfojrKrg5tq3LMdiJ/Fogn4meI5gE9VnShHtAUtcDBqzW3MEM9ytA
dTrfumc1vHDecqX5Aw5RAnfN20ot9yBnucCvEGjh5Ot4hE09bR1yW27LrcGFsNZa
Tq/LoNzHMZ4Ykp7K4v2LwNOlQB05lxN67qkSI06ro9x11wps6geBSNO0gXxc7LPs
Bt1bfSF5afm+kf8g1+l/lD5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:16 2024 by rpki-client on console-ams.rpki-client.org