Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/_fOr8SjX9vZLqgoQ5yNy6C3KWVw.roa
File:                     _fOr8SjX9vZLqgoQ5yNy6C3KWVw.roa (raw, json)
Hash identifier:          wsh1oEYYsEmLKz2XP3rxAtCR9T6l0LL1KL3K/9qv9R0=
Subject key identifier:   FD:F3:AB:F1:28:D7:F6:F6:4B:AA:0A:10:E7:23:72:E8:2D:CA:59:5C
Certificate issuer:       /CN=7bec7ab82baa073bb12e62cb4d04c3e06ce97cfa
Certificate serial:       01856FD50D69A46401AE6A2DE5455236BE25
Authority key identifier: 7B:EC:7A:B8:2B:AA:07:3B:B1:2E:62:CB:4D:04:C3:E0:6C:E9:7C:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e-x6uCuqBzuxLmLLTQTD4GzpfPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/_fOr8SjX9vZLqgoQ5yNy6C3KWVw.roa
Signing time:             Mon 02 Jan 2023 00:15:11 +0000
ROA not before:           Mon 02 Jan 2023 00:15:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5511
IP address blocks:        91.240.228.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:0d:69:a4:64:01:ae:6a:2d:e5:45:52:36:be:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bec7ab82baa073bb12e62cb4d04c3e06ce97cfa
        Validity
            Not Before: Jan  2 00:15:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdf3abf128d7f6f64baa0a10e72372e82dca595c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:85:21:6a:61:27:46:54:a6:ad:5e:be:f2:ab:
                    c1:42:0a:b8:bf:26:16:1e:5b:93:ca:bd:88:90:23:
                    db:54:45:bd:3e:24:5b:8a:7a:fe:c5:ba:a3:aa:b4:
                    51:3c:79:6a:19:4b:40:c3:ba:00:68:d0:13:ce:09:
                    9a:a4:a7:65:3a:b9:5a:df:11:f2:a9:37:f0:3e:04:
                    66:50:b6:df:83:db:d4:78:cc:e0:1c:b0:ba:7a:e2:
                    d8:99:9f:f3:1c:f9:80:c5:86:4c:ee:18:17:9a:3c:
                    1a:2c:eb:0a:5f:0f:ab:24:67:86:48:bf:91:f0:83:
                    ab:d6:d0:e8:48:5a:a4:3e:52:0d:f2:d2:2c:cd:43:
                    2b:a4:b0:aa:95:2c:57:82:53:42:15:40:94:d2:24:
                    5b:2e:9f:56:1b:40:93:f2:12:f3:0f:6b:92:27:1b:
                    69:ce:1a:83:d0:f5:89:f3:38:8a:d7:2a:4b:7b:97:
                    1f:96:f0:0c:3b:25:93:b5:f2:57:dc:f7:67:ab:47:
                    96:b6:1e:4c:08:d9:51:11:79:75:d1:ef:1a:cc:1d:
                    83:f3:dc:79:cf:1d:4e:ce:6b:83:75:ab:ea:27:62:
                    c4:0b:3c:8e:48:52:d3:7e:02:03:49:fb:72:8f:22:
                    f5:55:88:54:a9:9f:5a:07:4b:80:6b:c1:a7:d9:f6:
                    12:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:F3:AB:F1:28:D7:F6:F6:4B:AA:0A:10:E7:23:72:E8:2D:CA:59:5C
            X509v3 Authority Key Identifier:
                keyid:7B:EC:7A:B8:2B:AA:07:3B:B1:2E:62:CB:4D:04:C3:E0:6C:E9:7C:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-x6uCuqBzuxLmLLTQTD4GzpfPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/_fOr8SjX9vZLqgoQ5yNy6C3KWVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/011ee3-8bb5-4646-a5a3-73ac1975f698/1/e-x6uCuqBzuxLmLLTQTD4GzpfPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:35:f6:a3:7c:bd:1f:fa:1c:d3:0d:9f:e1:4a:b7:e3:e1:b8:
         2f:11:5a:8c:95:9a:62:10:03:33:d2:45:e5:65:07:48:40:72:
         49:e8:ef:24:4c:34:f2:c4:39:fd:ac:68:fd:1f:32:6e:1e:a7:
         17:c7:b4:e6:6f:ec:74:01:26:d2:c4:55:ac:bf:a6:6c:48:1c:
         44:bb:66:2e:0c:c9:5a:23:35:51:96:f4:0d:54:d0:11:b6:93:
         5e:bc:ff:10:43:2b:35:a8:53:5a:d3:5d:e4:df:07:c2:94:6e:
         37:8b:53:57:c5:af:8d:09:7f:a0:f0:1e:fc:2d:33:67:74:23:
         02:7b:46:39:ae:97:38:82:6b:a7:9f:37:f5:b3:83:2f:d3:70:
         ef:48:62:e4:d3:ef:6a:f4:d2:e2:3c:b5:9d:38:73:8a:76:53:
         93:f3:c9:eb:11:17:8e:f3:85:56:e7:50:36:0f:2d:c2:53:3d:
         36:f9:60:8e:f6:0e:f2:7c:72:76:58:eb:47:26:cd:97:3b:45:
         b9:e2:56:2d:27:5c:fb:02:5e:a4:b2:f2:82:6e:24:ac:75:14:
         72:cb:41:5e:17:aa:b0:41:93:f6:43:1f:44:bd:94:9d:df:ba:
         f1:8f:72:e5:60:9a:66:9b:68:9f:c8:33:20:5d:7a:e9:63:53:
         56:c1:c6:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Q1ppGQBrmot5UVSNr4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWM3YWI4MmJhYTA3M2JiMTJlNjJjYjRkMDRjM2UwNmNl
OTdjZmEwHhcNMjMwMTAyMDAxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGYzYWJmMTI4ZDdmNmY2NGJhYTBhMTBlNzIzNzJlODJkY2E1OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIUhamEnRlSmrV6+8qvBQgq4vyYW
HluTyr2IkCPbVEW9PiRbinr+xbqjqrRRPHlqGUtAw7oAaNATzgmapKdlOrla3xHy
qTfwPgRmULbfg9vUeMzgHLC6euLYmZ/zHPmAxYZM7hgXmjwaLOsKXw+rJGeGSL+R
8IOr1tDoSFqkPlIN8tIszUMrpLCqlSxXglNCFUCU0iRbLp9WG0CT8hLzD2uSJxtp
zhqD0PWJ8ziK1ypLe5cflvAMOyWTtfJX3Pdnq0eWth5MCNlREXl10e8azB2D89x5
zx1OzmuDdavqJ2LECzyOSFLTfgIDSftyjyL1VYhUqZ9aB0uAa8Gn2fYSFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3zq/Eo1/b2S6oKEOcjcugtyllcMB8GA1UdIwQY
MBaAFHvsergrqgc7sS5iy00Ew+Bs6Xz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS14NnVDdXFCenV4TG1MTFRRVEQ0R3pwZlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wMTFlZTMtOGJiNS00NjQ2LWE1YTMt
NzNhYzE5NzVmNjk4LzEvX2ZPcjhTalg5dlpMcWdvUTV5Tnk2QzNLV1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wMTFlZTMtOGJiNS00NjQ2LWE1YTMtNzNhYzE5NzVmNjk4
LzEvZS14NnVDdXFCenV4TG1MTFRRVEQ0R3pwZlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DkMA0G
CSqGSIb3DQEBCwUAA4IBAQBkNfajfL0f+hzTDZ/hSrfj4bgvEVqMlZpiEAMz0kXl
ZQdIQHJJ6O8kTDTyxDn9rGj9HzJuHqcXx7Tmb+x0ASbSxFWsv6ZsSBxEu2YuDMla
IzVRlvQNVNARtpNevP8QQys1qFNa013k3wfClG43i1NXxa+NCX+g8B78LTNndCMC
e0Y5rpc4gmunnzf1s4Mv03DvSGLk0+9q9NLiPLWdOHOKdlOT88nrEReO84VW51A2
Dy3CUz02+WCO9g7yfHJ2WOtHJs2XO0W54lYtJ1z7Al6ksvKCbiSsdRRyy0FeF6qw
QZP2Qx9EvZSd37rxj3LlYJpmm2ifyDMgXXrpY1NWwcbA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:56 2024 by rpki-client on console-fra.rpki-client.org