Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/LhBuvDODkrDeMRPW255kUguSxEg.roa
File:                     LhBuvDODkrDeMRPW255kUguSxEg.roa (raw, json)
Hash identifier:          pBJtiLT8XC7/3Ix1HHnjrLQZftIBDCcGk/LdXsahTtc=
Subject key identifier:   2E:10:6E:BC:33:83:92:B0:DE:31:13:D6:DB:9E:64:52:0B:92:C4:48
Certificate issuer:       /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial:       018E4CDD743EA109263BC9199FC14AE32461
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/LhBuvDODkrDeMRPW255kUguSxEg.roa
Signing time:             Sun 17 Mar 2024 14:42:45 +0000
ROA not before:           Sun 17 Mar 2024 14:42:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51741
IP address blocks:        91.217.219.0/24 maxlen: 24
                          2a12:62c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:4c:dd:74:3e:a1:09:26:3b:c9:19:9f:c1:4a:e3:24:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
        Validity
            Not Before: Mar 17 14:42:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2e106ebc338392b0de3113d6db9e64520b92c448
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3b:5f:a8:a4:e4:55:2c:c8:3b:b4:bd:90:da:
                    d0:77:20:40:27:3a:1a:95:61:2a:bd:7f:37:39:a6:
                    da:b4:6a:18:01:40:c7:af:3d:38:a7:c4:a9:70:8f:
                    ce:1d:f0:5e:f3:e7:79:79:f3:71:4b:da:34:f1:94:
                    bf:a8:71:64:c9:fd:77:23:b6:15:30:bd:47:a9:fd:
                    6f:85:d7:63:4f:78:07:f9:19:e6:8a:d3:79:4a:93:
                    9c:a3:68:eb:33:6f:3b:e3:fd:87:09:72:3c:fa:11:
                    64:ea:6f:a6:a1:4f:44:3d:b7:95:2f:4d:73:08:e3:
                    c5:09:f7:50:05:80:13:2f:de:1e:f4:7a:01:f2:24:
                    58:98:68:fa:a3:ef:be:14:42:75:23:df:9c:35:2c:
                    b5:eb:ba:53:bb:40:58:e2:ed:a8:d5:74:29:ca:79:
                    53:6f:55:44:69:06:0f:33:43:f4:46:f7:6f:39:d9:
                    41:97:03:0b:b6:99:87:a3:da:55:ad:69:6a:95:96:
                    7b:eb:36:70:8a:da:db:ee:a9:88:97:f5:70:5b:ee:
                    b0:70:ca:59:0f:e5:25:e3:7e:3a:2b:61:32:bf:71:
                    34:d4:a4:4f:c5:e7:bf:03:5a:88:47:3d:ea:ca:9f:
                    11:eb:aa:aa:d1:52:d4:9a:69:4b:e2:57:d0:b9:75:
                    5a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:10:6E:BC:33:83:92:B0:DE:31:13:D6:DB:9E:64:52:0B:92:C4:48
            X509v3 Authority Key Identifier:
                keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/LhBuvDODkrDeMRPW255kUguSxEg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.219.0/24
                IPv6:
                  2a12:62c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         96:ac:28:4e:0b:2b:fe:e0:b0:bb:9d:b6:c7:0a:1b:ff:0e:e0:
         8d:2f:2c:bb:23:3a:14:ed:af:d3:74:8f:17:72:d9:1e:ea:ea:
         11:d5:cf:8a:54:24:b4:11:02:f4:05:b6:a0:a1:d4:e8:9a:4d:
         be:d8:76:28:36:d7:0a:fc:f4:28:c3:97:d4:10:fd:39:c7:1e:
         da:9d:ca:45:7f:48:96:84:20:9b:3f:af:a8:fb:b3:12:3a:e0:
         79:b0:36:70:03:3d:8d:4b:4b:32:47:f2:97:f4:57:51:0f:b2:
         ba:85:6a:1a:25:83:f5:4f:cd:6c:05:93:1b:c8:03:f6:5f:23:
         cf:59:92:56:30:75:95:43:92:e7:1a:51:cb:82:f4:eb:f2:04:
         ea:a9:aa:af:0b:d4:97:75:4a:8e:ef:c4:9b:8c:37:07:6a:52:
         5f:7e:9a:ac:83:fe:22:1d:e9:21:e4:d9:07:3e:0c:da:79:2b:
         11:d1:63:e2:2f:87:42:6f:ea:72:36:f2:83:44:f3:b5:0e:fa:
         f0:d0:84:bb:34:80:71:93:01:d4:6d:ef:2c:89:02:97:2d:53:
         3a:f2:12:b7:b9:12:cc:cb:3e:90:ff:2d:d2:23:90:fb:0d:33:
         a3:7b:bf:52:12:96:10:0d:d6:fc:3a:d0:e2:fb:d3:e7:39:c2:
         c0:31:67:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5M3XQ+oQkmO8kZn8FK4yRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjQwMzE3MTQ0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTEwNmViYzMzODM5MmIwZGUzMTEzZDZkYjllNjQ1MjBiOTJjNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDtfqKTkVSzIO7S9kNrQdyBAJzoa
lWEqvX83OabatGoYAUDHrz04p8SpcI/OHfBe8+d5efNxS9o08ZS/qHFkyf13I7YV
ML1Hqf1vhddjT3gH+RnmitN5SpOco2jrM2874/2HCXI8+hFk6m+moU9EPbeVL01z
COPFCfdQBYATL94e9HoB8iRYmGj6o+++FEJ1I9+cNSy167pTu0BY4u2o1XQpynlT
b1VEaQYPM0P0RvdvOdlBlwMLtpmHo9pVrWlqlZZ76zZwitrb7qmIl/VwW+6wcMpZ
D+Ul4346K2Eyv3E01KRPxee/A1qIRz3qyp8R66qq0VLUmmlL4lfQuXVaCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC4Qbrwzg5Kw3jET1tueZFILksRIMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvTGhCdXZET0RrckRlTVJQVzI1NWtVZ3VTeEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQCWrChOCyv+4LC7nbbHChv/
DuCNLyy7IzoU7a/TdI8Xctke6uoR1c+KVCS0EQL0BbagodTomk2+2HYoNtcK/PQo
w5fUEP05xx7ancpFf0iWhCCbP6+o+7MSOuB5sDZwAz2NS0syR/KX9FdRD7K6hWoa
JYP1T81sBZMbyAP2XyPPWZJWMHWVQ5LnGlHLgvTr8gTqqaqvC9SXdUqO78SbjDcH
alJffpqsg/4iHekh5NkHPgzaeSsR0WPiL4dCb+pyNvKDRPO1Dvrw0IS7NIBxkwHU
be8siQKXLVM68hK3uRLMyz6Q/y3SI5D7DTOje79SEpYQDdb8OtDi+9PnOcLAMWcW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:02 2024 by rpki-client on console-fra.rpki-client.org