Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/87d247-b05a-4d60-8ba7-9f4509c2ddc5/1/2zKukS8vbwFWR0hdZtgkYTNMA8g.roa
File:                     2zKukS8vbwFWR0hdZtgkYTNMA8g.roa (raw, json)
Hash identifier:          P0ZmaXjKNL3AhjLMDRx6JxSjZ45mDKcfc/lJ/c7u/3E=
Subject key identifier:   DB:32:AE:91:2F:2F:6F:01:56:47:48:5D:66:D8:24:61:33:4C:03:C8
Certificate issuer:       /CN=f07d10e2f67bd207ef5e57d0531446ba74ca1b35
Certificate serial:       01856DB86EDCDF983311F471A8BC26323362
Authority key identifier: F0:7D:10:E2:F6:7B:D2:07:EF:5E:57:D0:53:14:46:BA:74:CA:1B:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8H0Q4vZ70gfvXlfQUxRGunTKGzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/87d247-b05a-4d60-8ba7-9f4509c2ddc5/1/2zKukS8vbwFWR0hdZtgkYTNMA8g.roa
Signing time:             Sun 01 Jan 2023 14:24:41 +0000
ROA not before:           Sun 01 Jan 2023 14:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        2a12:fb00::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:b8:6e:dc:df:98:33:11:f4:71:a8:bc:26:32:33:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f07d10e2f67bd207ef5e57d0531446ba74ca1b35
        Validity
            Not Before: Jan  1 14:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db32ae912f2f6f015647485d66d82461334c03c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e0:27:6a:ed:c7:7b:71:7b:ef:0c:79:6b:44:
                    cf:5a:49:ff:3b:dc:a3:50:3e:27:f5:97:8e:2b:ab:
                    72:a5:aa:65:c3:b8:b1:fb:d6:7b:8d:d0:86:8c:81:
                    88:9c:fe:f7:a8:7c:b5:c5:3a:df:55:dc:7b:c9:49:
                    be:89:ce:f9:d9:e1:b1:47:b7:b7:1a:d6:e9:26:fe:
                    c5:61:52:82:db:cd:fc:26:4c:c9:58:be:6c:cb:f7:
                    22:38:3e:81:b7:dc:73:21:47:a4:8b:19:ce:29:6b:
                    dc:ee:fb:33:84:05:5c:39:0b:e5:bf:41:b8:c1:38:
                    ea:cb:5e:ec:1d:ef:38:e3:cc:d0:a1:72:ca:3f:72:
                    24:97:44:7e:76:79:3d:45:f9:89:66:9f:26:15:0a:
                    76:fe:43:e4:f8:cf:5a:49:ee:65:30:40:56:15:22:
                    57:ed:12:ed:3b:4c:2f:5c:e1:b4:8d:fe:5a:39:4a:
                    96:f6:5f:ff:30:9b:a0:aa:28:99:3f:21:bb:d9:28:
                    fd:0f:26:49:a7:c8:46:2f:3e:e1:77:46:56:64:0b:
                    0c:5e:20:1f:cb:6d:67:50:a8:27:0a:7e:5c:b3:c0:
                    b9:73:54:bb:dd:38:2b:f5:ea:ba:d4:d2:56:89:42:
                    c9:35:0f:87:f1:ef:2e:7d:a6:02:70:4f:dd:2d:2c:
                    e4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:32:AE:91:2F:2F:6F:01:56:47:48:5D:66:D8:24:61:33:4C:03:C8
            X509v3 Authority Key Identifier:
                keyid:F0:7D:10:E2:F6:7B:D2:07:EF:5E:57:D0:53:14:46:BA:74:CA:1B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8H0Q4vZ70gfvXlfQUxRGunTKGzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/87d247-b05a-4d60-8ba7-9f4509c2ddc5/1/2zKukS8vbwFWR0hdZtgkYTNMA8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/87d247-b05a-4d60-8ba7-9f4509c2ddc5/1/8H0Q4vZ70gfvXlfQUxRGunTKGzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:fb00::/29

    Signature Algorithm: sha256WithRSAEncryption
         d4:08:cc:a4:0c:21:2b:91:88:ca:bd:9c:ee:c0:32:b2:2a:b0:
         a2:b8:c6:bf:3d:2e:b2:d9:71:14:32:92:b8:6d:ea:96:9d:a8:
         a9:4f:ac:ed:eb:91:d8:0e:eb:ce:6b:26:a0:37:53:3b:f7:51:
         9d:77:c2:b7:fb:82:0c:6b:66:44:22:11:e5:2f:58:7e:9a:be:
         ec:a7:ee:01:d6:48:66:7f:af:0e:35:f4:19:5a:1f:d4:3b:00:
         c1:bc:3b:82:26:50:c9:03:e0:74:a4:66:11:08:22:d3:b6:94:
         4a:f7:8c:4d:c8:f5:9d:6b:b4:21:3c:ad:3d:01:03:ed:1e:af:
         bc:9e:3a:b2:36:31:aa:51:b9:f9:df:ec:ec:0b:2e:65:14:75:
         05:48:18:1b:c6:ad:62:b2:dd:ba:91:d0:31:47:03:bc:95:03:
         ab:55:98:fa:2e:b0:45:bb:f8:7c:2c:59:7d:e5:36:65:ee:ad:
         c1:ae:9f:8b:7b:c2:df:21:79:a5:e1:24:16:db:8e:f8:a7:32:
         db:e4:c5:07:4a:43:5a:ac:7f:1b:64:e9:3d:2a:95:e2:12:2e:
         1e:eb:5c:d5:f7:20:d8:90:f0:6a:b2:9b:74:ce:c5:30:6e:8b:
         aa:0e:f8:99:6a:1f:3d:24:79:16:c2:95:59:4f:d9:82:ee:c9:
         93:7b:f6:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtuG7c35gzEfRxqLwmMjNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwN2QxMGUyZjY3YmQyMDdlZjVlNTdkMDUzMTQ0NmJhNzRj
YTFiMzUwHhcNMjMwMTAxMTQyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMyYWU5MTJmMmY2ZjAxNTY0NzQ4NWQ2NmQ4MjQ2MTMzNGMwM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreAnau3He3F77wx5a0TPWkn/O9yj
UD4n9ZeOK6typaplw7ix+9Z7jdCGjIGInP73qHy1xTrfVdx7yUm+ic752eGxR7e3
GtbpJv7FYVKC2838JkzJWL5sy/ciOD6Bt9xzIUekixnOKWvc7vszhAVcOQvlv0G4
wTjqy17sHe8448zQoXLKP3Ikl0R+dnk9RfmJZp8mFQp2/kPk+M9aSe5lMEBWFSJX
7RLtO0wvXOG0jf5aOUqW9l//MJugqiiZPyG72Sj9DyZJp8hGLz7hd0ZWZAsMXiAf
y21nUKgnCn5cs8C5c1S73Tgr9eq61NJWiULJNQ+H8e8ufaYCcE/dLSzkLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNsyrpEvL28BVkdIXWbYJGEzTAPIMB8GA1UdIwQY
MBaAFPB9EOL2e9IH715X0FMURrp0yhs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEgwUTR2WjcwZ2Z2WGxmUVV4Ukd1blRLR3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC84N2QyNDctYjA1YS00ZDYwLThiYTct
OWY0NTA5YzJkZGM1LzEvMnpLdWtTOHZid0ZXUjBoZFp0Z2tZVE5NQThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC84N2QyNDctYjA1YS00ZDYwLThiYTctOWY0NTA5YzJkZGM1
LzEvOEgwUTR2WjcwZ2Z2WGxmUVV4Ukd1blRLR3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL7ADAN
BgkqhkiG9w0BAQsFAAOCAQEA1AjMpAwhK5GIyr2c7sAysiqworjGvz0ustlxFDKS
uG3qlp2oqU+s7euR2A7rzmsmoDdTO/dRnXfCt/uCDGtmRCIR5S9Yfpq+7KfuAdZI
Zn+vDjX0GVof1DsAwbw7giZQyQPgdKRmEQgi07aUSveMTcj1nWu0ITytPQED7R6v
vJ46sjYxqlG5+d/s7AsuZRR1BUgYG8atYrLdupHQMUcDvJUDq1WY+i6wRbv4fCxZ
feU2Ze6twa6fi3vC3yF5peEkFtuO+Kcy2+TFB0pDWqx/G2TpPSqV4hIuHutc1fcg
2JDwarKbdM7FMG6Lqg74mWofPSR5FsKVWU/Zgu7Jk3v2Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:07 2024 by rpki-client on console-fra.rpki-client.org