Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a64edb-4ff0-4d5c-b153-75752a205a0f/1/sDPp93yFKMw4WJAq8onUsDTe4uU.roa
File:                     sDPp93yFKMw4WJAq8onUsDTe4uU.roa (raw, json)
Hash identifier:          aY3VfhFPMX3mTGJgE/CXQuz6sSWL6vEcskv5WwY5pXs=
Subject key identifier:   B0:33:E9:F7:7C:85:28:CC:38:58:90:2A:F2:89:D4:B0:34:DE:E2:E5
Certificate issuer:       /CN=cdbadc4938878971f916dc26093e5b17199e81df
Certificate serial:       B07D0F
Authority key identifier: CD:BA:DC:49:38:87:89:71:F9:16:DC:26:09:3E:5B:17:19:9E:81:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbrcSTiHiXH5FtwmCT5bFxmegd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/a64edb-4ff0-4d5c-b153-75752a205a0f/1/sDPp93yFKMw4WJAq8onUsDTe4uU.roa
Signing time:             Sat 01 Jan 2022 07:52:44 +0000
ROA not before:           Sat 01 Jan 2022 07:52:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211432
IP address blocks:        62.204.55.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11566351 (0xb07d0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbadc4938878971f916dc26093e5b17199e81df
        Validity
            Not Before: Jan  1 07:52:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b033e9f77c8528cc3858902af289d4b034dee2e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:60:65:b9:4b:12:9f:80:a4:10:d8:90:c1:68:
                    b2:80:48:cd:6e:6d:2f:53:5c:d3:24:58:c0:8c:0a:
                    89:b0:17:56:a9:bc:4c:97:97:be:c3:3b:5d:52:54:
                    4c:ed:17:b4:8d:e1:63:2b:4a:d9:a9:14:dd:79:1d:
                    6c:67:12:87:20:26:05:10:92:7b:2a:20:07:09:2c:
                    a5:1b:c8:95:e2:35:1f:ca:1d:4a:3b:ee:a0:5e:a9:
                    bc:81:d1:7b:1c:d6:b1:51:c7:a4:c8:80:5e:63:0d:
                    72:4d:52:5f:9f:ae:75:4b:ac:e5:2b:aa:fd:42:a8:
                    ad:e7:df:99:43:51:da:88:1d:e8:85:f0:6f:87:01:
                    66:35:76:09:91:62:87:78:1d:9a:6b:86:3d:7d:13:
                    26:4e:84:2c:81:f6:cc:58:6a:cc:a3:66:1b:1d:2d:
                    c1:87:ad:3e:eb:74:29:23:71:f3:8f:df:e2:49:1d:
                    18:1c:e9:f8:10:8f:6c:bc:78:1b:62:2d:de:04:45:
                    2a:b9:71:de:7c:40:16:9a:9a:85:84:be:3f:9f:f6:
                    47:6f:bf:44:8a:76:01:de:87:04:40:99:09:a2:5a:
                    3c:c7:00:15:cd:8d:7a:c3:72:a1:31:21:de:d2:fe:
                    9e:e0:57:36:12:66:8e:df:5e:31:56:05:69:26:36:
                    95:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:33:E9:F7:7C:85:28:CC:38:58:90:2A:F2:89:D4:B0:34:DE:E2:E5
            X509v3 Authority Key Identifier:
                keyid:CD:BA:DC:49:38:87:89:71:F9:16:DC:26:09:3E:5B:17:19:9E:81:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbrcSTiHiXH5FtwmCT5bFxmegd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a64edb-4ff0-4d5c-b153-75752a205a0f/1/sDPp93yFKMw4WJAq8onUsDTe4uU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a64edb-4ff0-4d5c-b153-75752a205a0f/1/zbrcSTiHiXH5FtwmCT5bFxmegd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:d0:a0:bf:3e:f5:8a:b2:85:3a:aa:70:91:bd:39:27:23:19:
         f0:09:66:a3:37:a4:4e:82:00:c4:fd:64:6a:08:63:3c:89:83:
         96:8b:a0:02:ac:fe:93:77:1f:77:80:ed:3e:0e:19:47:d8:63:
         c4:23:69:20:c3:d7:03:f5:ea:c6:1a:be:07:5a:0e:13:a4:39:
         6f:3c:ad:d0:85:db:b0:1e:ed:df:cd:59:16:fc:68:65:1e:9a:
         d8:79:93:60:d6:5d:9d:53:55:ef:09:6a:53:07:a9:9d:fe:ec:
         be:c3:ff:1a:dd:96:79:78:9c:a4:7d:4c:dc:be:07:4b:1c:a7:
         d6:36:d9:11:de:47:ba:dd:56:23:d7:b2:27:56:97:33:48:00:
         be:d0:e9:8a:1a:07:5a:dd:5a:9d:99:68:f2:aa:3d:85:d4:e3:
         ef:6f:f1:a5:69:40:98:28:b0:6f:28:d9:83:b2:4c:d7:b5:0f:
         eb:4c:f8:e8:ca:d8:d4:77:b3:01:b5:27:38:5a:04:a4:db:40:
         86:05:c5:4c:e2:1c:6e:c8:d2:59:7d:35:ba:2a:83:06:df:d3:
         78:d7:98:6b:fb:9e:f0:c0:7e:56:ed:88:15:89:78:01:1c:d9:
         49:65:31:07:c0:15:22:fe:cf:d5:f1:46:4c:f5:b2:50:93:34:
         40:9f:52:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALB9DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGJhZGM0OTM4ODc4OTcxZjkxNmRjMjYwOTNlNWIxNzE5OWU4MWRmMB4XDTIyMDEw
MTA3NTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAzM2U5Zjc3Yzg1
MjhjYzM4NTg5MDJhZjI4OWQ0YjAzNGRlZTJlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhgZblLEp+ApBDYkMFosoBIzW5tL1Nc0yRYwIwKibAXVqm8
TJeXvsM7XVJUTO0XtI3hYytK2akU3XkdbGcShyAmBRCSeyogBwkspRvIleI1H8od
SjvuoF6pvIHRexzWsVHHpMiAXmMNck1SX5+udUus5Suq/UKoreffmUNR2ogd6IXw
b4cBZjV2CZFih3gdmmuGPX0TJk6ELIH2zFhqzKNmGx0twYetPut0KSNx84/f4kkd
GBzp+BCPbLx4G2It3gRFKrlx3nxAFpqahYS+P5/2R2+/RIp2Ad6HBECZCaJaPMcA
Fc2NesNyoTEh3tL+nuBXNhJmjt9eMVYFaSY2laMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSwM+n3fIUozDhYkCryidSwNN7i5TAfBgNVHSMEGDAWgBTNutxJOIeJcfkW
3CYJPlsXGZ6B3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3picmNTVGlIaVhINUZ0d21DVDViRnhtZWdkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvYTY0ZWRiLTRmZjAtNGQ1Yy1iMTUzLTc1NzUyYTIwNWEwZi8x
L3NEUHA5M3lGS013NFdKQXE4b25Vc0RUZTR1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
YTY0ZWRiLTRmZjAtNGQ1Yy1iMTUzLTc1NzUyYTIwNWEwZi8xL3picmNTVGlIaVhI
NUZ0d21DVDViRnhtZWdkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7MNzANBgkqhkiG9w0BAQsFAAOC
AQEABNCgvz71irKFOqpwkb05JyMZ8AlmozekToIAxP1kaghjPImDlougAqz+k3cf
d4DtPg4ZR9hjxCNpIMPXA/Xqxhq+B1oOE6Q5bzyt0IXbsB7t381ZFvxoZR6a2HmT
YNZdnVNV7wlqUwepnf7svsP/Gt2WeXicpH1M3L4HSxyn1jbZEd5Hut1WI9eyJ1aX
M0gAvtDpihoHWt1anZlo8qo9hdTj72/xpWlAmCiwbyjZg7JM17UP60z46MrY1Hez
AbUnOFoEpNtAhgXFTOIcbsjSWX01uiqDBt/TeNeYa/ue8MB+Vu2IFYl4ARzZSWUx
B8AVIv7P1fFGTPWyUJM0QJ9SIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org