Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/6nI0MPGLwSdatN2mc5moNfP_G1w.roa
File:                     6nI0MPGLwSdatN2mc5moNfP_G1w.roa (raw, json)
Hash identifier:          3/DN9V0eaLNIXK0Cjtg88PdHuXKomSFzhnQsRrkMqk0=
Subject key identifier:   EA:72:34:30:F1:8B:C1:27:5A:B4:DD:A6:73:99:A8:35:F3:FF:1B:5C
Certificate issuer:       /CN=a277da980517a7d80b1de765a0c4d0b22c11415e
Certificate serial:       01856B8A00A02F95C45F474E9C5666430EAC
Authority key identifier: A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/6nI0MPGLwSdatN2mc5moNfP_G1w.roa
Signing time:             Sun 01 Jan 2023 04:14:44 +0000
ROA not before:           Sun 01 Jan 2023 04:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        217.114.32.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:8a:00:a0:2f:95:c4:5f:47:4e:9c:56:66:43:0e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a277da980517a7d80b1de765a0c4d0b22c11415e
        Validity
            Not Before: Jan  1 04:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea723430f18bc1275ab4dda67399a835f3ff1b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:00:86:86:cc:71:7b:8b:15:83:7f:6f:68:4c:
                    5e:60:e6:c9:8a:4f:59:c4:09:17:0e:88:4d:df:02:
                    9c:6b:39:bb:47:50:c7:9e:76:25:9d:c6:42:ab:88:
                    c6:9e:28:b1:18:0c:05:e6:e2:db:3b:ec:5d:df:de:
                    37:b0:12:1e:6c:29:e3:d8:17:8f:23:de:46:2a:5b:
                    56:6f:dd:62:96:83:fc:67:aa:46:1f:68:fd:33:e0:
                    d6:93:74:47:98:87:a8:65:3f:02:80:af:94:c8:01:
                    eb:82:b4:34:95:31:e5:d2:fd:6e:7a:58:8d:98:f8:
                    e8:9f:04:da:5a:cc:a8:39:22:73:0c:9f:83:44:e4:
                    ef:b0:08:6f:ba:f0:7d:cb:06:68:57:2f:ae:25:0e:
                    15:8a:6c:0a:bf:a0:42:ca:a3:6e:8f:81:e8:17:5e:
                    7a:db:09:9e:43:48:da:26:24:80:91:b8:ae:c8:2e:
                    7b:cc:0e:aa:e0:71:68:65:29:5d:62:3d:3d:46:0c:
                    a5:e9:7b:1e:d1:c9:a0:8c:ed:00:79:bd:f9:f6:a4:
                    0c:5c:23:3c:b7:30:9a:fd:12:9a:52:e7:0f:15:4a:
                    9b:8f:c6:c0:e0:d3:37:f8:a4:c2:bb:18:e8:27:bb:
                    c8:e9:dd:15:60:da:e3:bc:06:74:d1:25:ec:73:82:
                    9b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:72:34:30:F1:8B:C1:27:5A:B4:DD:A6:73:99:A8:35:F3:FF:1B:5C
            X509v3 Authority Key Identifier:
                keyid:A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/6nI0MPGLwSdatN2mc5moNfP_G1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/onfamAUXp9gLHedloMTQsiwRQV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.114.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:9c:fc:a4:7f:2c:03:c2:5c:2b:1e:0e:ad:b4:36:4b:93:47:
         18:d3:8e:4f:ca:14:17:51:04:6b:da:6e:a8:e6:d6:48:10:37:
         33:17:0a:db:74:d7:26:d9:89:71:8e:c8:de:6c:d3:2b:90:cc:
         2f:72:48:68:8a:64:9a:61:b6:01:bd:f2:82:74:06:ce:cf:52:
         48:86:54:4f:63:27:8e:5e:52:18:0d:61:8c:b7:16:34:5d:45:
         f8:d0:bb:03:8d:80:3b:d7:eb:3c:2d:0c:ff:5d:b2:dd:e5:42:
         a2:a8:53:c4:d0:01:30:59:ce:ab:26:8d:75:83:95:5d:37:b4:
         a7:4d:1b:a9:7d:bc:13:5d:b8:31:22:22:24:9f:73:f6:b7:64:
         5d:0e:76:cb:b2:3d:97:63:26:cb:32:49:0e:36:a8:cb:7b:3c:
         11:02:95:fe:df:06:14:f6:ae:7b:12:bc:8c:22:82:a0:48:37:
         f7:8f:89:23:2c:cc:d0:65:dc:b0:f2:11:6c:98:f5:a9:cb:5c:
         40:cf:4a:10:b9:b4:47:7b:31:93:c4:b8:17:7a:2d:05:92:70:
         82:4d:2b:d9:f0:25:d6:a5:f6:e5:d2:91:4b:64:d9:e8:e4:97:
         ec:bc:1a:08:a5:aa:b6:5c:b4:c7:b6:d8:eb:4d:22:68:19:51:
         c4:c9:56:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrigCgL5XEX0dOnFZmQw6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzdkYTk4MDUxN2E3ZDgwYjFkZTc2NWEwYzRkMGIyMmMx
MTQxNWUwHhcNMjMwMTAxMDQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTcyMzQzMGYxOGJjMTI3NWFiNGRkYTY3Mzk5YTgzNWYzZmYxYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjACGhsxxe4sVg39vaExeYObJik9Z
xAkXDohN3wKcazm7R1DHnnYlncZCq4jGniixGAwF5uLbO+xd3943sBIebCnj2BeP
I95GKltWb91iloP8Z6pGH2j9M+DWk3RHmIeoZT8CgK+UyAHrgrQ0lTHl0v1ueliN
mPjonwTaWsyoOSJzDJ+DROTvsAhvuvB9ywZoVy+uJQ4VimwKv6BCyqNuj4HoF156
2wmeQ0jaJiSAkbiuyC57zA6q4HFoZSldYj09Rgyl6Xse0cmgjO0Aeb359qQMXCM8
tzCa/RKaUucPFUqbj8bA4NM3+KTCuxjoJ7vI6d0VYNrjvAZ00SXsc4Kb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOpyNDDxi8EnWrTdpnOZqDXz/xtcMB8GA1UdIwQY
MBaAFKJ32pgFF6fYCx3nZaDE0LIsEUFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUt
NmU0NTM0ZDNjMjIwLzEvNm5JME1QR0x3U2RhdE4ybWM1bW9OZlBfRzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUtNmU0NTM0ZDNjMjIw
LzEvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIgMA0G
CSqGSIb3DQEBCwUAA4IBAQBUnPykfywDwlwrHg6ttDZLk0cY045PyhQXUQRr2m6o
5tZIEDczFwrbdNcm2YlxjsjebNMrkMwvckhoimSaYbYBvfKCdAbOz1JIhlRPYyeO
XlIYDWGMtxY0XUX40LsDjYA71+s8LQz/XbLd5UKiqFPE0AEwWc6rJo11g5VdN7Sn
TRupfbwTXbgxIiIkn3P2t2RdDnbLsj2XYybLMkkONqjLezwRApX+3wYU9q57EryM
IoKgSDf3j4kjLMzQZdyw8hFsmPWpy1xAz0oQubRHezGTxLgXei0FknCCTSvZ8CXW
pfbl0pFLZNno5JfsvBoIpaq2XLTHttjrTSJoGVHEyVZ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:41 2024 by rpki-client on console-fra.rpki-client.org