Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/WpnyPY7TEaBMNr-mPtLhdQWOyfE.roa
File:                     WpnyPY7TEaBMNr-mPtLhdQWOyfE.roa (raw, json)
Hash identifier:          wX0n0CdfVmCsVysrr28VBHUboaed3VpTQlgRv3MJzFs=
Subject key identifier:   5A:99:F2:3D:8E:D3:11:A0:4C:36:BF:A6:3E:D2:E1:75:05:8E:C9:F1
Certificate issuer:       /CN=a277da980517a7d80b1de765a0c4d0b22c11415e
Certificate serial:       C7E88E
Authority key identifier: A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/WpnyPY7TEaBMNr-mPtLhdQWOyfE.roa
Signing time:             Sat 01 Jan 2022 02:59:13 +0000
ROA not before:           Sat 01 Jan 2022 02:59:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18779
IP address blocks:        2a11:73c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13101198 (0xc7e88e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a277da980517a7d80b1de765a0c4d0b22c11415e
        Validity
            Not Before: Jan  1 02:59:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a99f23d8ed311a04c36bfa63ed2e175058ec9f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:76:d8:0d:2c:81:c6:1f:71:15:4d:29:fb:70:
                    b4:50:98:69:a7:97:f9:7b:e1:14:d1:df:f6:83:1f:
                    a8:9d:36:ab:47:95:e2:7c:10:af:79:1f:a5:91:77:
                    a0:58:d7:ce:88:73:62:3d:6b:c5:45:ff:c3:10:da:
                    61:64:a2:27:49:e0:f1:60:e7:e5:11:28:2a:be:80:
                    e5:a3:07:b2:15:e7:69:a5:40:5d:80:c1:30:5b:7c:
                    97:77:0f:09:93:ca:02:c9:58:1f:c1:6d:67:43:fe:
                    28:7c:52:3b:75:80:e3:77:c0:d6:c6:ca:4e:6f:d6:
                    76:38:14:22:63:3a:a3:cc:06:63:09:62:e9:0c:a8:
                    3c:77:e8:f6:8d:4d:b3:30:05:c3:f5:36:10:eb:fa:
                    1d:1f:3c:c1:18:ff:8b:b8:1c:1c:83:20:90:ae:f9:
                    eb:a0:f7:52:07:54:69:82:5c:a6:16:ae:86:ea:9a:
                    bd:7b:b3:27:27:f2:77:e2:ea:aa:0b:dc:55:1a:20:
                    1b:a4:f4:22:02:70:a2:1a:04:05:b0:06:38:f5:a8:
                    10:e3:ba:31:3e:c6:d9:f0:88:ed:38:3f:c2:11:58:
                    d3:15:65:3d:f8:35:9f:ec:6e:36:43:9e:93:b7:68:
                    ec:58:fd:f3:b4:46:c5:ae:4e:48:fb:bb:c8:70:54:
                    76:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:99:F2:3D:8E:D3:11:A0:4C:36:BF:A6:3E:D2:E1:75:05:8E:C9:F1
            X509v3 Authority Key Identifier:
                keyid:A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/WpnyPY7TEaBMNr-mPtLhdQWOyfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/onfamAUXp9gLHedloMTQsiwRQV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:73c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         08:4f:dc:d3:6a:93:ef:66:7d:78:63:12:96:f1:49:b2:92:c9:
         ee:8e:18:dd:e9:f2:92:d2:f2:dd:3e:5a:ef:1f:c7:e4:de:dd:
         66:52:58:5d:70:22:2a:67:4d:ab:1e:69:a5:99:ff:96:95:16:
         17:a3:cc:f9:7d:2d:c5:d6:d8:fe:78:fe:b5:af:37:d2:6e:03:
         78:d6:e9:8b:9f:59:4d:cd:41:11:a7:b3:b4:76:9c:34:1a:b1:
         ee:b2:10:47:22:df:ef:ec:eb:11:61:52:00:ba:cf:3e:b7:a9:
         5d:26:75:94:ef:1c:98:6a:80:3d:d3:4b:30:ad:4f:5c:bf:47:
         a5:93:f6:81:13:ed:c0:31:9b:76:bf:af:1d:fa:3b:25:ad:c6:
         52:40:a3:fe:c5:18:76:c0:d4:19:97:50:fe:71:d4:34:35:04:
         97:05:83:10:d1:ff:20:29:b8:7b:01:db:01:7d:13:7e:2a:ec:
         7e:1c:ab:03:1e:7f:c4:6a:54:d9:66:c4:6d:55:e3:4e:1a:38:
         e0:d7:7a:39:93:f7:c6:34:ff:10:ba:fe:f6:19:b3:62:e6:e0:
         c9:a6:19:8b:67:f1:1c:61:a9:bd:3b:1d:3a:71:1d:ac:ae:08:
         cc:71:bb:fe:01:2c:a6:2a:2f:c3:2c:57:3a:69:ef:90:4f:9a:
         fa:5f:31:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAMfojjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Mjc3ZGE5ODA1MTdhN2Q4MGIxZGU3NjVhMGM0ZDBiMjJjMTE0MTVlMB4XDTIyMDEw
MTAyNTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE5OWYyM2Q4ZWQz
MTFhMDRjMzZiZmE2M2VkMmUxNzUwNThlYzlmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMF22A0sgcYfcRVNKftwtFCYaaeX+XvhFNHf9oMfqJ02q0eV
4nwQr3kfpZF3oFjXzohzYj1rxUX/wxDaYWSiJ0ng8WDn5REoKr6A5aMHshXnaaVA
XYDBMFt8l3cPCZPKAslYH8FtZ0P+KHxSO3WA43fA1sbKTm/WdjgUImM6o8wGYwli
6QyoPHfo9o1NszAFw/U2EOv6HR88wRj/i7gcHIMgkK7566D3UgdUaYJcphauhuqa
vXuzJyfyd+LqqgvcVRogG6T0IgJwohoEBbAGOPWoEOO6MT7G2fCI7Tg/whFY0xVl
Pfg1n+xuNkOek7do7Fj987RGxa5OSPu7yHBUds8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRamfI9jtMRoEw2v6Y+0uF1BY7J8TAfBgNVHSMEGDAWgBSid9qYBRen2Asd
52WgxNCyLBFBXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29uZmFtQVVYcDlnTEhlZGxvTVRRc2l3UlFWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZjAyYTljLTgzMzYtNDcxMy1iNGU1LTZlNDUzNGQzYzIyMC8x
L1dwbnlQWTdURWFCTU5yLW1QdExoZFFXT3lmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZjAyYTljLTgzMzYtNDcxMy1iNGU1LTZlNDUzNGQzYzIyMC8xL29uZmFtQVVYcDln
TEhlZGxvTVRRc2l3UlFWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRc8AwDQYJKoZIhvcNAQELBQAD
ggEBAAhP3NNqk+9mfXhjEpbxSbKSye6OGN3p8pLS8t0+Wu8fx+Te3WZSWF1wIipn
TaseaaWZ/5aVFhejzPl9LcXW2P54/rWvN9JuA3jW6YufWU3NQRGns7R2nDQase6y
EEci3+/s6xFhUgC6zz63qV0mdZTvHJhqgD3TSzCtT1y/R6WT9oET7cAxm3a/rx36
OyWtxlJAo/7FGHbA1BmXUP5x1DQ1BJcFgxDR/yApuHsB2wF9E34q7H4cqwMef8Rq
VNlmxG1V404aOODXejmT98Y0/xC6/vYZs2Lm4MmmGYtn8Rxhqb07HTpxHayuCMxx
u/4BLKYqL8MsVzpp75BPmvpfMSk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org