Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/_V7DfopnCsNq-ix2JejoKpPyqaI.roa
File:                     _V7DfopnCsNq-ix2JejoKpPyqaI.roa (raw, json)
Hash identifier:          0SkiscHLECRrdngPzV1ROAoowZjLNAyJychLY0Z3lkw=
Subject key identifier:   FD:5E:C3:7E:8A:67:0A:C3:6A:FA:2C:76:25:E8:E8:2A:93:F2:A9:A2
Certificate issuer:       /CN=a277da980517a7d80b1de765a0c4d0b22c11415e
Certificate serial:       0181F466000DAA2CD2C79BCC44183FAFA352
Authority key identifier: A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/_V7DfopnCsNq-ix2JejoKpPyqaI.roa
Signing time:             Tue 12 Jul 2022 21:52:14 +0000
ROA not before:           Tue 12 Jul 2022 21:52:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        217.114.32.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f4:66:00:0d:aa:2c:d2:c7:9b:cc:44:18:3f:af:a3:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a277da980517a7d80b1de765a0c4d0b22c11415e
        Validity
            Not Before: Jul 12 21:52:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd5ec37e8a670ac36afa2c7625e8e82a93f2a9a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:18:1d:62:f3:63:d1:a2:32:eb:8d:24:45:bf:
                    40:16:3b:92:f7:a6:4f:d3:dc:49:85:41:10:af:cb:
                    36:07:ec:e6:4c:c5:f0:4a:04:c1:cc:4b:34:e7:74:
                    5d:c6:7a:e5:a8:89:74:19:9a:80:4c:98:20:53:e4:
                    ff:21:f7:8d:69:00:e2:4c:1d:12:d4:2f:83:13:04:
                    eb:67:0b:27:c2:eb:e4:d9:fb:17:b4:f4:e0:bc:9d:
                    d6:1c:f3:5e:bd:54:d6:50:e0:34:70:ad:e0:5a:57:
                    49:2e:58:18:ea:de:db:fa:cb:bf:4c:65:ff:3a:27:
                    2a:65:29:2a:a1:4b:da:fd:8b:21:98:55:00:63:4f:
                    f3:59:0d:4f:30:57:32:2f:c5:8a:85:05:b9:a0:dd:
                    a0:40:4f:83:1a:8b:26:9e:ad:11:3b:f5:7b:24:78:
                    94:4c:3b:35:ed:7d:1c:69:78:cc:20:b8:5e:55:1a:
                    c0:ac:91:a6:c6:55:65:6f:b1:fc:ca:d2:82:3a:98:
                    4d:06:b3:e0:d5:47:09:a3:53:ae:4c:46:28:65:65:
                    4b:e2:15:db:c8:a0:c3:e2:36:28:05:e2:5e:e9:b1:
                    7d:5d:b1:10:c1:64:cd:8c:6f:ed:d9:ab:f0:d3:fa:
                    de:05:fb:75:fa:64:73:fa:20:90:4b:2f:a4:c2:85:
                    1a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:5E:C3:7E:8A:67:0A:C3:6A:FA:2C:76:25:E8:E8:2A:93:F2:A9:A2
            X509v3 Authority Key Identifier:
                keyid:A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/_V7DfopnCsNq-ix2JejoKpPyqaI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/onfamAUXp9gLHedloMTQsiwRQV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.114.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:43:0d:46:d2:83:96:9e:f6:c4:9e:f2:e1:b9:13:36:56:a0:
         ff:33:b6:53:b8:13:08:7a:f1:b4:02:2c:8b:32:2f:20:98:47:
         49:54:a3:55:af:1c:b4:b6:06:ac:ac:06:ae:1a:9d:f2:ec:c7:
         16:1b:e7:7e:91:28:e8:09:32:e6:8c:e2:30:15:3f:86:4d:c4:
         9b:24:8a:2c:dc:6e:85:3d:9c:33:2b:5f:e5:7b:4c:5d:d6:b2:
         ab:b5:2d:cd:da:11:70:3c:d5:fa:02:3a:51:e0:75:bf:5f:53:
         71:08:f3:d1:9c:ff:a6:67:82:a1:6b:d2:cb:d4:ca:f9:e6:5a:
         29:fa:6c:30:30:7f:dd:2e:d4:0d:da:f9:82:17:5a:66:56:ad:
         0b:06:d3:4d:83:76:18:4d:ca:12:11:c0:2b:0b:b2:96:c8:13:
         a4:1d:86:29:7e:1e:6f:e0:b7:ff:0d:85:4d:ef:b0:a1:42:5b:
         bc:f6:73:72:f9:95:f4:bb:71:f0:db:d0:cd:74:64:a4:34:1b:
         89:d4:14:31:07:e8:35:c5:c2:45:c4:68:f6:ab:71:d6:be:19:
         da:5c:76:17:47:75:1c:0a:34:28:31:29:9b:06:f5:92:62:56:
         b8:59:a5:e2:8c:c0:a7:14:77:24:0b:b4:61:89:bb:2c:01:bf:
         42:4e:39:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0ZgANqizSx5vMRBg/r6NSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzdkYTk4MDUxN2E3ZDgwYjFkZTc2NWEwYzRkMGIyMmMx
MTQxNWUwHhcNMjIwNzEyMjE1MjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVlYzM3ZThhNjcwYWMzNmFmYTJjNzYyNWU4ZTgyYTkzZjJhOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRgdYvNj0aIy640kRb9AFjuS96ZP
09xJhUEQr8s2B+zmTMXwSgTBzEs053RdxnrlqIl0GZqATJggU+T/IfeNaQDiTB0S
1C+DEwTrZwsnwuvk2fsXtPTgvJ3WHPNevVTWUOA0cK3gWldJLlgY6t7b+su/TGX/
OicqZSkqoUva/YshmFUAY0/zWQ1PMFcyL8WKhQW5oN2gQE+DGosmnq0RO/V7JHiU
TDs17X0caXjMILheVRrArJGmxlVlb7H8ytKCOphNBrPg1UcJo1OuTEYoZWVL4hXb
yKDD4jYoBeJe6bF9XbEQwWTNjG/t2avw0/reBft1+mRz+iCQSy+kwoUa6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1ew36KZwrDavosdiXo6CqT8qmiMB8GA1UdIwQY
MBaAFKJ32pgFF6fYCx3nZaDE0LIsEUFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUt
NmU0NTM0ZDNjMjIwLzEvX1Y3RGZvcG5Dc05xLWl4Mkplam9LcFB5cWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUtNmU0NTM0ZDNjMjIw
LzEvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIgMA0G
CSqGSIb3DQEBCwUAA4IBAQCQQw1G0oOWnvbEnvLhuRM2VqD/M7ZTuBMIevG0AiyL
Mi8gmEdJVKNVrxy0tgasrAauGp3y7McWG+d+kSjoCTLmjOIwFT+GTcSbJIos3G6F
PZwzK1/le0xd1rKrtS3N2hFwPNX6AjpR4HW/X1NxCPPRnP+mZ4Kha9LL1Mr55lop
+mwwMH/dLtQN2vmCF1pmVq0LBtNNg3YYTcoSEcArC7KWyBOkHYYpfh5v4Lf/DYVN
77ChQlu89nNy+ZX0u3Hw29DNdGSkNBuJ1BQxB+g1xcJFxGj2q3HWvhnaXHYXR3Uc
CjQoMSmbBvWSYla4WaXijMCnFHckC7RhibssAb9CTjn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:41 2024 by rpki-client on console-fra.rpki-client.org