Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/aabhNqGkRUcrG4L5VRMY4gkHO1I.roa
File:                     aabhNqGkRUcrG4L5VRMY4gkHO1I.roa (raw, json)
Hash identifier:          4zyWw5C0wZavJvlGhv7lRJjuRw20wzcAcodp2H+X9rA=
Subject key identifier:   69:A6:E1:36:A1:A4:45:47:2B:1B:82:F9:55:13:18:E2:09:07:3B:52
Certificate issuer:       /CN=a277da980517a7d80b1de765a0c4d0b22c11415e
Certificate serial:       01856B89FECB94E3DF8F3EE28DB9655E1445
Authority key identifier: A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/aabhNqGkRUcrG4L5VRMY4gkHO1I.roa
Signing time:             Sun 01 Jan 2023 04:14:43 +0000
ROA not before:           Sun 01 Jan 2023 04:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     18779
IP address blocks:        2a11:73c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:89:fe:cb:94:e3:df:8f:3e:e2:8d:b9:65:5e:14:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a277da980517a7d80b1de765a0c4d0b22c11415e
        Validity
            Not Before: Jan  1 04:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69a6e136a1a445472b1b82f9551318e209073b52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9d:01:23:48:95:ea:4f:6c:4b:64:87:3c:30:
                    18:35:d1:fb:ac:02:a8:ff:93:66:57:51:1b:76:c6:
                    de:a0:93:cd:c0:1f:09:3c:ab:3b:4f:ab:da:94:67:
                    7c:79:1a:71:f1:b4:38:88:d2:0b:a7:dc:7f:a3:3a:
                    c0:bd:8e:7c:9c:63:7b:85:02:52:1b:65:7c:e6:87:
                    5d:6e:d0:38:64:01:5b:06:16:d9:66:30:fc:0a:f2:
                    50:25:d4:bd:e8:91:75:65:18:3e:92:4e:87:c6:71:
                    85:bb:d7:0f:8c:7e:12:26:a8:ae:85:a4:98:9c:fc:
                    a7:8d:6f:fe:46:dd:f7:55:c5:03:49:f2:f6:dd:21:
                    0f:1d:c9:e8:16:97:db:79:37:af:d7:77:d1:41:b0:
                    f7:3d:75:8b:fd:48:9a:b7:8d:62:ab:2a:06:1f:9e:
                    7c:69:ab:f9:61:ac:5c:63:31:d5:09:aa:08:47:5e:
                    26:f1:d9:78:50:c9:d9:f7:3b:4e:f2:9d:26:e1:f3:
                    a9:43:c6:69:64:2c:05:61:8e:89:67:1f:09:0b:be:
                    1f:80:89:cd:c0:67:90:bb:22:e8:d8:a1:a4:11:2c:
                    79:ad:1a:2d:99:8c:29:95:3b:bc:17:54:9b:5b:4e:
                    81:6a:c6:15:1c:d8:6d:9c:8e:d0:cb:db:c3:a6:ea:
                    6c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:A6:E1:36:A1:A4:45:47:2B:1B:82:F9:55:13:18:E2:09:07:3B:52
            X509v3 Authority Key Identifier:
                keyid:A2:77:DA:98:05:17:A7:D8:0B:1D:E7:65:A0:C4:D0:B2:2C:11:41:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onfamAUXp9gLHedloMTQsiwRQV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/aabhNqGkRUcrG4L5VRMY4gkHO1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f02a9c-8336-4713-b4e5-6e4534d3c220/1/onfamAUXp9gLHedloMTQsiwRQV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:73c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         37:2c:3a:4d:8c:d1:c7:40:3e:ed:36:10:f1:bc:fd:3c:e7:94:
         6b:27:fa:01:7b:fe:1c:7f:24:ea:29:2f:7a:82:b7:1c:29:61:
         8a:9b:27:e5:6b:a2:0b:ce:07:b0:c3:8d:3f:6a:f2:c1:2d:a8:
         89:6f:6f:ce:b2:87:8c:e8:ef:1a:c0:65:8e:5c:94:64:5b:03:
         a5:c5:09:65:e9:3f:29:fa:d7:d1:31:cf:3c:cd:24:58:b2:13:
         90:8c:6c:e2:1b:80:d7:bf:39:eb:b6:fe:56:8c:77:5a:ac:54:
         0e:48:5d:d2:87:2a:86:d5:53:78:ca:39:4e:ef:8d:08:f4:8c:
         60:46:0c:c1:75:7a:8a:8e:85:43:84:89:96:cb:eb:a0:d2:19:
         37:c7:35:11:f0:4a:16:a4:da:49:3f:69:88:30:5c:72:d1:a6:
         2f:34:95:94:cd:39:95:36:dc:27:21:43:d4:1f:08:93:e8:25:
         6d:c4:f9:fd:36:03:b7:65:b0:27:06:0c:d0:59:b6:ac:89:92:
         ea:12:64:b3:36:46:90:bc:c8:18:db:33:94:f5:f0:f7:87:b2:
         b0:39:d6:31:dd:56:a6:98:cb:bb:6a:0c:06:ed:75:f9:af:c0:
         9e:c5:de:97:48:8b:37:4d:23:6d:97:86:d1:d6:7d:c0:56:ed:
         dc:af:08:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrif7LlOPfjz7ijbllXhRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzdkYTk4MDUxN2E3ZDgwYjFkZTc2NWEwYzRkMGIyMmMx
MTQxNWUwHhcNMjMwMTAxMDQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE2ZTEzNmExYTQ0NTQ3MmIxYjgyZjk1NTEzMThlMjA5MDczYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg50BI0iV6k9sS2SHPDAYNdH7rAKo
/5NmV1EbdsbeoJPNwB8JPKs7T6valGd8eRpx8bQ4iNILp9x/ozrAvY58nGN7hQJS
G2V85oddbtA4ZAFbBhbZZjD8CvJQJdS96JF1ZRg+kk6HxnGFu9cPjH4SJqiuhaSY
nPynjW/+Rt33VcUDSfL23SEPHcnoFpfbeTev13fRQbD3PXWL/Uiat41iqyoGH558
aav5YaxcYzHVCaoIR14m8dl4UMnZ9ztO8p0m4fOpQ8ZpZCwFYY6JZx8JC74fgInN
wGeQuyLo2KGkESx5rRotmYwplTu8F1SbW06BasYVHNhtnI7Qy9vDpupsWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGmm4TahpEVHKxuC+VUTGOIJBztSMB8GA1UdIwQY
MBaAFKJ32pgFF6fYCx3nZaDE0LIsEUFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUt
NmU0NTM0ZDNjMjIwLzEvYWFiaE5xR2tSVWNyRzRMNVZSTVk0Z2tITzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMDJhOWMtODMzNi00NzEzLWI0ZTUtNmU0NTM0ZDNjMjIw
LzEvb25mYW1BVVhwOWdMSGVkbG9NVFFzaXdSUVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFzwDAN
BgkqhkiG9w0BAQsFAAOCAQEANyw6TYzRx0A+7TYQ8bz9POeUayf6AXv+HH8k6ikv
eoK3HClhipsn5WuiC84HsMONP2rywS2oiW9vzrKHjOjvGsBljlyUZFsDpcUJZek/
KfrX0THPPM0kWLITkIxs4huA178567b+Vox3WqxUDkhd0ocqhtVTeMo5Tu+NCPSM
YEYMwXV6io6FQ4SJlsvroNIZN8c1EfBKFqTaST9piDBcctGmLzSVlM05lTbcJyFD
1B8Ik+glbcT5/TYDt2WwJwYM0Fm2rImS6hJkszZGkLzIGNszlPXw94eysDnWMd1W
ppjLu2oMBu11+a/AnsXel0iLN00jbZeG0dZ9wFbt3K8IVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:41 2024 by rpki-client on console-fra.rpki-client.org