Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/fd80cb-ffcb-4b77-857a-a800285b3944/1/NaalQhNjD05DpYwoHBaKup5V_LI.roa
File:                     NaalQhNjD05DpYwoHBaKup5V_LI.roa (raw, json)
Hash identifier:          KsPIgKLnYxEZazz7e3rEE4/xY5KXe4mYO6lnegn71t8=
Subject key identifier:   35:A6:A5:42:13:63:0F:4E:43:A5:8C:28:1C:16:8A:BA:9E:55:FC:B2
Certificate issuer:       /CN=1a478ac0bafadecce072b591d0bd4eaef486d8b3
Certificate serial:       017A55
Authority key identifier: 1A:47:8A:C0:BA:FA:DE:CC:E0:72:B5:91:D0:BD:4E:AE:F4:86:D8:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GkeKwLr63szgcrWR0L1OrvSG2LM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/fd80cb-ffcb-4b77-857a-a800285b3944/1/NaalQhNjD05DpYwoHBaKup5V_LI.roa
Signing time:             Tue 01 Mar 2022 09:51:42 +0000
ROA not before:           Tue 01 Mar 2022 09:51:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3301
IP address blocks:        193.188.248.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96853 (0x17a55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a478ac0bafadecce072b591d0bd4eaef486d8b3
        Validity
            Not Before: Mar  1 09:51:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35a6a54213630f4e43a58c281c168aba9e55fcb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b3:18:b8:81:bb:a7:dd:c6:1d:2e:75:b1:a2:
                    14:64:7d:78:02:e9:73:db:e1:06:c4:73:41:d5:f2:
                    77:c7:6c:13:84:48:58:fe:d0:01:4b:60:6d:cb:46:
                    06:6a:0b:ce:70:d6:99:ec:7d:93:d0:36:e9:8d:ef:
                    70:27:49:97:6a:ff:81:82:8b:1b:83:b3:af:c8:9f:
                    8d:6c:c9:18:67:13:cc:76:d1:b2:53:53:48:bd:08:
                    81:be:01:1e:08:e3:a0:85:37:47:ce:78:1b:77:6a:
                    ed:6b:c6:07:51:0b:ab:b7:80:ca:35:8d:38:ac:8d:
                    f1:7b:7f:e3:ab:2d:ad:78:75:fc:ef:d2:0d:ff:eb:
                    ff:f2:04:fc:6e:28:bc:47:8f:50:a5:27:f5:cd:03:
                    37:94:01:86:af:c6:98:3b:86:20:db:6e:4b:bb:98:
                    39:0b:53:72:67:b0:aa:c6:f9:6b:8e:78:f8:7b:29:
                    eb:10:9d:87:3f:26:08:57:9d:a4:81:ec:eb:de:4e:
                    e1:af:33:a8:c9:a6:8f:a4:ba:95:a3:f7:d2:92:7e:
                    1d:14:4b:46:22:56:eb:1e:3c:d7:97:20:dc:5e:14:
                    50:ab:96:0d:0d:ad:ae:60:e1:c6:c1:a4:f0:bb:59:
                    c9:5c:89:71:a2:ea:94:27:07:7a:72:f6:b6:c1:76:
                    8f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:A6:A5:42:13:63:0F:4E:43:A5:8C:28:1C:16:8A:BA:9E:55:FC:B2
            X509v3 Authority Key Identifier:
                keyid:1A:47:8A:C0:BA:FA:DE:CC:E0:72:B5:91:D0:BD:4E:AE:F4:86:D8:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GkeKwLr63szgcrWR0L1OrvSG2LM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/fd80cb-ffcb-4b77-857a-a800285b3944/1/NaalQhNjD05DpYwoHBaKup5V_LI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/fd80cb-ffcb-4b77-857a-a800285b3944/1/GkeKwLr63szgcrWR0L1OrvSG2LM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.188.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:fb:d8:56:e1:6c:6e:f1:67:18:d9:4d:ca:a7:80:98:20:3c:
         15:b7:29:a0:e9:6c:05:ac:21:57:bc:ee:c4:08:e8:a8:b3:8f:
         e0:b3:5b:cb:ee:83:10:97:c2:21:58:88:db:46:98:e7:a3:a1:
         fa:aa:57:b9:38:9b:d5:87:b2:94:6e:7a:94:3e:21:b1:bb:9b:
         a1:ec:85:3b:e5:99:54:10:53:ab:12:1b:b9:7a:d3:ab:9f:8f:
         1b:0a:35:a7:3b:75:16:2b:53:b2:76:34:45:5d:3a:ce:d7:5c:
         2b:54:cf:42:fb:92:56:b5:0a:1f:1f:f6:f9:d8:a4:4e:9f:51:
         74:e9:7f:29:52:d9:29:a8:a9:81:70:26:f4:87:27:26:19:51:
         48:08:5d:7f:21:90:9c:15:f7:a8:05:ad:dc:d3:a2:ed:17:b4:
         0e:57:b7:cc:f0:5c:45:f2:2c:2c:61:fc:a1:0e:cb:84:0d:44:
         7b:53:8c:2f:c4:29:9a:e6:90:e7:cf:bd:1e:c6:85:e8:ca:5d:
         8a:58:d7:ad:86:d9:4e:4b:bf:6c:93:f2:a5:b4:a5:24:e0:3f:
         67:ea:57:9f:8b:dc:dc:bf:e1:ba:d9:72:48:c1:82:e8:bd:e6:
         a1:e2:2d:d1:61:99:7c:b0:36:a0:d0:34:74:7b:59:e6:5c:9a:
         82:a5:f9:fa
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAXpVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
NDc4YWMwYmFmYWRlY2NlMDcyYjU5MWQwYmQ0ZWFlZjQ4NmQ4YjMwHhcNMjIwMzAx
MDk1MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNWE2YTU0MjEzNjMw
ZjRlNDNhNThjMjgxYzE2OGFiYTllNTVmY2IyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmLMYuIG7p93GHS51saIUZH14Aulz2+EGxHNB1fJ3x2wThEhY
/tABS2Bty0YGagvOcNaZ7H2T0Dbpje9wJ0mXav+Bgosbg7OvyJ+NbMkYZxPMdtGy
U1NIvQiBvgEeCOOghTdHzngbd2rta8YHUQurt4DKNY04rI3xe3/jqy2teHX879IN
/+v/8gT8bii8R49QpSf1zQM3lAGGr8aYO4Yg225Lu5g5C1NyZ7Cqxvlrjnj4eynr
EJ2HPyYIV52kgezr3k7hrzOoyaaPpLqVo/fSkn4dFEtGIlbrHjzXlyDcXhRQq5YN
Da2uYOHGwaTwu1nJXIlxouqUJwd6cva2wXaPUQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDWmpUITYw9OQ6WMKBwWirqeVfyyMB8GA1UdIwQYMBaAFBpHisC6+t7M4HK1
kdC9Tq70htizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R2tlS3dMcjYzc3pnY3JXUjBMMU9ydlNHMkxNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83MC9mZDgwY2ItZmZjYi00Yjc3LTg1N2EtYTgwMDI4NWIzOTQ0LzEv
TmFhbFFoTmpEMDVEcFl3b0hCYUt1cDVWX0xJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9m
ZDgwY2ItZmZjYi00Yjc3LTg1N2EtYTgwMDI4NWIzOTQ0LzEvR2tlS3dMcjYzc3pn
Y3JXUjBMMU9ydlNHMkxNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbz4MA0GCSqGSIb3DQEBCwUAA4IB
AQCW+9hW4Wxu8WcY2U3Kp4CYIDwVtymg6WwFrCFXvO7ECOios4/gs1vL7oMQl8Ih
WIjbRpjno6H6qle5OJvVh7KUbnqUPiGxu5uh7IU75ZlUEFOrEhu5etOrn48bCjWn
O3UWK1OydjRFXTrO11wrVM9C+5JWtQofH/b52KROn1F06X8pUtkpqKmBcCb0hycm
GVFICF1/IZCcFfeoBa3c06LtF7QOV7fM8FxF8iwsYfyhDsuEDUR7U4wvxCma5pDn
z70exoXoyl2KWNethtlOS79sk/KltKUk4D9n6lefi9zcv+G62XJIwYLoveah4i3R
YZl8sDag0DR0e1nmXJqCpfn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:41 2024 by rpki-client on console-fra.rpki-client.org