Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/34a59e-02cd-4313-b61c-cf1f7d7ff7cd/1/Lzy1lkQuWmPeZIEXDlRR0fALdQs.roa
File:                     Lzy1lkQuWmPeZIEXDlRR0fALdQs.roa (raw, json)
Hash identifier:          14QuMS6NkUhPDT2GH81JtnUilG5b17Zby2nBAoTeNds=
Subject key identifier:   2F:3C:B5:96:44:2E:5A:63:DE:64:81:17:0E:54:51:D1:F0:0B:75:0B
Certificate issuer:       /CN=3edffe7c02cc7ede5e589841cc82d644a4fdef25
Certificate serial:       0184E6B749A2A6DE183F48E46123CBE72CBC
Authority key identifier: 3E:DF:FE:7C:02:CC:7E:DE:5E:58:98:41:CC:82:D6:44:A4:FD:EF:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pt_-fALMft5eWJhBzILWRKT97yU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/34a59e-02cd-4313-b61c-cf1f7d7ff7cd/1/Lzy1lkQuWmPeZIEXDlRR0fALdQs.roa
Signing time:             Tue 06 Dec 2022 09:14:42 +0000
ROA not before:           Tue 06 Dec 2022 09:14:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213373
IP address blocks:        146.19.173.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e6:b7:49:a2:a6:de:18:3f:48:e4:61:23:cb:e7:2c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3edffe7c02cc7ede5e589841cc82d644a4fdef25
        Validity
            Not Before: Dec  6 09:14:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f3cb596442e5a63de6481170e5451d1f00b750b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:22:3c:d8:18:55:1e:6b:3c:b9:4e:4b:69:9c:
                    3b:2e:cb:67:f7:f2:ca:cf:20:94:5f:7f:38:01:4c:
                    80:ff:55:54:3b:d5:08:b1:4d:df:ac:11:8e:f8:8f:
                    f7:18:c6:5f:71:7a:12:77:d8:c7:46:0a:40:aa:e5:
                    d8:a0:93:6f:8d:93:5f:df:24:84:46:2b:60:6f:9a:
                    6a:06:4f:83:f2:6d:94:d0:1d:51:45:0e:46:21:61:
                    f3:a2:d1:79:d5:1f:75:33:f8:1b:a4:3e:1a:bc:66:
                    ca:14:a3:2f:96:d3:8e:f1:12:86:31:49:fa:ba:a5:
                    55:01:89:f3:5a:ef:42:73:5b:0b:d5:e4:81:ff:23:
                    a1:e0:5d:c2:0e:4b:31:ce:3f:bd:d5:00:36:28:b4:
                    36:a1:95:a3:ae:51:40:eb:0f:14:65:23:5f:13:c6:
                    fc:40:71:ba:e4:8c:71:f0:a8:97:44:fe:b3:f1:6b:
                    3d:b8:7d:0d:4a:d5:bc:a0:43:a1:71:41:0c:be:04:
                    53:c6:48:46:51:d7:9b:f8:3d:f4:dc:b1:33:5b:b8:
                    46:f4:49:8a:72:5d:17:b6:7f:f5:e0:8c:67:6c:b8:
                    e4:f5:27:bb:a9:be:81:78:21:f4:15:d6:3b:57:44:
                    b9:7a:df:8f:65:90:f4:02:1c:54:c9:f1:8c:b4:ff:
                    79:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:3C:B5:96:44:2E:5A:63:DE:64:81:17:0E:54:51:D1:F0:0B:75:0B
            X509v3 Authority Key Identifier:
                keyid:3E:DF:FE:7C:02:CC:7E:DE:5E:58:98:41:CC:82:D6:44:A4:FD:EF:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt_-fALMft5eWJhBzILWRKT97yU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/34a59e-02cd-4313-b61c-cf1f7d7ff7cd/1/Lzy1lkQuWmPeZIEXDlRR0fALdQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/34a59e-02cd-4313-b61c-cf1f7d7ff7cd/1/Pt_-fALMft5eWJhBzILWRKT97yU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:14:48:a9:30:4a:5e:ea:11:72:57:bb:98:ba:99:4c:ed:39:
         d2:1d:06:40:67:50:b7:5d:8a:cc:4b:07:19:c6:b8:a1:14:67:
         99:3d:6b:e3:76:c5:b9:86:72:9f:9d:b2:fc:61:83:06:3e:24:
         00:f8:10:44:95:f0:d7:5d:a3:c0:ac:89:c8:bb:f4:c1:ef:7d:
         fd:e1:42:10:68:a8:5a:20:03:5a:13:6b:95:fe:02:9e:ee:11:
         c6:db:f8:e3:77:68:b3:47:93:19:31:c9:bf:53:d7:65:90:f0:
         40:5b:f0:a7:5d:06:e2:00:42:94:bb:ea:a1:c5:de:34:28:86:
         72:ad:a1:ef:50:38:42:e5:da:72:f0:ef:14:22:e2:b1:0b:ba:
         f7:82:14:68:1d:be:2f:15:32:0d:39:ce:30:9e:26:3a:8b:27:
         09:18:4e:0a:71:2a:e1:b6:34:72:56:5e:91:d9:79:04:a2:c2:
         93:7a:f1:7b:b3:60:89:2c:1f:1b:cf:c8:c4:10:85:6b:b6:61:
         0f:46:c6:68:c4:02:43:6c:8e:59:7c:27:d5:5c:25:25:c9:58:
         b4:db:83:e4:db:f1:96:49:69:2e:27:15:bb:0c:3b:87:08:a4:
         e5:91:f9:f1:14:e9:54:4f:5d:8c:31:19:36:90:57:df:ef:9a:
         31:80:d7:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTmt0mipt4YP0jkYSPL5yy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZGZmZTdjMDJjYzdlZGU1ZTU4OTg0MWNjODJkNjQ0YTRm
ZGVmMjUwHhcNMjIxMjA2MDkxNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNjYjU5NjQ0MmU1YTYzZGU2NDgxMTcwZTU0NTFkMWYwMGI3NTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCI82BhVHms8uU5LaZw7Lstn9/LK
zyCUX384AUyA/1VUO9UIsU3frBGO+I/3GMZfcXoSd9jHRgpAquXYoJNvjZNf3ySE
Ritgb5pqBk+D8m2U0B1RRQ5GIWHzotF51R91M/gbpD4avGbKFKMvltOO8RKGMUn6
uqVVAYnzWu9Cc1sL1eSB/yOh4F3CDksxzj+91QA2KLQ2oZWjrlFA6w8UZSNfE8b8
QHG65Ixx8KiXRP6z8Ws9uH0NStW8oEOhcUEMvgRTxkhGUdeb+D303LEzW7hG9EmK
cl0Xtn/14IxnbLjk9Se7qb6BeCH0FdY7V0S5et+PZZD0AhxUyfGMtP95UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC88tZZELlpj3mSBFw5UUdHwC3ULMB8GA1UdIwQY
MBaAFD7f/nwCzH7eXliYQcyC1kSk/e8lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRfLWZBTE1mdDVlV0poQnpJTFdSS1Q5N3lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zNGE1OWUtMDJjZC00MzEzLWI2MWMt
Y2YxZjdkN2ZmN2NkLzEvTHp5MWxrUXVXbVBlWklFWERsUlIwZkFMZFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zNGE1OWUtMDJjZC00MzEzLWI2MWMtY2YxZjdkN2ZmN2Nk
LzEvUHRfLWZBTE1mdDVlV0poQnpJTFdSS1Q5N3lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOtMA0G
CSqGSIb3DQEBCwUAA4IBAQASFEipMEpe6hFyV7uYuplM7TnSHQZAZ1C3XYrMSwcZ
xrihFGeZPWvjdsW5hnKfnbL8YYMGPiQA+BBElfDXXaPArInIu/TB73394UIQaKha
IANaE2uV/gKe7hHG2/jjd2izR5MZMcm/U9dlkPBAW/CnXQbiAEKUu+qhxd40KIZy
raHvUDhC5dpy8O8UIuKxC7r3ghRoHb4vFTINOc4wniY6iycJGE4KcSrhtjRyVl6R
2XkEosKTevF7s2CJLB8bz8jEEIVrtmEPRsZoxAJDbI5ZfCfVXCUlyVi024Pk2/GW
SWkuJxW7DDuHCKTlkfnxFOlUT12MMRk2kFff75oxgNf6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:50 2024 by rpki-client on console-fra.rpki-client.org