Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R-Tr1xBLPb496rBZX7bEHnW6Qls.roa
File:                     R-Tr1xBLPb496rBZX7bEHnW6Qls.roa (raw, json)
Hash identifier:          kDN48v3mWX1DFAQcwic0IBKMzN0ZQ0YUr8VWS6rjO08=
Subject key identifier:   47:E4:EB:D7:10:4B:3D:BE:3D:EA:B0:59:5F:B6:C4:1E:75:BA:42:5B
Certificate issuer:       /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial:       01856D93ED42E292EF0D63D218C9A830D716
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R-Tr1xBLPb496rBZX7bEHnW6Qls.roa
Signing time:             Sun 01 Jan 2023 13:44:49 +0000
ROA not before:           Sun 01 Jan 2023 13:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6282
IP address blocks:        91.236.90.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:93:ed:42:e2:92:ef:0d:63:d2:18:c9:a8:30:d7:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
        Validity
            Not Before: Jan  1 13:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47e4ebd7104b3dbe3deab0595fb6c41e75ba425b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:91:d3:11:26:fd:12:9a:77:56:e0:0a:78:b6:
                    6b:59:6c:ac:24:71:a8:d3:cb:12:54:44:a6:83:1a:
                    88:da:dd:a4:c1:e7:c3:df:67:65:2b:30:69:ce:c9:
                    68:6e:38:7a:e5:e0:8e:ba:82:ce:af:22:0a:41:10:
                    43:dc:a5:25:e9:b2:a9:11:51:3b:ae:b8:74:49:5b:
                    2d:3e:05:58:7e:5a:4d:cd:b1:10:43:1e:c2:6e:7f:
                    f8:a2:de:f8:50:e2:dc:fd:9f:07:1d:03:05:49:89:
                    2e:45:b5:86:ec:d0:6d:49:89:01:e4:5e:b7:08:8e:
                    d0:13:07:86:11:3c:c4:ab:c7:88:a4:ee:86:8c:71:
                    33:c0:ca:53:82:0a:fa:0b:5b:1c:fe:75:e3:f8:cb:
                    1c:26:c0:b7:7f:b5:f6:41:44:d8:b2:2c:fd:5f:b3:
                    2a:ac:98:89:69:6a:17:34:ed:f0:79:52:7e:38:a6:
                    bf:c6:c1:07:45:ea:14:a8:67:37:18:fb:c3:cc:e6:
                    20:0e:c7:fd:71:dd:d3:a9:a1:2a:1f:04:ba:04:7a:
                    9b:5d:34:71:8c:7c:46:7e:48:bf:72:a5:45:9f:a1:
                    90:80:cd:85:92:f0:b3:41:37:aa:10:02:98:1b:1d:
                    2f:cc:a3:63:1d:9b:50:ec:98:94:4d:ae:bf:54:73:
                    8b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:E4:EB:D7:10:4B:3D:BE:3D:EA:B0:59:5F:B6:C4:1E:75:BA:42:5B
            X509v3 Authority Key Identifier:
                keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R-Tr1xBLPb496rBZX7bEHnW6Qls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.236.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:7e:c5:10:c3:13:14:3c:f6:62:f0:a9:bc:50:fc:34:de:a9:
         7d:b4:b6:b4:e5:90:bf:42:89:1e:47:6f:73:74:55:40:a7:a6:
         10:db:85:43:35:a6:da:0a:8e:39:50:b9:13:d6:96:3d:22:08:
         13:8e:26:6c:e3:8e:03:74:40:5e:9d:32:39:85:0e:01:ef:b4:
         2e:53:c9:1c:a1:ad:17:18:fd:da:39:78:1d:8a:1c:48:d8:85:
         e2:94:99:a6:d8:95:d3:db:42:3e:b9:c8:43:c3:5b:c5:21:a5:
         a6:4d:d5:c2:7a:38:ea:87:9b:9b:5c:4d:08:77:c8:c0:e8:90:
         03:3b:19:01:09:80:7a:61:ce:26:c6:7a:76:f5:cc:74:91:6f:
         95:05:e6:d1:9d:29:16:da:ad:04:52:57:f5:d4:d7:58:ec:25:
         9a:06:03:10:c2:6d:82:48:a2:19:d7:c8:5b:f9:b9:ee:ec:56:
         25:4f:20:f1:97:ad:90:33:8d:36:99:c9:91:e2:17:75:9c:72:
         cf:c9:cb:c1:0b:1c:20:1f:47:21:e9:f4:41:41:64:25:26:87:
         cf:c8:43:90:81:d8:31:8f:d2:4c:5a:12:f4:6d:b6:08:f2:97:
         80:e4:a3:78:af:4e:94:f8:d0:af:ae:ad:1b:83:3a:ad:e5:0c:
         f7:c3:db:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk+1C4pLvDWPSGMmoMNcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2U0ZWJkNzEwNGIzZGJlM2RlYWIwNTk1ZmI2YzQxZTc1YmE0MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJHTESb9Epp3VuAKeLZrWWysJHGo
08sSVESmgxqI2t2kwefD32dlKzBpzslobjh65eCOuoLOryIKQRBD3KUl6bKpEVE7
rrh0SVstPgVYflpNzbEQQx7Cbn/4ot74UOLc/Z8HHQMFSYkuRbWG7NBtSYkB5F63
CI7QEweGETzEq8eIpO6GjHEzwMpTggr6C1sc/nXj+MscJsC3f7X2QUTYsiz9X7Mq
rJiJaWoXNO3weVJ+OKa/xsEHReoUqGc3GPvDzOYgDsf9cd3TqaEqHwS6BHqbXTRx
jHxGfki/cqVFn6GQgM2FkvCzQTeqEAKYGx0vzKNjHZtQ7JiUTa6/VHOLMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfk69cQSz2+PeqwWV+2xB51ukJbMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvUi1UcjF4QkxQYjQ5NnJCWlg3YkVIblc2UWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+xaMA0G
CSqGSIb3DQEBCwUAA4IBAQCVfsUQwxMUPPZi8Km8UPw03ql9tLa05ZC/QokeR29z
dFVAp6YQ24VDNabaCo45ULkT1pY9IggTjiZs444DdEBenTI5hQ4B77QuU8kcoa0X
GP3aOXgdihxI2IXilJmm2JXT20I+uchDw1vFIaWmTdXCejjqh5ubXE0Id8jA6JAD
OxkBCYB6Yc4mxnp29cx0kW+VBebRnSkW2q0EUlf11NdY7CWaBgMQwm2CSKIZ18hb
+bnu7FYlTyDxl62QM402mcmR4hd1nHLPycvBCxwgH0ch6fRBQWQlJofPyEOQgdgx
j9JMWhL0bbYI8peA5KN4r06U+NCvrq0bgzqt5Qz3w9uQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org