Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0bfbec-cc8c-4dab-a504-90aedfb9a82a/1/vz7eeFVuYHqbRr3EQGVxE6zt5tk.roa
File:                     vz7eeFVuYHqbRr3EQGVxE6zt5tk.roa (raw, json)
Hash identifier:          AoX3DOqFnWT0l6dXuTnC/3Aivs6Oq/cEc+mSPX+rCog=
Subject key identifier:   BF:3E:DE:78:55:6E:60:7A:9B:46:BD:C4:40:65:71:13:AC:ED:E6:D9
Certificate issuer:       /CN=989213094b7585b94778ebdf439a5f375515621b
Certificate serial:       132B6C0C
Authority key identifier: 98:92:13:09:4B:75:85:B9:47:78:EB:DF:43:9A:5F:37:55:15:62:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mJITCUt1hblHeOvfQ5pfN1UVYhs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/0bfbec-cc8c-4dab-a504-90aedfb9a82a/1/vz7eeFVuYHqbRr3EQGVxE6zt5tk.roa
Signing time:             Sat 01 Jan 2022 08:57:39 +0000
ROA not before:           Sat 01 Jan 2022 08:57:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35236
IP address blocks:        91.241.8.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 321612812 (0x132b6c0c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=989213094b7585b94778ebdf439a5f375515621b
        Validity
            Not Before: Jan  1 08:57:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bf3ede78556e607a9b46bdc440657113acede6d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:78:a3:24:e0:8f:11:7a:32:a1:ef:4b:5b:d0:
                    11:f4:85:f6:43:a9:7d:ba:bf:c8:50:06:99:b4:70:
                    fa:7e:ba:86:68:bc:7d:aa:36:0c:71:65:ea:6f:96:
                    00:0d:f9:24:62:e1:65:7b:37:ca:d4:af:5e:96:a0:
                    36:18:b5:d4:43:fb:b8:10:9e:bd:63:6a:0a:0e:96:
                    a4:25:34:63:1e:d3:ac:9d:a9:86:5f:e8:ee:62:f5:
                    64:18:ab:04:00:ce:b5:e6:ed:3e:58:a4:a6:ea:b8:
                    3a:49:ec:4e:9d:f0:85:50:56:b3:12:00:6e:2e:ea:
                    eb:83:2a:73:a7:c8:86:24:54:02:79:2b:9c:74:33:
                    ca:bd:19:2d:c3:68:d6:0e:a3:81:a0:d2:fc:d8:0f:
                    d4:49:5a:e1:9b:9f:d6:16:e3:57:48:77:aa:80:26:
                    a1:a7:77:4a:a1:ba:b9:64:ea:6e:5e:d4:88:b5:5a:
                    36:44:09:11:5b:59:25:f5:06:87:b4:5f:0d:94:65:
                    ad:8e:77:99:b4:e8:6b:ea:5a:26:94:70:06:7e:c6:
                    c7:3a:9e:76:2d:b5:9a:24:69:e8:0d:60:3a:47:ed:
                    2c:47:af:79:18:4c:a9:b6:a6:ee:66:5c:a3:6c:74:
                    4c:23:4a:a4:1d:e1:b1:c5:a6:d9:4f:c4:ae:83:b8:
                    dc:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:3E:DE:78:55:6E:60:7A:9B:46:BD:C4:40:65:71:13:AC:ED:E6:D9
            X509v3 Authority Key Identifier:
                keyid:98:92:13:09:4B:75:85:B9:47:78:EB:DF:43:9A:5F:37:55:15:62:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJITCUt1hblHeOvfQ5pfN1UVYhs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0bfbec-cc8c-4dab-a504-90aedfb9a82a/1/vz7eeFVuYHqbRr3EQGVxE6zt5tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0bfbec-cc8c-4dab-a504-90aedfb9a82a/1/mJITCUt1hblHeOvfQ5pfN1UVYhs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.241.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bb:a9:de:04:8f:64:08:7c:b9:d7:f6:17:3e:e5:90:06:3a:1b:
         3e:67:a3:0b:46:5c:cc:ac:60:5d:54:df:be:14:7d:c1:fc:74:
         c8:a9:2a:af:66:ce:6d:d7:83:81:64:eb:96:78:0b:e6:da:c3:
         3d:78:71:77:b8:99:50:81:7f:e9:3b:37:5d:e4:c8:1a:93:15:
         0a:ca:23:45:47:20:22:5a:db:74:dc:c6:4d:de:b0:d4:a6:18:
         e3:61:35:88:a6:5f:91:24:79:db:bd:d8:22:4a:56:12:63:25:
         e0:64:74:99:aa:b8:ff:bb:1a:dd:3b:08:3e:0d:f0:63:06:95:
         97:5f:a4:01:5f:3a:3d:e8:fe:4a:0f:4a:56:4b:76:ed:70:03:
         1f:3f:e5:e8:7c:85:45:7b:2d:97:48:38:88:42:12:2d:64:df:
         66:d4:c3:7e:62:94:9e:66:2b:f1:0c:72:aa:38:a4:d3:db:19:
         52:58:1f:37:1d:9b:f8:8c:c2:3a:d5:72:a6:76:56:c0:ea:7f:
         b1:81:15:43:91:5d:07:9b:8f:a7:f1:83:c4:b1:06:bb:d3:09:
         89:6f:76:9b:ab:64:3c:67:83:aa:92:79:96:e8:df:b3:0b:68:
         1b:e5:96:be:24:7b:d5:69:fd:df:7d:5c:55:44:2c:83:ba:69:
         b6:d1:59:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEytsDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODkyMTMwOTRiNzU4NWI5NDc3OGViZGY0MzlhNWYzNzU1MTU2MjFiMB4XDTIyMDEw
MTA4NTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYzZWRlNzg1NTZl
NjA3YTliNDZiZGM0NDA2NTcxMTNhY2VkZTZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV4oyTgjxF6MqHvS1vQEfSF9kOpfbq/yFAGmbRw+n66hmi8
fao2DHFl6m+WAA35JGLhZXs3ytSvXpagNhi11EP7uBCevWNqCg6WpCU0Yx7TrJ2p
hl/o7mL1ZBirBADOtebtPlikpuq4OknsTp3whVBWsxIAbi7q64Mqc6fIhiRUAnkr
nHQzyr0ZLcNo1g6jgaDS/NgP1Ela4Zuf1hbjV0h3qoAmoad3SqG6uWTqbl7UiLVa
NkQJEVtZJfUGh7RfDZRlrY53mbToa+paJpRwBn7Gxzqedi21miRp6A1gOkftLEev
eRhMqbam7mZco2x0TCNKpB3hscWm2U/EroO43OUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/Pt54VW5geptGvcRAZXETrO3m2TAfBgNVHSMEGDAWgBSYkhMJS3WFuUd4
699Dml83VRViGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21KSVRDVXQxaGJsSGVPdmZRNXBmTjFVVllocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvMGJmYmVjLWNjOGMtNGRhYi1hNTA0LTkwYWVkZmI5YTgyYS8x
L3Z6N2VlRlZ1WUhxYlJyM0VRR1Z4RTZ6dDV0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
MGJmYmVjLWNjOGMtNGRhYi1hNTA0LTkwYWVkZmI5YTgyYS8xL21KSVRDVXQxaGJs
SGVPdmZRNXBmTjFVVllocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvxCDANBgkqhkiG9w0BAQsFAAOC
AQEAu6neBI9kCHy51/YXPuWQBjobPmejC0ZczKxgXVTfvhR9wfx0yKkqr2bObdeD
gWTrlngL5trDPXhxd7iZUIF/6Ts3XeTIGpMVCsojRUcgIlrbdNzGTd6w1KYY42E1
iKZfkSR5273YIkpWEmMl4GR0maq4/7sa3TsIPg3wYwaVl1+kAV86Pej+Sg9KVkt2
7XADHz/l6HyFRXstl0g4iEISLWTfZtTDfmKUnmYr8Qxyqjik09sZUlgfNx2b+IzC
OtVypnZWwOp/sYEVQ5FdB5uPp/GDxLEGu9MJiW92m6tkPGeDqpJ5lujfswtoG+WW
viR71Wn9331cVUQsg7ppttFZYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:52 2024 by rpki-client on console-ams.rpki-client.org