Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/yDGzTDAIAj41HgA3T1JafXGTRvQ.roa
File:                     yDGzTDAIAj41HgA3T1JafXGTRvQ.roa (raw, json)
Hash identifier:          VihD+cv6ag3m2tIounIvOzqRBwgTnUdhZ6T0Lli2u/4=
Subject key identifier:   C8:31:B3:4C:30:08:02:3E:35:1E:00:37:4F:52:5A:7D:71:93:46:F4
Certificate issuer:       /CN=72978d1d4e7782816ac42da4788e33cbb2487859
Certificate serial:       01856F9DBCDD97AAA5BA039F847C205062F4
Authority key identifier: 72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/yDGzTDAIAj41HgA3T1JafXGTRvQ.roa
Signing time:             Sun 01 Jan 2023 23:14:46 +0000
ROA not before:           Sun 01 Jan 2023 23:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        45.159.23.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:bc:dd:97:aa:a5:ba:03:9f:84:7c:20:50:62:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72978d1d4e7782816ac42da4788e33cbb2487859
        Validity
            Not Before: Jan  1 23:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c831b34c3008023e351e00374f525a7d719346f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:cb:ec:09:e3:d1:2d:e8:51:2e:1d:1c:d7:9e:
                    cf:96:b3:80:32:cb:a6:86:94:f2:23:71:c2:62:c3:
                    cf:c9:09:0d:d4:b8:76:33:50:8c:90:03:bf:0c:e6:
                    ea:9a:cd:fb:77:68:63:b4:c6:ea:36:10:4e:36:5f:
                    70:eb:e3:6e:ac:8a:a0:71:4e:72:a7:01:84:e6:49:
                    61:c0:5e:b4:84:fc:13:d2:1f:7c:f6:71:d3:4a:50:
                    d5:82:33:b9:54:2a:f2:2e:a4:56:3c:37:87:99:d3:
                    b1:42:fa:63:84:36:94:cd:08:05:be:46:48:b4:b3:
                    ee:fa:04:cc:4b:4c:92:d2:5f:fe:d5:ce:06:e8:8b:
                    fc:61:88:2c:56:94:28:7f:02:71:0e:78:38:88:10:
                    e3:33:b7:1b:1e:44:b9:dd:e3:ab:ce:6d:2d:1f:1b:
                    69:5a:d6:3f:bd:16:74:5d:db:02:5c:b0:7c:fa:31:
                    c0:09:54:45:5e:52:cf:04:d2:02:0d:d4:1e:c3:bf:
                    2d:82:e5:75:f1:68:55:2e:95:cf:d8:fa:bf:d5:3d:
                    0f:c8:fa:d6:c1:40:59:02:26:f3:27:50:6d:33:93:
                    3f:59:bc:3e:1b:df:16:73:a5:e9:61:0a:a7:dd:9a:
                    a0:8f:da:8d:9e:35:eb:b7:f5:37:a5:20:70:63:4d:
                    9f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:31:B3:4C:30:08:02:3E:35:1E:00:37:4F:52:5A:7D:71:93:46:F4
            X509v3 Authority Key Identifier:
                keyid:72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/yDGzTDAIAj41HgA3T1JafXGTRvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/cpeNHU53goFqxC2keI4zy7JIeFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:83:6e:21:37:66:75:8f:01:b6:73:41:54:8e:fd:38:ff:ed:
         17:85:0d:68:24:c8:56:84:73:ad:54:8d:fc:d4:51:08:e6:e9:
         04:39:2c:63:e7:b1:1a:2f:09:e0:b3:8c:ec:49:c0:bf:c2:97:
         9b:37:e6:05:5b:58:4d:a0:d9:e0:dc:ee:4e:a0:d0:61:cf:4b:
         a2:64:63:09:3e:fb:ec:47:87:ae:0f:b8:0c:e0:fd:57:16:05:
         21:5a:a6:23:ae:55:c6:94:ce:b7:1b:8b:9b:1f:6f:3b:e4:27:
         a5:9c:13:2e:f4:19:0a:c0:fa:2c:b3:40:39:06:a8:fa:0d:88:
         db:86:c9:58:ca:6c:a4:88:b7:7e:3f:13:91:ff:cb:b3:fd:db:
         c4:2b:b8:9a:0c:ab:9a:c0:50:12:f2:91:fe:89:31:3a:81:c6:
         9f:d2:dc:f8:e4:0c:19:6d:70:50:17:e6:fb:9f:6c:86:2d:d5:
         89:60:72:1b:95:a8:be:56:c8:12:49:ad:88:fb:52:e3:01:1c:
         d1:0f:a4:3b:20:28:d9:83:ec:f8:98:11:29:d0:19:42:02:56:
         de:80:3d:28:04:b8:b7:88:7e:0d:7e:63:5c:f9:5e:a6:57:e8:
         f7:0b:f9:55:cd:c1:e2:5d:62:a1:3a:82:a5:1a:87:1d:04:84:
         b7:6d:c4:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbzdl6qlugOfhHwgUGL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTc4ZDFkNGU3NzgyODE2YWM0MmRhNDc4OGUzM2NiYjI0
ODc4NTkwHhcNMjMwMTAxMjMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMxYjM0YzMwMDgwMjNlMzUxZTAwMzc0ZjUyNWE3ZDcxOTM0NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocvsCePRLehRLh0c157PlrOAMsum
hpTyI3HCYsPPyQkN1Lh2M1CMkAO/DObqms37d2hjtMbqNhBONl9w6+NurIqgcU5y
pwGE5klhwF60hPwT0h989nHTSlDVgjO5VCryLqRWPDeHmdOxQvpjhDaUzQgFvkZI
tLPu+gTMS0yS0l/+1c4G6Iv8YYgsVpQofwJxDng4iBDjM7cbHkS53eOrzm0tHxtp
WtY/vRZ0XdsCXLB8+jHACVRFXlLPBNICDdQew78tguV18WhVLpXP2Pq/1T0PyPrW
wUBZAibzJ1BtM5M/Wbw+G98Wc6XpYQqn3Zqgj9qNnjXrt/U3pSBwY02fTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgxs0wwCAI+NR4AN09SWn1xk0b0MB8GA1UdIwQY
MBaAFHKXjR1Od4KBasQtpHiOM8uySHhZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BlTkhVNTNnb0ZxeEMya2VJNHp5N0pJZUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yMmU5NmYtMjQ1MS00ZTg2LWEwMzct
OGRiNjJlYTUwOTk1LzEveURHelREQUlBajQxSGdBM1QxSmFmWEdUUnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yMmU5NmYtMjQ1MS00ZTg2LWEwMzctOGRiNjJlYTUwOTk1
LzEvY3BlTkhVNTNnb0ZxeEMya2VJNHp5N0pJZUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ8XMA0G
CSqGSIb3DQEBCwUAA4IBAQC4g24hN2Z1jwG2c0FUjv04/+0XhQ1oJMhWhHOtVI38
1FEI5ukEOSxj57EaLwngs4zsScC/wpebN+YFW1hNoNng3O5OoNBhz0uiZGMJPvvs
R4euD7gM4P1XFgUhWqYjrlXGlM63G4ubH2875CelnBMu9BkKwPoss0A5Bqj6DYjb
hslYymykiLd+PxOR/8uz/dvEK7iaDKuawFAS8pH+iTE6gcaf0tz45AwZbXBQF+b7
n2yGLdWJYHIblai+VsgSSa2I+1LjARzRD6Q7ICjZg+z4mBEp0BlCAlbegD0oBLi3
iH4NfmNc+V6mV+j3C/lVzcHiXWKhOoKlGocdBIS3bcQC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org