Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9c358e-ff82-4a52-bdc4-bfd27e866aef/1/z9Pnu6bmOdsez-wG2-JYak8zYzI.roa
File:                     z9Pnu6bmOdsez-wG2-JYak8zYzI.roa (raw, json)
Hash identifier:          fFvu6ehG8M0GagK2ymFieaC3MaN0SiGrjt1uhk7f4lM=
Subject key identifier:   CF:D3:E7:BB:A6:E6:39:DB:1E:CF:EC:06:DB:E2:58:6A:4F:33:63:32
Certificate issuer:       /CN=8a149f76d3944151f0ade4de7831d3d42cb6e8df
Certificate serial:       315F
Authority key identifier: 8A:14:9F:76:D3:94:41:51:F0:AD:E4:DE:78:31:D3:D4:2C:B6:E8:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihSfdtOUQVHwreTeeDHT1Cy26N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9c358e-ff82-4a52-bdc4-bfd27e866aef/1/z9Pnu6bmOdsez-wG2-JYak8zYzI.roa
Signing time:             Tue 25 Jan 2022 11:45:41 +0000
ROA not before:           Tue 25 Jan 2022 11:45:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57523
IP address blocks:        91.213.138.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12639 (0x315f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a149f76d3944151f0ade4de7831d3d42cb6e8df
        Validity
            Not Before: Jan 25 11:45:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cfd3e7bba6e639db1ecfec06dbe2586a4f336332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8a:c7:29:51:43:71:b0:f0:d5:17:e4:19:2c:
                    5b:92:77:e4:1f:85:6c:ce:3f:7a:5f:04:ce:f7:ed:
                    9d:9e:3a:a8:56:ba:6a:45:23:f2:76:93:2f:93:96:
                    83:32:1b:88:8e:11:dc:bf:bd:44:65:62:db:7a:bc:
                    b6:13:b4:63:84:48:a4:e4:33:04:2c:75:27:cf:df:
                    34:8e:55:c4:a9:1f:81:e6:2f:b5:81:47:cc:53:16:
                    e2:8c:5b:3a:5b:6e:52:01:e5:48:fa:e0:56:88:1d:
                    65:c7:e2:f9:6f:d2:61:2d:26:11:fa:1d:c3:68:85:
                    32:c8:7b:03:98:ba:1e:32:94:a3:7e:a0:bf:07:1b:
                    dd:fe:e6:2e:11:47:c2:4a:70:e9:0b:b1:57:6e:2b:
                    8e:ce:2e:56:98:a0:9f:20:40:ab:1c:1f:d4:27:b3:
                    b7:f5:53:d1:29:c6:d1:2d:66:9a:4f:18:f7:9a:cf:
                    32:e5:95:96:27:d3:ea:57:e5:88:9a:98:11:b8:27:
                    ec:39:34:4a:6c:56:87:59:ea:39:f6:d8:93:ea:14:
                    43:99:c8:80:69:76:e3:bd:0e:10:a2:05:07:b1:79:
                    20:52:e1:9c:3f:f3:77:77:59:60:1d:6d:41:47:a2:
                    6d:58:5d:47:9f:cc:3a:a3:9a:5f:3b:a4:80:9b:10:
                    d0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:D3:E7:BB:A6:E6:39:DB:1E:CF:EC:06:DB:E2:58:6A:4F:33:63:32
            X509v3 Authority Key Identifier:
                keyid:8A:14:9F:76:D3:94:41:51:F0:AD:E4:DE:78:31:D3:D4:2C:B6:E8:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihSfdtOUQVHwreTeeDHT1Cy26N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9c358e-ff82-4a52-bdc4-bfd27e866aef/1/z9Pnu6bmOdsez-wG2-JYak8zYzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9c358e-ff82-4a52-bdc4-bfd27e866aef/1/ihSfdtOUQVHwreTeeDHT1Cy26N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:84:8d:b8:46:98:f8:28:d9:61:8f:69:77:21:61:b7:d1:57:
         ab:cf:16:a8:fb:d2:b9:34:70:3b:f2:f8:7b:7e:4c:ed:0a:33:
         fd:b2:7a:31:4d:f4:39:d8:44:5b:60:bb:7a:43:e4:d0:2e:cd:
         df:7b:24:65:36:b3:ec:8f:a7:06:3e:fb:11:d7:9a:84:35:b3:
         b2:2f:00:f0:f4:a0:84:21:5a:30:48:25:3d:c2:52:ce:80:a3:
         29:a1:93:be:78:78:b7:4b:f4:ee:65:cb:47:8b:2d:04:72:7a:
         5d:f7:ed:e5:f2:08:b3:ef:2a:13:b4:80:4c:3d:07:85:91:4d:
         eb:c1:21:08:85:f3:a6:b3:99:00:a8:c6:87:4a:24:4e:3d:9c:
         65:97:02:b5:bb:bd:ab:70:b9:08:26:d5:77:0f:f4:82:d9:2c:
         17:1e:3f:be:8b:68:27:b9:9b:66:63:d3:19:7e:79:e1:01:af:
         7e:f2:37:f7:d8:46:af:3b:a3:32:1d:31:77:0b:06:fb:a7:b6:
         61:37:c9:35:6c:5b:d4:2d:d0:8c:8b:cf:bb:6d:ae:15:e6:86:
         d3:20:7f:e2:99:2f:eb:58:c5:a1:ef:bb:12:80:51:ef:30:68:
         c4:6d:e3:36:84:5f:d5:5e:ad:52:0c:68:68:f6:56:a3:cc:c9:
         0a:e8:08:1d
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICMV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOGEx
NDlmNzZkMzk0NDE1MWYwYWRlNGRlNzgzMWQzZDQyY2I2ZThkZjAeFw0yMjAxMjUx
MTQ1NDFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGNmZDNlN2JiYTZlNjM5
ZGIxZWNmZWMwNmRiZTI1ODZhNGYzMzYzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdiscpUUNxsPDVF+QZLFuSd+QfhWzOP3pfBM737Z2eOqhWumpF
I/J2ky+TloMyG4iOEdy/vURlYtt6vLYTtGOESKTkMwQsdSfP3zSOVcSpH4HmL7WB
R8xTFuKMWzpbblIB5Uj64FaIHWXH4vlv0mEtJhH6HcNohTLIewOYuh4ylKN+oL8H
G93+5i4RR8JKcOkLsVduK47OLlaYoJ8gQKscH9Qns7f1U9EpxtEtZppPGPeazzLl
lZYn0+pX5YiamBG4J+w5NEpsVodZ6jn22JPqFEOZyIBpduO9DhCiBQexeSBS4Zw/
83d3WWAdbUFHom1YXUefzDqjml87pICbENChAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUz9Pnu6bmOdsez+wG2+JYak8zYzIwHwYDVR0jBBgwFoAUihSfdtOUQVHwreTe
eDHT1Cy26N8wDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9p
aFNmZHRPVVFWSHdyZVRlZURIVDFDeTI2TjguY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzc0LzljMzU4ZS1mZjgyLTRhNTItYmRjNC1iZmQyN2U4NjZhZWYvMS96
OVBudTZibU9kc2V6LXdHMi1KWWFrOHpZekkucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0Lzlj
MzU4ZS1mZjgyLTRhNTItYmRjNC1iZmQyN2U4NjZhZWYvMS9paFNmZHRPVVFWSHdy
ZVRlZURIVDFDeTI2TjguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb1YowDQYJKoZIhvcNAQELBQADggEB
ABqEjbhGmPgo2WGPaXchYbfRV6vPFqj70rk0cDvy+Ht+TO0KM/2yejFN9DnYRFtg
u3pD5NAuzd97JGU2s+yPpwY++xHXmoQ1s7IvAPD0oIQhWjBIJT3CUs6Aoymhk754
eLdL9O5ly0eLLQRyel337eXyCLPvKhO0gEw9B4WRTevBIQiF86azmQCoxodKJE49
nGWXArW7vatwuQgm1XcP9ILZLBceP76LaCe5m2Zj0xl+eeEBr37yN/fYRq87ozId
MXcLBvuntmE3yTVsW9Qt0IyLz7ttrhXmhtMgf+KZL+tYxaHvuxKAUe8waMRt4zaE
X9VerVIMaGj2VqPMyQroCB0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:07 2024 by rpki-client on console-ams.rpki-client.org