Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8cd8ba-a04a-43b9-9807-3f8f8fb83ccf/1/6cqimOZ6Q5vLbZG7JDbY58UldJo.roa
File:                     6cqimOZ6Q5vLbZG7JDbY58UldJo.roa (raw, json)
Hash identifier:          ihgKn3kmuWgB08PaCyjnFjQCtj0pr7G/EnnD0LU65m4=
Subject key identifier:   E9:CA:A2:98:E6:7A:43:9B:CB:6D:91:BB:24:36:D8:E7:C5:25:74:9A
Certificate issuer:       /CN=b59d9d0c28ef47fe4142ea51905587172cb03306
Certificate serial:       5795B1
Authority key identifier: B5:9D:9D:0C:28:EF:47:FE:41:42:EA:51:90:55:87:17:2C:B0:33:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZ2dDCjvR_5BQupRkFWHFyywMwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/8cd8ba-a04a-43b9-9807-3f8f8fb83ccf/1/6cqimOZ6Q5vLbZG7JDbY58UldJo.roa
Signing time:             Sat 01 Jan 2022 03:01:34 +0000
ROA not before:           Sat 01 Jan 2022 03:01:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        2a11:ed40::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5739953 (0x5795b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b59d9d0c28ef47fe4142ea51905587172cb03306
        Validity
            Not Before: Jan  1 03:01:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9caa298e67a439bcb6d91bb2436d8e7c525749a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ec:d7:a8:0f:07:a9:80:80:c6:0e:84:2a:60:
                    6c:ab:76:03:d7:a3:51:78:b3:0f:f1:39:50:9b:ed:
                    b5:9f:07:45:1a:e4:da:c6:fd:fc:ed:2d:29:ab:8a:
                    a4:2e:99:5b:3a:ca:5a:5d:7f:65:b1:9b:28:f3:7b:
                    58:f8:7e:0d:0b:eb:c7:4f:e9:1a:a6:5b:d0:68:a5:
                    c1:5a:a5:d4:20:b2:21:8f:c3:e8:82:05:58:ea:5f:
                    37:ce:6e:4a:bf:2f:f3:2a:f4:1a:08:e5:3e:62:3d:
                    69:3a:b5:94:28:a5:57:6f:7e:dd:51:90:57:e2:99:
                    46:86:28:65:3d:38:33:cc:2c:70:9a:13:1e:42:27:
                    0e:f1:a9:9f:98:47:30:c4:73:31:8a:1d:f3:42:11:
                    45:7f:b9:e3:7f:cf:2b:b2:b9:e8:35:c9:8e:28:b1:
                    dd:11:08:b3:f9:dc:fa:28:1f:b9:50:0b:cc:f4:ab:
                    73:35:ec:35:1f:c8:d3:cd:b4:84:f6:df:7f:87:0c:
                    d4:82:0a:26:04:f3:35:b8:59:d4:22:bd:da:60:ff:
                    74:0c:40:7b:62:39:03:1b:cd:de:40:e7:cf:60:c9:
                    da:53:4b:bb:43:86:a7:18:ad:9e:77:fb:39:b0:ee:
                    72:83:a9:d4:e6:12:cf:22:4e:b1:3c:ad:c7:66:25:
                    04:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:CA:A2:98:E6:7A:43:9B:CB:6D:91:BB:24:36:D8:E7:C5:25:74:9A
            X509v3 Authority Key Identifier:
                keyid:B5:9D:9D:0C:28:EF:47:FE:41:42:EA:51:90:55:87:17:2C:B0:33:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZ2dDCjvR_5BQupRkFWHFyywMwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8cd8ba-a04a-43b9-9807-3f8f8fb83ccf/1/6cqimOZ6Q5vLbZG7JDbY58UldJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8cd8ba-a04a-43b9-9807-3f8f8fb83ccf/1/tZ2dDCjvR_5BQupRkFWHFyywMwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:ed40::/29

    Signature Algorithm: sha256WithRSAEncryption
         99:0a:07:c3:23:a4:67:e2:57:27:56:81:29:93:df:1c:53:7c:
         01:4a:99:4b:7a:59:e1:50:e9:e2:43:d8:f0:42:22:49:f0:fa:
         fb:d3:fe:88:2b:d2:49:2a:af:89:3d:be:90:9f:1f:d4:06:94:
         2a:68:40:6c:fb:e3:73:86:44:5d:08:f5:ff:ba:32:52:69:3f:
         60:20:b6:bb:ef:ed:b3:fe:2d:b6:e0:67:93:19:84:7d:cc:b1:
         a7:91:df:cb:53:e9:34:c6:75:eb:d6:65:a1:3b:0f:1e:ac:c4:
         9d:87:62:a0:c5:e9:e3:eb:d3:f5:03:28:51:94:b2:d0:68:f4:
         55:0f:08:4b:d1:f9:b6:39:4d:50:56:09:59:ac:19:e9:4c:05:
         c6:ae:79:00:8e:d0:af:58:68:cc:a3:c1:7a:8d:44:ee:19:c8:
         ba:82:14:8a:75:40:bb:7b:74:22:82:bb:37:c9:57:87:60:fb:
         3a:89:71:f3:28:a0:0e:d6:5c:38:60:26:76:74:00:43:39:04:
         3b:1d:18:7c:00:01:55:5b:ad:59:5a:dc:c1:12:8d:97:9b:ae:
         8b:4a:95:26:4a:25:7f:12:c5:7b:a6:ab:dc:1e:c6:ae:85:f7:
         3c:0d:7b:c6:33:94:29:2b:03:0f:d2:49:d3:03:97:b7:56:e6:
         19:b9:39:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDV5WxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI1
OWQ5ZDBjMjhlZjQ3ZmU0MTQyZWE1MTkwNTU4NzE3MmNiMDMzMDYwHhcNMjIwMTAx
MDMwMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlOWNhYTI5OGU2N2E0
MzliY2I2ZDkxYmIyNDM2ZDhlN2M1MjU3NDlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArOzXqA8HqYCAxg6EKmBsq3YD16NReLMP8TlQm+21nwdFGuTa
xv387S0pq4qkLplbOspaXX9lsZso83tY+H4NC+vHT+kaplvQaKXBWqXUILIhj8Po
ggVY6l83zm5Kvy/zKvQaCOU+Yj1pOrWUKKVXb37dUZBX4plGhihlPTgzzCxwmhMe
QicO8amfmEcwxHMxih3zQhFFf7njf88rsrnoNcmOKLHdEQiz+dz6KB+5UAvM9Ktz
New1H8jTzbSE9t9/hwzUggomBPM1uFnUIr3aYP90DEB7YjkDG83eQOfPYMnaU0u7
Q4anGK2ed/s5sO5yg6nU5hLPIk6xPK3HZiUEawIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFOnKopjmekOby22RuyQ22OfFJXSaMB8GA1UdIwQYMBaAFLWdnQwo70f+QULq
UZBVhxcssDMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dFoyZERDanZSXzVCUXVwUmtGV0hGeXl3TXdZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83NS84Y2Q4YmEtYTA0YS00M2I5LTk4MDctM2Y4ZjhmYjgzY2NmLzEv
NmNxaW1PWjZRNXZMYlpHN0pEYlk1OFVsZEpvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84
Y2Q4YmEtYTA0YS00M2I5LTk4MDctM2Y4ZjhmYjgzY2NmLzEvdFoyZERDanZSXzVC
UXVwUmtGV0hGeXl3TXdZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHtQDANBgkqhkiG9w0BAQsFAAOC
AQEAmQoHwyOkZ+JXJ1aBKZPfHFN8AUqZS3pZ4VDp4kPY8EIiSfD6+9P+iCvSSSqv
iT2+kJ8f1AaUKmhAbPvjc4ZEXQj1/7oyUmk/YCC2u+/ts/4ttuBnkxmEfcyxp5Hf
y1PpNMZ169ZloTsPHqzEnYdioMXp4+vT9QMoUZSy0Gj0VQ8IS9H5tjlNUFYJWawZ
6UwFxq55AI7Qr1hozKPBeo1E7hnIuoIUinVAu3t0IoK7N8lXh2D7Oolx8yigDtZc
OGAmdnQAQzkEOx0YfAABVVutWVrcwRKNl5uui0qVJkolfxLFe6ar3B7GroX3PA17
xjOUKSsDD9JJ0wOXt1bmGbk5Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:16 2024 by rpki-client on console-ams.rpki-client.org