Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/97d5c7-935c-41da-9991-cd4b2a1d79aa/1/NnONpgfiIrdbq0rr7uWjf306vUg.roa
File:                     NnONpgfiIrdbq0rr7uWjf306vUg.roa (raw, json)
Hash identifier:          fR3hxMCWiwfdYm2Y0C6btv5JcgFpfflv+vEFej/Y6Jo=
Subject key identifier:   36:73:8D:A6:07:E2:22:B7:5B:AB:4A:EB:EE:E5:A3:7F:7D:3A:BD:48
Certificate issuer:       /CN=29a79f3c68bff45d216032f99272908f4eb8ec60
Certificate serial:       01857094F8BE39FCEAB68CA20DE68CEF854F
Authority key identifier: 29:A7:9F:3C:68:BF:F4:5D:21:60:32:F9:92:72:90:8F:4E:B8:EC:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KaefPGi_9F0hYDL5knKQj0647GA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/97d5c7-935c-41da-9991-cd4b2a1d79aa/1/NnONpgfiIrdbq0rr7uWjf306vUg.roa
Signing time:             Mon 02 Jan 2023 03:44:49 +0000
ROA not before:           Mon 02 Jan 2023 03:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        91.246.57.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:f8:be:39:fc:ea:b6:8c:a2:0d:e6:8c:ef:85:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29a79f3c68bff45d216032f99272908f4eb8ec60
        Validity
            Not Before: Jan  2 03:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36738da607e222b75bab4aebeee5a37f7d3abd48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:35:f3:11:54:8d:5c:70:b0:8e:cb:89:9a:d7:
                    98:e9:99:8a:05:2d:b2:99:7c:bd:e8:21:1a:88:3d:
                    02:80:a3:b8:65:3e:25:a2:0f:0b:89:72:1e:06:78:
                    4c:e7:b9:a2:95:c6:db:87:a5:30:dc:3c:2a:ff:0c:
                    20:cd:4b:89:0d:c3:85:8c:63:19:92:e9:a6:6d:f0:
                    ae:81:6a:1f:07:20:aa:8a:d0:6f:d9:76:26:ee:23:
                    1d:dd:14:05:04:28:90:9c:21:a3:42:07:ca:5d:7c:
                    3e:4e:21:61:da:2c:41:32:f6:14:a7:27:2d:e8:6a:
                    e7:c1:88:b2:26:77:a1:0a:7a:26:7a:e4:c5:2a:d9:
                    9f:f6:ce:a2:21:12:5f:d0:d4:ce:20:2a:77:e4:29:
                    53:58:33:d5:77:4c:54:b7:9a:0f:85:97:48:ef:90:
                    05:2d:58:a9:49:6c:1f:a2:d0:9c:84:57:db:ec:aa:
                    4e:50:f7:1a:e4:fa:99:9e:bc:23:54:bd:0d:aa:63:
                    44:d4:81:5e:e7:ce:a0:a0:d3:09:70:e0:2c:e2:aa:
                    e8:2a:cb:b8:31:6e:6f:f3:da:90:1e:e7:d8:5d:d3:
                    8f:43:8c:e1:ac:1d:24:e3:32:82:b5:d8:b8:d0:1f:
                    61:f7:00:2d:c8:48:13:fc:bc:3c:61:c1:90:2d:40:
                    c4:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:73:8D:A6:07:E2:22:B7:5B:AB:4A:EB:EE:E5:A3:7F:7D:3A:BD:48
            X509v3 Authority Key Identifier:
                keyid:29:A7:9F:3C:68:BF:F4:5D:21:60:32:F9:92:72:90:8F:4E:B8:EC:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KaefPGi_9F0hYDL5knKQj0647GA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/97d5c7-935c-41da-9991-cd4b2a1d79aa/1/NnONpgfiIrdbq0rr7uWjf306vUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/97d5c7-935c-41da-9991-cd4b2a1d79aa/1/KaefPGi_9F0hYDL5knKQj0647GA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:85:17:b1:fb:a0:46:d6:1b:f6:84:d5:3b:7e:ff:ad:9e:dc:
         8c:6c:da:0e:56:b2:1a:69:79:df:25:17:0a:c4:52:a5:87:7b:
         c0:d6:09:4c:63:8e:d2:84:0d:2d:69:2e:03:e7:89:94:40:a1:
         57:2f:0f:9a:40:a6:80:80:5f:54:7a:90:41:3d:0a:ef:7a:cc:
         b8:ad:a4:f4:fb:8c:04:e3:d5:c7:6e:4f:1f:ab:84:dd:5c:e8:
         3d:18:8a:32:3f:e4:24:72:2e:aa:60:c0:17:21:33:11:02:74:
         35:1c:05:84:41:fc:ab:28:a4:6d:04:35:fe:ea:da:1f:35:df:
         a6:fe:f4:f1:e0:37:7e:b0:cf:aa:17:de:83:24:be:3e:49:89:
         f7:dc:44:12:ff:52:f2:1b:30:24:fd:eb:e5:2b:b3:13:40:50:
         39:f9:18:41:2d:c2:32:22:15:dd:81:c7:c1:16:4a:60:c4:7d:
         30:24:dd:c4:f9:51:23:02:ac:8e:74:d8:64:5a:5c:71:24:fc:
         08:9d:c6:d6:d6:1c:01:79:4d:24:59:d1:44:8c:b9:8f:e1:ba:
         ab:76:12:bc:7b:10:6e:13:ef:2b:c9:e0:66:46:33:9d:fc:5a:
         38:e1:af:50:55:0a:62:9c:f7:53:e3:75:10:f0:c4:83:42:1d:
         c5:8c:ec:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlPi+OfzqtoyiDeaM74VPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTc5ZjNjNjhiZmY0NWQyMTYwMzJmOTkyNzI5MDhmNGVi
OGVjNjAwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjczOGRhNjA3ZTIyMmI3NWJhYjRhZWJlZWU1YTM3ZjdkM2FiZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTXzEVSNXHCwjsuJmteY6ZmKBS2y
mXy96CEaiD0CgKO4ZT4log8LiXIeBnhM57milcbbh6Uw3Dwq/wwgzUuJDcOFjGMZ
kummbfCugWofByCqitBv2XYm7iMd3RQFBCiQnCGjQgfKXXw+TiFh2ixBMvYUpyct
6GrnwYiyJnehCnomeuTFKtmf9s6iIRJf0NTOICp35ClTWDPVd0xUt5oPhZdI75AF
LVipSWwfotCchFfb7KpOUPca5PqZnrwjVL0NqmNE1IFe586goNMJcOAs4qroKsu4
MW5v89qQHufYXdOPQ4zhrB0k4zKCtdi40B9h9wAtyEgT/Lw8YcGQLUDEYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZzjaYH4iK3W6tK6+7lo399Or1IMB8GA1UdIwQY
MBaAFCmnnzxov/RdIWAy+ZJykI9OuOxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FlZlBHaV85RjBoWURMNWtuS1FqMDY0N0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85N2Q1YzctOTM1Yy00MWRhLTk5OTEt
Y2Q0YjJhMWQ3OWFhLzEvTm5PTnBnZmlJcmRicTBycjd1V2pmMzA2dlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85N2Q1YzctOTM1Yy00MWRhLTk5OTEtY2Q0YjJhMWQ3OWFh
LzEvS2FlZlBHaV85RjBoWURMNWtuS1FqMDY0N0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/Y5MA0G
CSqGSIb3DQEBCwUAA4IBAQA1hRex+6BG1hv2hNU7fv+tntyMbNoOVrIaaXnfJRcK
xFKlh3vA1glMY47ShA0taS4D54mUQKFXLw+aQKaAgF9UepBBPQrvesy4raT0+4wE
49XHbk8fq4TdXOg9GIoyP+Qkci6qYMAXITMRAnQ1HAWEQfyrKKRtBDX+6tofNd+m
/vTx4Dd+sM+qF96DJL4+SYn33EQS/1LyGzAk/evlK7MTQFA5+RhBLcIyIhXdgcfB
FkpgxH0wJN3E+VEjAqyOdNhkWlxxJPwIncbW1hwBeU0kWdFEjLmP4bqrdhK8exBu
E+8ryeBmRjOd/Fo44a9QVQpinPdT43UQ8MSDQh3FjOxz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org