Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/ac531f-49a8-4ccf-a1ab-7b14735ee234/1/dA2J5oBV8OknR0Eby_KqBkrYN-U.roa
File:                     dA2J5oBV8OknR0Eby_KqBkrYN-U.roa (raw, json)
Hash identifier:          yjAA7cIUz7S3IctNlDJu5Ipyzr5Eccdwc2ZGbxt1IoY=
Subject key identifier:   74:0D:89:E6:80:55:F0:E9:27:47:41:1B:CB:F2:AA:06:4A:D8:37:E5
Certificate issuer:       /CN=445cb7e2560de294a49a6370f742589ddcbcde74
Certificate serial:       01882086771674A6D456D861422C039CB1BB
Authority key identifier: 44:5C:B7:E2:56:0D:E2:94:A4:9A:63:70:F7:42:58:9D:DC:BC:DE:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFy34lYN4pSkmmNw90JYndy83nQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/ac531f-49a8-4ccf-a1ab-7b14735ee234/1/dA2J5oBV8OknR0Eby_KqBkrYN-U.roa
Signing time:             Mon 15 May 2023 17:47:43 +0000
ROA not before:           Mon 15 May 2023 17:47:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7393
IP address blocks:        146.19.221.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:20:86:77:16:74:a6:d4:56:d8:61:42:2c:03:9c:b1:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=445cb7e2560de294a49a6370f742589ddcbcde74
        Validity
            Not Before: May 15 17:47:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=740d89e68055f0e92747411bcbf2aa064ad837e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:69:d0:0c:1d:f5:95:6e:16:ad:dd:13:8c:23:
                    99:e8:5e:a0:77:02:a4:67:9a:8d:6d:a0:f3:16:44:
                    37:50:3f:a8:3a:24:cc:1a:7a:b4:b2:c9:c5:fb:3b:
                    59:1a:06:de:bd:0d:22:be:d6:c7:1a:43:2d:ee:81:
                    dc:0f:93:01:69:ac:a1:3e:34:c9:c1:77:57:c1:9f:
                    3f:9a:78:6f:84:43:22:31:02:4d:a2:e5:e7:6c:39:
                    d5:b7:a7:9d:11:90:1e:c9:44:7a:9d:f5:5e:af:1b:
                    0f:39:9c:5e:51:64:0b:ff:e0:65:e1:9a:79:33:8a:
                    66:13:6d:9e:df:6c:73:4b:53:95:96:cd:d1:9c:1e:
                    b5:df:68:20:2b:26:e2:25:1a:40:05:f3:af:0d:13:
                    59:7a:81:f9:aa:e2:69:c4:b7:64:76:f9:df:26:99:
                    0c:06:d1:0b:22:31:5c:58:1d:c9:5a:71:c1:ed:c7:
                    32:d9:40:41:35:e6:c8:27:34:c8:28:a8:be:c2:9a:
                    f2:4b:f2:70:96:34:59:ea:e6:5b:3b:c9:81:8b:aa:
                    4a:01:4f:6e:ad:ca:5f:34:ed:b4:01:2e:d0:2b:f9:
                    57:9b:eb:13:21:b3:10:a1:85:1e:4d:21:c6:69:05:
                    29:74:b3:1a:0b:fc:b4:bd:de:61:b6:45:58:0d:ea:
                    1f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:0D:89:E6:80:55:F0:E9:27:47:41:1B:CB:F2:AA:06:4A:D8:37:E5
            X509v3 Authority Key Identifier:
                keyid:44:5C:B7:E2:56:0D:E2:94:A4:9A:63:70:F7:42:58:9D:DC:BC:DE:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFy34lYN4pSkmmNw90JYndy83nQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/ac531f-49a8-4ccf-a1ab-7b14735ee234/1/dA2J5oBV8OknR0Eby_KqBkrYN-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/ac531f-49a8-4ccf-a1ab-7b14735ee234/1/RFy34lYN4pSkmmNw90JYndy83nQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:f6:16:d7:dc:69:24:d7:07:2e:d5:c9:c3:10:aa:ea:52:24:
         db:5b:1c:77:28:e6:12:cb:06:c3:14:c8:53:7e:96:db:b2:d0:
         db:d7:1f:1f:ff:ce:0c:31:e7:86:dd:b4:2f:c2:2b:8c:fd:8b:
         35:9e:91:c7:85:68:c8:df:37:48:78:81:9e:d2:5a:43:1c:d0:
         32:c8:1d:ca:a9:b8:96:6d:0b:fb:2b:b7:50:23:f3:65:b3:7d:
         e1:9d:9b:11:a7:21:dd:6e:75:24:d7:00:77:48:9f:62:e3:81:
         bc:d2:cf:88:17:b2:11:25:16:b6:74:53:60:d5:fc:4e:1b:ce:
         53:28:4c:36:de:31:0a:67:91:dd:27:84:26:ac:b5:21:62:1b:
         87:fe:49:3c:ee:45:18:b6:2c:ed:d6:c2:ff:59:6b:c4:cd:50:
         07:91:0b:d5:31:65:f3:a4:38:fe:27:57:0e:0d:e9:5a:05:18:
         2d:ce:6c:e2:a9:5e:97:df:f0:88:34:1a:3f:a8:c2:0b:11:e8:
         59:13:da:85:2a:99:1f:d2:1b:18:4f:c0:4b:ea:d6:35:c9:7b:
         6e:54:ec:42:8e:eb:67:cb:ec:eb:b4:65:f2:4d:47:43:8e:5b:
         9d:2f:9b:f6:35:92:c3:4d:2f:dc:c4:87:8f:7b:ef:44:ca:36:
         9e:61:5a:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgghncWdKbUVthhQiwDnLG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NWNiN2UyNTYwZGUyOTRhNDlhNjM3MGY3NDI1ODlkZGNi
Y2RlNzQwHhcNMjMwNTE1MTc0NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBkODllNjgwNTVmMGU5Mjc0NzQxMWJjYmYyYWEwNjRhZDgzN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2nQDB31lW4Wrd0TjCOZ6F6gdwKk
Z5qNbaDzFkQ3UD+oOiTMGnq0ssnF+ztZGgbevQ0ivtbHGkMt7oHcD5MBaayhPjTJ
wXdXwZ8/mnhvhEMiMQJNouXnbDnVt6edEZAeyUR6nfVerxsPOZxeUWQL/+Bl4Zp5
M4pmE22e32xzS1OVls3RnB6132ggKybiJRpABfOvDRNZeoH5quJpxLdkdvnfJpkM
BtELIjFcWB3JWnHB7ccy2UBBNebIJzTIKKi+wpryS/JwljRZ6uZbO8mBi6pKAU9u
rcpfNO20AS7QK/lXm+sTIbMQoYUeTSHGaQUpdLMaC/y0vd5htkVYDeof7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQNieaAVfDpJ0dBG8vyqgZK2DflMB8GA1UdIwQY
MBaAFERct+JWDeKUpJpjcPdCWJ3cvN50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZ5MzRsWU40cFNrbW1OdzkwSlluZHk4M25RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hYzUzMWYtNDlhOC00Y2NmLWExYWIt
N2IxNDczNWVlMjM0LzEvZEEySjVvQlY4T2tuUjBFYnlfS3FCa3JZTi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hYzUzMWYtNDlhOC00Y2NmLWExYWItN2IxNDczNWVlMjM0
LzEvUkZ5MzRsWU40cFNrbW1OdzkwSlluZHk4M25RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPdMA0G
CSqGSIb3DQEBCwUAA4IBAQAX9hbX3Gkk1wcu1cnDEKrqUiTbWxx3KOYSywbDFMhT
fpbbstDb1x8f/84MMeeG3bQvwiuM/Ys1npHHhWjI3zdIeIGe0lpDHNAyyB3KqbiW
bQv7K7dQI/Nls33hnZsRpyHdbnUk1wB3SJ9i44G80s+IF7IRJRa2dFNg1fxOG85T
KEw23jEKZ5HdJ4QmrLUhYhuH/kk87kUYtizt1sL/WWvEzVAHkQvVMWXzpDj+J1cO
DelaBRgtzmziqV6X3/CINBo/qMILEehZE9qFKpkf0hsYT8BL6tY1yXtuVOxCjutn
y+zrtGXyTUdDjludL5v2NZLDTS/cxIePe+9EyjaeYVqq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:28 2024 by rpki-client on console-ams.rpki-client.org