Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3fc2fb-d24e-41cc-835b-91f3e38d0535/1/cdKZR2eTmrI6zLm1GP8Dg73KlWk.roa
File:                     cdKZR2eTmrI6zLm1GP8Dg73KlWk.roa (raw, json)
Hash identifier:          BQ8XpNraMxtFMfISEp0DUFa6EsQnIHqs4NWdkpsnrlw=
Subject key identifier:   71:D2:99:47:67:93:9A:B2:3A:CC:B9:B5:18:FF:03:83:BD:CA:95:69
Certificate issuer:       /CN=a518fe89f78527304023f8c5f05ab2e3a3d6d9f2
Certificate serial:       9C6163
Authority key identifier: A5:18:FE:89:F7:85:27:30:40:23:F8:C5:F0:5A:B2:E3:A3:D6:D9:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pRj-ifeFJzBAI_jF8Fqy46PW2fI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/3fc2fb-d24e-41cc-835b-91f3e38d0535/1/cdKZR2eTmrI6zLm1GP8Dg73KlWk.roa
Signing time:             Sat 01 Jan 2022 03:54:04 +0000
ROA not before:           Sat 01 Jan 2022 03:54:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        176.126.101.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10248547 (0x9c6163)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a518fe89f78527304023f8c5f05ab2e3a3d6d9f2
        Validity
            Not Before: Jan  1 03:54:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=71d2994767939ab23accb9b518ff0383bdca9569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e5:b1:5b:ca:aa:ea:03:c7:08:af:89:dc:af:
                    cd:0e:fe:0d:be:63:91:cd:b4:47:09:00:7d:d8:3e:
                    33:08:31:37:ec:95:29:57:a3:07:ca:d3:78:63:f5:
                    dc:a4:bb:d6:6e:2f:ac:c4:b1:6c:bb:d1:72:ae:ee:
                    28:20:57:b4:ff:9f:65:65:f9:42:6e:92:0f:38:bf:
                    f8:64:bc:19:8c:39:72:a3:df:76:c7:76:04:10:62:
                    5a:d6:f6:0b:95:63:bf:b4:c8:85:e0:f4:ca:63:c2:
                    a0:cb:ad:e6:f1:3c:bc:b5:06:5c:9f:f7:27:cd:8f:
                    29:bd:48:ec:2f:89:d5:55:99:85:4a:f6:3c:4f:53:
                    59:cd:b8:1d:e6:08:50:5d:35:b6:2e:6e:14:7d:23:
                    7f:ee:eb:1e:38:99:d8:d2:8d:57:6e:e6:98:db:8e:
                    e9:32:d2:8d:5f:e0:63:4b:18:79:53:87:1d:ae:d9:
                    03:d8:dc:e5:02:ec:cb:86:f6:e1:6d:07:b2:f1:ce:
                    76:91:8f:c5:30:6e:b5:33:6e:78:1c:38:4d:08:a6:
                    25:95:48:fb:ec:de:0c:a4:e5:2b:21:cd:76:40:5c:
                    c1:84:e1:ba:e8:e5:64:8e:fd:66:5f:4b:fa:74:84:
                    e9:48:7f:24:ea:47:77:1d:5e:2b:fe:98:2e:2c:9a:
                    db:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D2:99:47:67:93:9A:B2:3A:CC:B9:B5:18:FF:03:83:BD:CA:95:69
            X509v3 Authority Key Identifier:
                keyid:A5:18:FE:89:F7:85:27:30:40:23:F8:C5:F0:5A:B2:E3:A3:D6:D9:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRj-ifeFJzBAI_jF8Fqy46PW2fI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3fc2fb-d24e-41cc-835b-91f3e38d0535/1/cdKZR2eTmrI6zLm1GP8Dg73KlWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3fc2fb-d24e-41cc-835b-91f3e38d0535/1/pRj-ifeFJzBAI_jF8Fqy46PW2fI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.126.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:08:53:f1:e1:a9:59:5e:15:29:e1:67:ce:2c:95:ab:17:3a:
         34:2a:32:97:68:9f:32:e1:a5:2f:38:94:c6:a6:2e:4b:2a:8d:
         a1:34:b7:b1:71:73:8c:93:17:38:ea:c8:33:d3:fd:5e:69:e4:
         69:48:58:4f:ea:d0:69:f1:f8:15:8e:59:fc:17:75:19:3e:dd:
         bf:81:e9:11:e3:28:1d:27:c8:f2:8f:1d:44:03:06:43:35:44:
         3b:9a:49:d7:3c:3b:10:7d:26:0e:c2:65:c4:29:dd:78:e7:6a:
         8c:3d:7f:42:8d:84:83:c5:ce:20:4f:b4:95:50:79:2b:1b:2e:
         5e:67:a0:c1:ed:a3:7f:17:b6:88:10:2f:9c:22:d1:7c:58:3b:
         c2:04:18:8a:3b:90:a9:9d:13:2c:bd:f9:9a:ed:04:90:29:6f:
         22:6e:75:56:af:d6:8b:e7:40:ef:92:fd:5f:90:98:e1:17:50:
         2b:d7:7e:a2:44:50:6b:df:81:83:ff:dc:47:06:8e:ac:9b:da:
         a4:a6:17:ab:eb:51:1f:72:b1:22:f3:bd:d1:58:5f:35:1c:38:
         d5:b0:37:03:3d:a5:d6:77:b6:c0:85:ac:ba:5d:de:c8:6c:f9:
         1d:06:62:68:a5:34:f1:c5:5d:9b:55:b9:ca:95:71:fa:ce:f9:
         99:bb:01:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJxhYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTE4ZmU4OWY3ODUyNzMwNDAyM2Y4YzVmMDVhYjJlM2EzZDZkOWYyMB4XDTIyMDEw
MTAzNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFkMjk5NDc2Nzkz
OWFiMjNhY2NiOWI1MThmZjAzODNiZGNhOTU2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHlsVvKquoDxwividyvzQ7+Db5jkc20RwkAfdg+MwgxN+yV
KVejB8rTeGP13KS71m4vrMSxbLvRcq7uKCBXtP+fZWX5Qm6SDzi/+GS8GYw5cqPf
dsd2BBBiWtb2C5Vjv7TIheD0ymPCoMut5vE8vLUGXJ/3J82PKb1I7C+J1VWZhUr2
PE9TWc24HeYIUF01ti5uFH0jf+7rHjiZ2NKNV27mmNuO6TLSjV/gY0sYeVOHHa7Z
A9jc5QLsy4b24W0HsvHOdpGPxTButTNueBw4TQimJZVI++zeDKTlKyHNdkBcwYTh
uujlZI79Zl9L+nSE6Uh/JOpHdx1eK/6YLiya260CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRx0plHZ5OasjrMubUY/wODvcqVaTAfBgNVHSMEGDAWgBSlGP6J94UnMEAj
+MXwWrLjo9bZ8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BSai1pZmVGSnpCQUlfakY4RnF5NDZQVzJmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvM2ZjMmZiLWQyNGUtNDFjYy04MzViLTkxZjNlMzhkMDUzNS8x
L2NkS1pSMmVUbXJJNnpMbTFHUDhEZzczS2xXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
M2ZjMmZiLWQyNGUtNDFjYy04MzViLTkxZjNlMzhkMDUzNS8xL3BSai1pZmVGSnpC
QUlfakY4RnF5NDZQVzJmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB+ZTANBgkqhkiG9w0BAQsFAAOC
AQEAVghT8eGpWV4VKeFnziyVqxc6NCoyl2ifMuGlLziUxqYuSyqNoTS3sXFzjJMX
OOrIM9P9XmnkaUhYT+rQafH4FY5Z/Bd1GT7dv4HpEeMoHSfI8o8dRAMGQzVEO5pJ
1zw7EH0mDsJlxCndeOdqjD1/Qo2Eg8XOIE+0lVB5KxsuXmegwe2jfxe2iBAvnCLR
fFg7wgQYijuQqZ0TLL35mu0EkClvIm51Vq/Wi+dA75L9X5CY4RdQK9d+okRQa9+B
g//cRwaOrJvapKYXq+tRH3KxIvO90VhfNRw41bA3Az2l1ne2wIWsul3eyGz5HQZi
aKU08cVdm1W5ypVx+s75mbsB8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:26 2024 by rpki-client on console-fra.rpki-client.org