Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/MYNwp8wII-HnRCmEEN2fSJo33tI.roa
File:                     MYNwp8wII-HnRCmEEN2fSJo33tI.roa (raw, json)
Hash identifier:          q0/mAVGgYyMnqZPIADmr2rh94aze3oLmTvNxYhZeRtA=
Subject key identifier:   31:83:70:A7:CC:08:23:E1:E7:44:29:84:10:DD:9F:48:9A:37:DE:D2
Certificate issuer:       /CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
Certificate serial:       0187FD04980DB151BD774CB84637D52361C1
Authority key identifier: 03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/MYNwp8wII-HnRCmEEN2fSJo33tI.roa
Signing time:             Mon 08 May 2023 20:19:09 +0000
ROA not before:           Mon 08 May 2023 20:19:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36369
IP address blocks:        2a11:a100::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fd:04:98:0d:b1:51:bd:77:4c:b8:46:37:d5:23:61:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
        Validity
            Not Before: May  8 20:19:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=318370a7cc0823e1e744298410dd9f489a37ded2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:da:3d:e5:39:0a:68:87:bb:d3:03:94:5d:9d:
                    56:e2:5f:34:fa:fd:bd:1a:f9:b6:4b:a9:7a:ec:23:
                    e7:6b:6d:bc:b8:02:b1:37:cc:60:4f:7b:51:60:ba:
                    73:79:6e:58:38:5e:19:82:ad:4c:65:91:a2:23:9a:
                    d7:17:ff:69:df:2c:c2:a3:f9:0a:2f:b8:17:71:ad:
                    33:01:2b:a6:8d:bb:40:25:af:b0:e2:d0:33:24:e9:
                    78:24:b4:f3:70:48:d9:6b:2c:8b:48:7a:c8:8b:fd:
                    85:85:01:42:05:ec:5c:f9:0c:a0:a7:72:68:dd:da:
                    80:69:39:14:8c:b7:12:ad:9f:14:97:17:1f:db:83:
                    96:d6:16:9b:9c:24:cd:04:2f:8d:39:60:73:78:2a:
                    ca:db:c5:47:a1:46:26:d3:96:9d:63:d8:1a:bf:ec:
                    b7:23:67:fb:1a:cb:9e:ed:fb:85:4f:5c:30:b8:dc:
                    f6:57:63:2a:06:94:da:54:f1:87:d0:de:52:bc:c9:
                    e3:65:4b:31:51:67:d4:d1:c8:01:6a:a5:34:fd:5b:
                    5b:c4:d0:03:61:18:26:c4:94:89:cc:66:8a:ef:a8:
                    6c:06:80:53:09:71:b4:16:37:78:8a:cc:ef:0b:e8:
                    82:e5:98:7a:37:f2:50:17:4b:0b:f1:fe:67:e5:0e:
                    8f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:83:70:A7:CC:08:23:E1:E7:44:29:84:10:DD:9F:48:9A:37:DE:D2
            X509v3 Authority Key Identifier:
                keyid:03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/MYNwp8wII-HnRCmEEN2fSJo33tI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/A0Usnb_J5Bk8flXg0gFlaNlGUoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:a100::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:60:59:47:ea:9c:c1:50:9d:68:d0:3b:a0:56:5f:9d:52:b3:
         df:a3:8c:c0:ef:a7:4b:e2:0a:2d:b2:b0:de:85:ff:b7:78:fc:
         6c:d8:c8:b5:97:b5:56:c5:91:28:92:12:48:e8:d5:7e:c7:7e:
         ef:a6:5f:d0:f8:68:96:bf:fe:dd:e5:27:70:0e:fd:00:bf:69:
         07:0d:d2:46:5c:c4:0f:32:9f:36:f4:7a:41:2d:ba:c9:2e:32:
         d7:e4:c0:1f:4d:c2:58:87:85:fa:43:f4:c5:c0:bd:17:60:ca:
         c8:c6:5f:b1:1d:a9:e4:ba:58:48:07:3c:e1:80:16:61:6e:33:
         5a:d8:eb:31:a0:78:5a:e5:5e:de:75:47:99:91:d6:b3:a2:50:
         f2:19:d9:a7:46:de:e8:66:0a:28:e4:a8:01:11:3f:08:91:ca:
         bb:fc:43:9d:da:bb:d7:36:11:c5:4c:eb:95:61:d2:8b:1f:59:
         ea:79:65:54:23:15:17:b8:d5:b0:b7:cf:74:8f:e9:25:6e:78:
         1c:3b:70:a6:c2:60:cc:2c:21:57:2f:0f:e2:27:d9:41:0a:68:
         6d:4e:45:22:82:3c:09:c8:e8:d1:66:87:12:a5:c3:f1:22:64:
         55:74:5d:9f:e9:99:05:46:67:32:9d:13:78:17:65:24:f0:cd:
         95:9c:2d:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYf9BJgNsVG9d0y4RjfVI2HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNDUyYzlkYmZjOWU0MTkzYzdlNTVlMGQyMDE2NTY4ZDk0
NjUyODUwHhcNMjMwNTA4MjAxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgzNzBhN2NjMDgyM2UxZTc0NDI5ODQxMGRkOWY0ODlhMzdkZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9o95TkKaIe70wOUXZ1W4l80+v29
Gvm2S6l67CPna228uAKxN8xgT3tRYLpzeW5YOF4Zgq1MZZGiI5rXF/9p3yzCo/kK
L7gXca0zASumjbtAJa+w4tAzJOl4JLTzcEjZayyLSHrIi/2FhQFCBexc+Qygp3Jo
3dqAaTkUjLcSrZ8Ulxcf24OW1habnCTNBC+NOWBzeCrK28VHoUYm05adY9gav+y3
I2f7Gsue7fuFT1wwuNz2V2MqBpTaVPGH0N5SvMnjZUsxUWfU0cgBaqU0/VtbxNAD
YRgmxJSJzGaK76hsBoBTCXG0Fjd4iszvC+iC5Zh6N/JQF0sL8f5n5Q6P9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDGDcKfMCCPh50QphBDdn0iaN97SMB8GA1UdIwQY
MBaAFANFLJ2/yeQZPH5V4NIBZWjZRlKFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTBVc25iX0o1Qms4ZmxYZzBnRmxhTmxHVW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81ZmRkY2ItNjMyZC00MzllLWFhNjkt
ZDNlZTk4ZmMyNzc2LzEvTVlOd3A4d0lJLUhuUkNtRUVOMmZTSm8zM3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC81ZmRkY2ItNjMyZC00MzllLWFhNjktZDNlZTk4ZmMyNzc2
LzEvQTBVc25iX0o1Qms4ZmxYZzBnRmxhTmxHVW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGhADAN
BgkqhkiG9w0BAQsFAAOCAQEAk2BZR+qcwVCdaNA7oFZfnVKz36OMwO+nS+IKLbKw
3oX/t3j8bNjItZe1VsWRKJISSOjVfsd+76Zf0Pholr/+3eUncA79AL9pBw3SRlzE
DzKfNvR6QS26yS4y1+TAH03CWIeF+kP0xcC9F2DKyMZfsR2p5LpYSAc84YAWYW4z
WtjrMaB4WuVe3nVHmZHWs6JQ8hnZp0be6GYKKOSoARE/CJHKu/xDndq71zYRxUzr
lWHSix9Z6nllVCMVF7jVsLfPdI/pJW54HDtwpsJgzCwhVy8P4ifZQQpobU5FIoI8
Ccjo0WaHEqXD8SJkVXRdn+mZBUZnMp0TeBdlJPDNlZwtSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org