Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/ZPy6IGBcMRzJCTednewMgDvr1GU.roa
File:                     ZPy6IGBcMRzJCTednewMgDvr1GU.roa (raw, json)
Hash identifier:          QP/xnPf8hq1ohJGmUPuB2hjD015p7gV4xTwTiyMzeis=
Subject key identifier:   64:FC:BA:20:60:5C:31:1C:C9:09:37:9D:9D:EC:0C:80:3B:EB:D4:65
Certificate issuer:       /CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
Certificate serial:       01A9E499
Authority key identifier: 03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/ZPy6IGBcMRzJCTednewMgDvr1GU.roa
Signing time:             Wed 26 Jan 2022 10:49:04 +0000
ROA not before:           Wed 26 Jan 2022 10:49:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     133973
IP address blocks:        213.232.252.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27911321 (0x1a9e499)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
        Validity
            Not Before: Jan 26 10:49:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64fcba20605c311cc909379d9dec0c803bebd465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:12:ce:27:d1:51:83:e3:88:7f:4c:d6:df:fb:
                    5a:75:b1:1b:a1:2d:c1:55:27:77:97:27:70:4a:7f:
                    6c:7c:11:09:b9:24:fb:b4:7f:1d:9d:99:23:18:8c:
                    61:a1:63:82:d0:00:f4:85:4c:51:91:3c:44:61:83:
                    a5:c4:68:3d:c7:86:79:d3:4b:13:43:54:23:93:45:
                    35:05:92:72:6d:76:be:bc:9c:a4:e9:36:07:7b:6b:
                    99:52:d9:6c:d3:aa:eb:f4:fe:84:0b:bc:98:d6:14:
                    b8:26:da:50:e7:ba:a9:be:bf:7f:dd:b4:ae:a4:06:
                    a2:2a:36:65:cd:e0:5c:a0:c9:97:cc:b0:48:00:3e:
                    49:a2:f0:59:24:1f:c1:fc:49:cf:4a:c0:a8:07:9e:
                    5a:2c:29:9b:57:c8:eb:b7:f2:8e:eb:a3:c3:b9:ee:
                    85:63:52:f1:cd:d8:5b:2a:ce:3f:8d:77:c6:72:1a:
                    c5:84:0f:86:72:6e:3d:c7:50:79:c2:6d:2c:84:b9:
                    0c:a6:78:c2:95:b5:9d:50:3e:13:45:3d:22:6c:81:
                    19:0e:58:78:7f:70:80:24:d3:9f:07:73:be:48:65:
                    0b:78:3a:58:04:37:9c:d3:9b:ec:8a:63:cb:11:3a:
                    13:f3:9e:4f:2b:47:f1:dc:ff:1e:d7:21:54:9f:a1:
                    41:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:FC:BA:20:60:5C:31:1C:C9:09:37:9D:9D:EC:0C:80:3B:EB:D4:65
            X509v3 Authority Key Identifier:
                keyid:03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/ZPy6IGBcMRzJCTednewMgDvr1GU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/A0Usnb_J5Bk8flXg0gFlaNlGUoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:5e:38:62:9b:56:64:37:58:a5:35:7c:a7:97:7d:5c:49:4b:
         a8:e1:bb:bf:3c:9e:43:af:d5:01:a2:35:23:27:5d:ca:49:95:
         d2:eb:69:8d:57:1c:41:8d:65:2b:77:ea:b0:a5:79:75:e1:b9:
         54:ee:de:31:f3:db:69:7f:dd:6f:a7:18:df:3c:85:36:f9:33:
         27:fd:ef:78:5e:5d:c8:47:08:ef:2e:b2:e4:1f:9f:e7:4e:60:
         85:58:1c:be:18:92:af:ad:68:29:ca:0a:71:6a:d7:ae:e6:1c:
         19:19:d8:d2:d9:31:14:70:60:d2:bb:13:66:2d:81:e3:2a:b1:
         11:fe:2f:a0:ea:3c:2f:5f:47:5a:05:77:2c:6e:d3:15:7f:a3:
         b8:87:65:65:70:34:ae:a0:3a:a1:63:95:22:b8:a3:2f:dc:73:
         4c:1b:7f:79:8c:f2:e4:23:63:49:e2:73:53:ae:fe:eb:d3:ec:
         15:89:f5:0d:8c:33:74:33:85:c4:93:cc:71:dc:ce:79:dd:fd:
         4e:5d:14:df:20:f5:dd:f9:60:8f:a8:dc:e2:3b:32:a0:ae:f3:
         8a:2d:06:4c:77:ca:00:e8:f8:1a:ab:83:90:d5:f8:da:5c:27:
         5a:06:75:78:91:76:2b:8f:52:73:d5:d6:fc:d7:4d:64:c3:31:
         25:7f:e9:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAankmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzQ1MmM5ZGJmYzllNDE5M2M3ZTU1ZTBkMjAxNjU2OGQ5NDY1Mjg1MB4XDTIyMDEy
NjEwNDkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRmY2JhMjA2MDVj
MzExY2M5MDkzNzlkOWRlYzBjODAzYmViZDQ2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0SzifRUYPjiH9M1t/7WnWxG6EtwVUnd5cncEp/bHwRCbkk
+7R/HZ2ZIxiMYaFjgtAA9IVMUZE8RGGDpcRoPceGedNLE0NUI5NFNQWScm12vryc
pOk2B3trmVLZbNOq6/T+hAu8mNYUuCbaUOe6qb6/f920rqQGoio2Zc3gXKDJl8yw
SAA+SaLwWSQfwfxJz0rAqAeeWiwpm1fI67fyjuujw7nuhWNS8c3YWyrOP413xnIa
xYQPhnJuPcdQecJtLIS5DKZ4wpW1nVA+E0U9ImyBGQ5YeH9wgCTTnwdzvkhlC3g6
WAQ3nNOb7IpjyxE6E/OeTytH8dz/HtchVJ+hQT8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRk/LogYFwxHMkJN52d7AyAO+vUZTAfBgNVHSMEGDAWgBQDRSydv8nkGTx+
VeDSAWVo2UZShTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EwVXNuYl9KNUJrOGZsWGcwZ0ZsYU5sR1VvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8x
L1pQeTZJR0JjTVJ6SkNUZWRuZXdNZ0R2cjFHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8xL0EwVXNuYl9KNUJr
OGZsWGcwZ0ZsYU5sR1VvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo/DANBgkqhkiG9w0BAQsFAAOC
AQEABV44YptWZDdYpTV8p5d9XElLqOG7vzyeQ6/VAaI1IyddykmV0utpjVccQY1l
K3fqsKV5deG5VO7eMfPbaX/db6cY3zyFNvkzJ/3veF5dyEcI7y6y5B+f505ghVgc
vhiSr61oKcoKcWrXruYcGRnY0tkxFHBg0rsTZi2B4yqxEf4voOo8L19HWgV3LG7T
FX+juIdlZXA0rqA6oWOVIrijL9xzTBt/eYzy5CNjSeJzU67+69PsFYn1DYwzdDOF
xJPMcdzOed39Tl0U3yD13flgj6jc4jsyoK7zii0GTHfKAOj4GquDkNX42lwnWgZ1
eJF2K49Sc9XW/NdNZMMxJX/p0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org