Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/Qwiy3yL-UjCFZU-pWbpmpQGOKNw.roa
File:                     Qwiy3yL-UjCFZU-pWbpmpQGOKNw.roa (raw, json)
Hash identifier:          XWvVhIJzD/pq3knIRyOPvSo7lp68XSgWm2ZJFw0REMA=
Subject key identifier:   43:08:B2:DF:22:FE:52:30:85:65:4F:A9:59:BA:66:A5:01:8E:28:DC
Certificate issuer:       /CN=a2dbf3dece882fad8a237468e08fd7beb1cafa39
Certificate serial:       018691E11D56157E56B17446FAC8FC90B206
Authority key identifier: A2:DB:F3:DE:CE:88:2F:AD:8A:23:74:68:E0:8F:D7:BE:B1:CA:FA:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/otvz3s6IL62KI3Ro4I_XvrHK-jk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/Qwiy3yL-UjCFZU-pWbpmpQGOKNw.roa
Signing time:             Mon 27 Feb 2023 07:58:14 +0000
ROA not before:           Mon 27 Feb 2023 07:58:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210439
IP address blocks:        146.19.9.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:91:e1:1d:56:15:7e:56:b1:74:46:fa:c8:fc:90:b2:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2dbf3dece882fad8a237468e08fd7beb1cafa39
        Validity
            Not Before: Feb 27 07:58:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4308b2df22fe523085654fa959ba66a5018e28dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:05:dc:9b:e5:60:4b:9f:5c:26:6a:93:23:12:
                    f6:7f:dd:62:c9:3a:14:f3:94:ec:ff:4c:99:e8:05:
                    93:0b:b8:7b:3c:fe:1b:25:33:e7:28:ec:9f:87:4f:
                    b7:89:25:bf:4d:36:1e:25:e7:3f:9e:78:40:d7:07:
                    95:fc:7c:d2:ca:ab:f6:df:d1:9a:b3:69:1a:5b:5d:
                    03:19:ec:7c:d1:29:63:90:2f:0d:80:5d:19:60:82:
                    6a:17:f2:3d:75:bf:51:71:68:7f:ca:15:ba:b2:c4:
                    24:60:4d:42:33:5b:7e:9b:37:21:49:fb:ce:f7:b0:
                    6b:a0:ea:0a:e4:58:97:f0:b7:4d:bd:67:92:63:8d:
                    0b:3e:47:7b:d4:1c:4c:2c:73:c6:4f:ea:ed:ad:55:
                    19:03:5b:d3:bb:97:69:31:36:89:06:0e:b2:ad:8d:
                    9c:97:fa:34:90:83:28:64:26:2b:03:6f:84:95:39:
                    90:3e:f6:b4:80:e3:bd:b3:9f:05:a9:6b:01:d6:f7:
                    f8:47:62:de:20:1e:07:42:e3:4e:ab:d7:f9:31:c6:
                    42:1e:1b:33:a5:6b:17:86:1a:eb:29:fb:1a:51:bb:
                    f0:24:00:bd:ea:76:11:b8:d7:d7:c1:ff:42:b8:23:
                    75:04:4a:2f:88:4f:00:6a:1b:bf:3d:9f:13:8e:f6:
                    e4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:08:B2:DF:22:FE:52:30:85:65:4F:A9:59:BA:66:A5:01:8E:28:DC
            X509v3 Authority Key Identifier:
                keyid:A2:DB:F3:DE:CE:88:2F:AD:8A:23:74:68:E0:8F:D7:BE:B1:CA:FA:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otvz3s6IL62KI3Ro4I_XvrHK-jk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/Qwiy3yL-UjCFZU-pWbpmpQGOKNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c87266-0d64-449c-ba46-0b617fe7c123/1/otvz3s6IL62KI3Ro4I_XvrHK-jk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:d0:f5:c0:52:58:61:7a:1c:a3:16:9f:db:77:53:ad:b4:7e:
         28:b5:f8:5a:00:40:ba:4d:20:1b:6b:b5:8b:e8:9d:0e:b8:b6:
         c9:f7:15:5d:44:31:97:5e:88:3d:53:94:cb:7c:b1:23:6a:97:
         85:f5:4b:7a:cc:93:d8:9d:42:d6:72:7e:21:d8:cf:ac:6c:3c:
         de:44:73:3b:ce:37:7c:eb:94:87:b6:2f:10:a4:a1:94:58:e4:
         0d:82:05:5c:84:60:c0:68:01:20:71:bf:fe:f5:99:62:da:f5:
         e3:65:7b:0f:d2:3f:08:ba:2b:e4:35:a8:da:77:bc:31:dc:49:
         02:12:bc:d8:76:0c:84:6a:c0:ac:64:dc:db:f9:78:bb:d0:5e:
         fa:93:95:04:c5:07:78:05:e8:5e:7e:22:0b:21:37:ac:69:2a:
         13:3c:f2:d1:e3:1e:9c:ff:5c:61:61:f2:71:b2:0b:cf:9e:c1:
         27:bb:0e:e5:1b:35:74:b2:78:42:dd:d8:93:73:1e:8c:68:09:
         ba:b9:09:71:e7:a6:9f:62:49:7c:52:48:48:fb:0d:04:7d:7b:
         d8:ae:70:43:cc:98:69:f0:d3:85:31:b2:7b:9e:06:e6:d7:2e:
         6b:c5:16:6e:10:96:ec:ec:45:b3:37:c9:ea:42:13:c6:4b:b2:
         b4:12:35:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaR4R1WFX5WsXRG+sj8kLIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZGJmM2RlY2U4ODJmYWQ4YTIzNzQ2OGUwOGZkN2JlYjFj
YWZhMzkwHhcNMjMwMjI3MDc1ODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA4YjJkZjIyZmU1MjMwODU2NTRmYTk1OWJhNjZhNTAxOGUyOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgXcm+VgS59cJmqTIxL2f91iyToU
85Ts/0yZ6AWTC7h7PP4bJTPnKOyfh0+3iSW/TTYeJec/nnhA1weV/HzSyqv239Ga
s2kaW10DGex80SljkC8NgF0ZYIJqF/I9db9RcWh/yhW6ssQkYE1CM1t+mzchSfvO
97BroOoK5FiX8LdNvWeSY40LPkd71BxMLHPGT+rtrVUZA1vTu5dpMTaJBg6yrY2c
l/o0kIMoZCYrA2+ElTmQPva0gOO9s58FqWsB1vf4R2LeIB4HQuNOq9f5McZCHhsz
pWsXhhrrKfsaUbvwJAC96nYRuNfXwf9CuCN1BEoviE8Aahu/PZ8TjvbkKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMIst8i/lIwhWVPqVm6ZqUBjijcMB8GA1UdIwQY
MBaAFKLb897OiC+tiiN0aOCP176xyvo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3R2ejNzNklMNjJLSTNSbzRJX1h2ckhLLWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jODcyNjYtMGQ2NC00NDljLWJhNDYt
MGI2MTdmZTdjMTIzLzEvUXdpeTN5TC1VakNGWlUtcFdicG1wUUdPS053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jODcyNjYtMGQ2NC00NDljLWJhNDYtMGI2MTdmZTdjMTIz
LzEvb3R2ejNzNklMNjJLSTNSbzRJX1h2ckhLLWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMJMA0G
CSqGSIb3DQEBCwUAA4IBAQBd0PXAUlhhehyjFp/bd1OttH4otfhaAEC6TSAba7WL
6J0OuLbJ9xVdRDGXXog9U5TLfLEjapeF9Ut6zJPYnULWcn4h2M+sbDzeRHM7zjd8
65SHti8QpKGUWOQNggVchGDAaAEgcb/+9Zli2vXjZXsP0j8IuivkNajad7wx3EkC
ErzYdgyEasCsZNzb+Xi70F76k5UExQd4BehefiILITesaSoTPPLR4x6c/1xhYfJx
sgvPnsEnuw7lGzV0snhC3diTcx6MaAm6uQlx56afYkl8UkhI+w0EfXvYrnBDzJhp
8NOFMbJ7ngbm1y5rxRZuEJbs7EWzN8nqQhPGS7K0EjU9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:51 2024 by rpki-client on console-ams.rpki-client.org