Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/2c4bd7-c498-4d02-b6fc-6c4e2569679e/1/Mw37Eud66FBiBQpdPNvNUccKAKg.roa
File:                     Mw37Eud66FBiBQpdPNvNUccKAKg.roa (raw, json)
Hash identifier:          7lzyP4o4GVRnbmguk4xegXUpW+d7+JJK7qCc+1anPOo=
Subject key identifier:   33:0D:FB:12:E7:7A:E8:50:62:05:0A:5D:3C:DB:CD:51:C7:0A:00:A8
Certificate issuer:       /CN=f4348ae7baedc54ec120f420d79d6a1b71de7fb7
Certificate serial:       01835F5419D995C6380FE0869F4311F57EB5
Authority key identifier: F4:34:8A:E7:BA:ED:C5:4E:C1:20:F4:20:D7:9D:6A:1B:71:DE:7F:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9DSK57rtxU7BIPQg151qG3Hef7c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/2c4bd7-c498-4d02-b6fc-6c4e2569679e/1/Mw37Eud66FBiBQpdPNvNUccKAKg.roa
Signing time:             Wed 21 Sep 2022 09:14:50 +0000
ROA not before:           Wed 21 Sep 2022 09:14:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52000
IP address blocks:        194.26.129.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5f:54:19:d9:95:c6:38:0f:e0:86:9f:43:11:f5:7e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4348ae7baedc54ec120f420d79d6a1b71de7fb7
        Validity
            Not Before: Sep 21 09:14:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=330dfb12e77ae85062050a5d3cdbcd51c70a00a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:94:e6:f0:1d:6b:70:9c:8d:0a:4c:01:3c:be:
                    e5:76:46:b9:5e:b5:79:41:79:87:57:dd:f1:45:fe:
                    f8:19:45:4f:b9:71:86:8d:2e:32:cf:10:26:a1:83:
                    21:ce:f9:3c:d5:27:1e:a7:88:8f:49:ad:dc:50:5f:
                    0a:2e:5d:71:66:24:78:65:50:6a:9a:4a:d1:f3:10:
                    cb:02:34:4b:b2:8e:b0:3d:1c:a1:dd:23:dd:81:f5:
                    3b:2d:86:0f:d2:bb:52:3c:a7:33:14:4a:bd:7a:fd:
                    5d:d0:13:c6:b5:46:e4:57:fe:ad:0c:0f:b4:c8:d7:
                    d8:62:c9:f9:0b:3f:ba:8d:b2:00:03:b5:d0:09:f9:
                    55:64:68:25:10:71:28:9b:04:5f:12:ea:02:74:44:
                    e9:e8:b9:e5:18:fb:6f:bd:30:67:44:a9:2c:94:cc:
                    67:41:d6:84:35:e2:61:8c:af:11:b0:03:07:5a:a5:
                    d3:19:50:89:19:16:ca:b7:d1:fc:a6:fe:8b:9d:d9:
                    39:89:b6:b2:af:4e:de:73:41:f1:61:05:3f:f4:b7:
                    c2:e6:d6:ad:a7:85:77:d5:79:a0:93:86:01:91:38:
                    bd:0a:2a:38:0e:82:99:b4:aa:8e:a8:b0:54:13:92:
                    36:ed:17:12:69:f9:62:0a:38:0b:57:7b:73:14:c3:
                    57:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:0D:FB:12:E7:7A:E8:50:62:05:0A:5D:3C:DB:CD:51:C7:0A:00:A8
            X509v3 Authority Key Identifier:
                keyid:F4:34:8A:E7:BA:ED:C5:4E:C1:20:F4:20:D7:9D:6A:1B:71:DE:7F:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9DSK57rtxU7BIPQg151qG3Hef7c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2c4bd7-c498-4d02-b6fc-6c4e2569679e/1/Mw37Eud66FBiBQpdPNvNUccKAKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2c4bd7-c498-4d02-b6fc-6c4e2569679e/1/9DSK57rtxU7BIPQg151qG3Hef7c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:bb:66:9f:d0:4c:b9:67:25:81:ee:73:f2:ca:b3:27:44:93:
         73:8b:83:2d:f3:6d:57:7c:ea:1b:9d:e3:41:98:9c:29:c3:27:
         34:ae:75:1a:9e:c2:41:c8:c7:6a:4c:21:fe:ac:48:b2:14:cf:
         09:96:29:22:a7:c6:a3:20:21:95:f2:f0:82:fc:d3:2b:dc:67:
         9a:f1:76:a8:e2:0c:1b:ab:41:4c:f4:1c:2e:20:fb:d5:51:c9:
         d8:9f:ee:c2:eb:fd:20:29:6a:b4:6b:9d:84:c8:cb:fb:12:de:
         29:04:77:d1:9a:ed:bf:7a:70:3b:7f:5d:d0:0a:03:ca:e0:72:
         b9:46:a2:7c:ba:23:c3:9f:94:cb:95:94:e1:56:37:80:9f:df:
         32:18:9e:80:1d:45:df:2f:fe:39:9b:a0:0a:f5:94:77:90:c5:
         8c:bc:84:4a:29:d4:87:b5:f3:82:50:d0:5c:30:fe:30:a7:d2:
         5c:60:d8:1b:74:d3:70:1c:50:35:45:9f:c4:a6:27:01:4e:6b:
         63:77:d6:be:6b:25:20:c8:79:4d:87:38:2e:f2:e9:7d:47:40:
         69:61:be:a7:3b:57:7b:40:19:8c:26:d3:0a:08:59:1e:63:a7:
         8a:6b:9f:cd:19:29:62:00:9e:c6:e2:11:41:7f:81:2e:20:2e:
         b8:87:7e:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNfVBnZlcY4D+CGn0MR9X61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MzQ4YWU3YmFlZGM1NGVjMTIwZjQyMGQ3OWQ2YTFiNzFk
ZTdmYjcwHhcNMjIwOTIxMDkxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzBkZmIxMmU3N2FlODUwNjIwNTBhNWQzY2RiY2Q1MWM3MGEwMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJTm8B1rcJyNCkwBPL7ldka5XrV5
QXmHV93xRf74GUVPuXGGjS4yzxAmoYMhzvk81Scep4iPSa3cUF8KLl1xZiR4ZVBq
mkrR8xDLAjRLso6wPRyh3SPdgfU7LYYP0rtSPKczFEq9ev1d0BPGtUbkV/6tDA+0
yNfYYsn5Cz+6jbIAA7XQCflVZGglEHEomwRfEuoCdETp6LnlGPtvvTBnRKkslMxn
QdaENeJhjK8RsAMHWqXTGVCJGRbKt9H8pv6Lndk5ibayr07ec0HxYQU/9LfC5tat
p4V31Xmgk4YBkTi9Cio4DoKZtKqOqLBUE5I27RcSafliCjgLV3tzFMNXAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMN+xLneuhQYgUKXTzbzVHHCgCoMB8GA1UdIwQY
MBaAFPQ0iue67cVOwSD0INedahtx3n+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOURTSzU3cnR4VTdCSVBRZzE1MXFHM0hlZjdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8yYzRiZDctYzQ5OC00ZDAyLWI2ZmMt
NmM0ZTI1Njk2NzllLzEvTXczN0V1ZDY2RkJpQlFwZFBOdk5VY2NLQUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8yYzRiZDctYzQ5OC00ZDAyLWI2ZmMtNmM0ZTI1Njk2Nzll
LzEvOURTSzU3cnR4VTdCSVBRZzE1MXFHM0hlZjdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhqBMA0G
CSqGSIb3DQEBCwUAA4IBAQBhu2af0Ey5ZyWB7nPyyrMnRJNzi4Mt821XfOobneNB
mJwpwyc0rnUansJByMdqTCH+rEiyFM8Jlikip8ajICGV8vCC/NMr3Gea8Xao4gwb
q0FM9BwuIPvVUcnYn+7C6/0gKWq0a52EyMv7Et4pBHfRmu2/enA7f13QCgPK4HK5
RqJ8uiPDn5TLlZThVjeAn98yGJ6AHUXfL/45m6AK9ZR3kMWMvIRKKdSHtfOCUNBc
MP4wp9JcYNgbdNNwHFA1RZ/EpicBTmtjd9a+ayUgyHlNhzgu8ul9R0BpYb6nO1d7
QBmMJtMKCFkeY6eKa5/NGSliAJ7G4hFBf4EuIC64h35Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:44 2024 by rpki-client on console-fra.rpki-client.org