Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/7d8cfd-8830-4fe3-bf75-bc64d3e62382/1/4pWCvlYvOk3izMnemiZDBMfOnGg.roa
File:                     4pWCvlYvOk3izMnemiZDBMfOnGg.roa (raw, json)
Hash identifier:          2hjrl28f+sCkPaqKK4qZw7MsopN0GMvRixijqiVQ4vI=
Subject key identifier:   E2:95:82:BE:56:2F:3A:4D:E2:CC:C9:DE:9A:26:43:04:C7:CE:9C:68
Certificate issuer:       /CN=d32f876231dcb5dfd7af4523120565d98006474a
Certificate serial:       01856CC166BF660982934217327AD0E7296D
Authority key identifier: D3:2F:87:62:31:DC:B5:DF:D7:AF:45:23:12:05:65:D9:80:06:47:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0y-HYjHctd_Xr0UjEgVl2YAGR0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/7d8cfd-8830-4fe3-bf75-bc64d3e62382/1/4pWCvlYvOk3izMnemiZDBMfOnGg.roa
Signing time:             Sun 01 Jan 2023 09:54:52 +0000
ROA not before:           Sun 01 Jan 2023 09:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203446
IP address blocks:        45.143.4.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:c1:66:bf:66:09:82:93:42:17:32:7a:d0:e7:29:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d32f876231dcb5dfd7af4523120565d98006474a
        Validity
            Not Before: Jan  1 09:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e29582be562f3a4de2ccc9de9a264304c7ce9c68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6e:b9:7f:bf:2b:a1:9e:78:b0:79:df:13:89:
                    90:0a:f5:c1:c5:79:19:b4:fa:0d:43:95:a4:6d:e8:
                    f5:77:0e:5f:5e:45:e2:2e:bd:36:e1:5d:3b:fb:30:
                    44:19:04:d6:12:1e:53:ee:4f:7f:50:37:93:77:41:
                    57:a2:e3:41:e1:7b:a4:b0:ad:a6:63:a6:6b:5f:09:
                    15:b1:93:18:94:2c:cf:73:4b:f5:ac:01:7a:03:a8:
                    d0:bd:5c:3a:10:79:d6:ab:30:a5:1e:7c:89:b6:c1:
                    27:37:a6:8b:ab:3c:32:67:fd:b8:10:dd:88:d7:88:
                    c0:bf:44:0e:ed:3f:04:59:04:a7:e8:01:d2:11:ae:
                    84:54:a6:e1:47:56:b7:5a:ca:c2:6e:ee:e0:d1:3a:
                    b6:3c:16:6e:47:fc:7f:01:62:c5:fd:a9:ce:e2:e0:
                    56:ee:63:9b:c0:b9:54:58:c1:d6:e0:35:53:65:f1:
                    36:33:cc:29:ba:86:20:16:43:5f:c9:97:ba:32:19:
                    1e:30:f4:54:fe:ee:79:c0:6f:c2:2a:c4:25:ab:3e:
                    ea:df:50:f1:58:88:84:95:ed:cc:d6:61:c7:8c:3e:
                    f8:7a:e1:ac:23:99:e1:3f:77:66:e5:31:d8:c6:f7:
                    ae:14:ff:5d:d9:be:00:0b:14:5c:10:05:95:7d:db:
                    bd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:95:82:BE:56:2F:3A:4D:E2:CC:C9:DE:9A:26:43:04:C7:CE:9C:68
            X509v3 Authority Key Identifier:
                keyid:D3:2F:87:62:31:DC:B5:DF:D7:AF:45:23:12:05:65:D9:80:06:47:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0y-HYjHctd_Xr0UjEgVl2YAGR0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/7d8cfd-8830-4fe3-bf75-bc64d3e62382/1/4pWCvlYvOk3izMnemiZDBMfOnGg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/7d8cfd-8830-4fe3-bf75-bc64d3e62382/1/0y-HYjHctd_Xr0UjEgVl2YAGR0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:7a:8c:34:7b:63:b5:73:69:e3:65:63:f2:70:58:15:c2:48:
         a0:81:9b:75:c8:b2:a8:42:06:50:7c:87:64:b4:7b:77:f0:a8:
         86:46:8b:23:f8:b3:b0:53:e6:80:90:81:0b:85:40:8e:96:f3:
         f5:f3:42:ba:b3:be:4e:6c:b9:e8:9f:26:25:e8:d8:13:b4:c1:
         69:ea:7e:88:49:92:97:ab:72:d4:b6:41:c3:b4:b8:c4:ea:09:
         a0:9c:dc:69:31:5c:88:d1:13:5f:7c:b9:cc:65:40:53:29:47:
         10:bb:d1:ef:25:e6:9e:a1:74:30:42:24:54:a3:88:bb:fa:70:
         88:53:6d:8c:64:2e:9f:ef:37:59:14:0e:59:3b:18:40:f6:6f:
         09:8e:5a:55:ee:e2:18:48:60:7c:6d:79:bd:55:03:0e:19:62:
         95:50:36:e1:5e:56:90:4f:8c:dd:99:a4:48:45:de:1e:81:54:
         8f:a2:d8:4c:db:4d:a0:e9:65:95:91:de:5d:0c:86:22:cd:f4:
         e7:7a:0d:cf:a3:8d:48:20:e2:27:df:b2:ac:ba:af:8a:b3:60:
         7c:4f:06:0c:b0:48:19:3f:f0:2e:da:34:c6:61:ef:bf:38:4a:
         bf:15:d5:d9:43:a9:1e:63:0d:bb:3b:8b:ac:50:35:95:01:89:
         e7:ae:61:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswWa/ZgmCk0IXMnrQ5yltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMmY4NzYyMzFkY2I1ZGZkN2FmNDUyMzEyMDU2NWQ5ODAw
NjQ3NGEwHhcNMjMwMTAxMDk1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk1ODJiZTU2MmYzYTRkZTJjY2M5ZGU5YTI2NDMwNGM3Y2U5YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl265f78roZ54sHnfE4mQCvXBxXkZ
tPoNQ5Wkbej1dw5fXkXiLr024V07+zBEGQTWEh5T7k9/UDeTd0FXouNB4XuksK2m
Y6ZrXwkVsZMYlCzPc0v1rAF6A6jQvVw6EHnWqzClHnyJtsEnN6aLqzwyZ/24EN2I
14jAv0QO7T8EWQSn6AHSEa6EVKbhR1a3WsrCbu7g0Tq2PBZuR/x/AWLF/anO4uBW
7mObwLlUWMHW4DVTZfE2M8wpuoYgFkNfyZe6MhkeMPRU/u55wG/CKsQlqz7q31Dx
WIiEle3M1mHHjD74euGsI5nhP3dm5THYxveuFP9d2b4ACxRcEAWVfdu9VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKVgr5WLzpN4szJ3pomQwTHzpxoMB8GA1UdIwQY
MBaAFNMvh2Ix3LXf169FIxIFZdmABkdKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHktSFlqSGN0ZF9YcjBVakVnVmwyWUFHUjBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83ZDhjZmQtODgzMC00ZmUzLWJmNzUt
YmM2NGQzZTYyMzgyLzEvNHBXQ3ZsWXZPazNpek1uZW1pWkRCTWZPbkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83ZDhjZmQtODgzMC00ZmUzLWJmNzUtYmM2NGQzZTYyMzgy
LzEvMHktSFlqSGN0ZF9YcjBVakVnVmwyWUFHUjBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQBeeow0e2O1c2njZWPycFgVwkiggZt1yLKoQgZQfIdk
tHt38KiGRosj+LOwU+aAkIELhUCOlvP180K6s75ObLnonyYl6NgTtMFp6n6ISZKX
q3LUtkHDtLjE6gmgnNxpMVyI0RNffLnMZUBTKUcQu9HvJeaeoXQwQiRUo4i7+nCI
U22MZC6f7zdZFA5ZOxhA9m8JjlpV7uIYSGB8bXm9VQMOGWKVUDbhXlaQT4zdmaRI
Rd4egVSPothM202g6WWVkd5dDIYizfTneg3Po41IIOIn37Ksuq+Ks2B8TwYMsEgZ
P/Au2jTGYe+/OEq/FdXZQ6keYw27O4usUDWVAYnnrmG4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:00 2024 by rpki-client on console-fra.rpki-client.org