Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/e90619-1fd8-4b0e-a89c-0cdd9cb26735/1/UMUEitgCUmi__OWdp8eT4BqVpPE.roa
File:                     UMUEitgCUmi__OWdp8eT4BqVpPE.roa (raw, json)
Hash identifier:          1BJNcZNmF/BLIYwRNF2w/+TD5xDgFTUBP5ogkaYx4Dg=
Subject key identifier:   50:C5:04:8A:D8:02:52:68:BF:FC:E5:9D:A7:C7:93:E0:1A:95:A4:F1
Certificate issuer:       /CN=42a1dba2420af69586a47f7426eb57c24d6287a2
Certificate serial:       98154F
Authority key identifier: 42:A1:DB:A2:42:0A:F6:95:86:A4:7F:74:26:EB:57:C2:4D:62:87:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqHbokIK9pWGpH90JutXwk1ih6I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/e90619-1fd8-4b0e-a89c-0cdd9cb26735/1/UMUEitgCUmi__OWdp8eT4BqVpPE.roa
Signing time:             Sat 01 Jan 2022 00:58:08 +0000
ROA not before:           Sat 01 Jan 2022 00:58:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        212.18.119.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9966927 (0x98154f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a1dba2420af69586a47f7426eb57c24d6287a2
        Validity
            Not Before: Jan  1 00:58:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=50c5048ad8025268bffce59da7c793e01a95a4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:e8:16:9c:62:c3:61:c8:ea:e6:d2:b0:2f:43:
                    e5:fd:ca:5c:ba:d0:51:9a:21:a9:15:72:42:47:8c:
                    13:1e:3e:2b:4f:1c:e3:b0:ed:02:d7:af:63:7d:d3:
                    9f:87:51:d7:22:31:0f:ad:bb:20:e1:15:c2:5b:e7:
                    e4:aa:32:88:98:7f:8e:80:d0:b5:d7:62:12:ad:2e:
                    8d:d6:8d:03:b2:49:c1:fd:0c:5f:47:f6:cb:8c:2a:
                    7b:6b:23:11:64:cf:f5:41:c3:04:15:e2:81:a3:b2:
                    dc:47:6f:1a:d5:2d:85:85:c4:a4:47:0a:ed:a0:f9:
                    1d:e1:3d:b2:47:82:95:00:ae:d5:c6:f5:5e:f8:07:
                    77:e2:95:25:93:a3:d2:b8:00:30:98:29:30:52:db:
                    be:d8:06:b8:1d:7f:e2:1c:47:d7:3e:ae:73:d2:9d:
                    93:25:e3:04:8b:33:6b:59:2a:bf:3b:f7:99:20:33:
                    6c:5b:c4:a0:61:d9:b8:e5:14:83:c8:41:44:ba:c8:
                    5a:82:e2:fc:be:60:45:92:44:2e:79:4e:a3:0f:fc:
                    66:21:8d:83:6f:58:6a:7e:1d:72:7b:74:aa:c5:c3:
                    90:e5:d5:eb:f7:e0:3e:8e:ab:bd:77:61:f3:f3:14:
                    2f:02:0d:69:09:c0:1c:8f:cf:b9:2d:e5:94:ae:9c:
                    03:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:C5:04:8A:D8:02:52:68:BF:FC:E5:9D:A7:C7:93:E0:1A:95:A4:F1
            X509v3 Authority Key Identifier:
                keyid:42:A1:DB:A2:42:0A:F6:95:86:A4:7F:74:26:EB:57:C2:4D:62:87:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqHbokIK9pWGpH90JutXwk1ih6I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e90619-1fd8-4b0e-a89c-0cdd9cb26735/1/UMUEitgCUmi__OWdp8eT4BqVpPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e90619-1fd8-4b0e-a89c-0cdd9cb26735/1/QqHbokIK9pWGpH90JutXwk1ih6I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:d5:d9:a5:4c:8b:dc:01:d8:4f:c4:e6:d7:3f:e4:35:1e:e0:
         9b:33:b2:3f:1c:80:db:0d:83:d4:77:cc:1a:52:6c:f0:6b:9e:
         92:27:08:9b:c8:14:6f:bb:6d:c4:f2:cb:ab:6f:33:90:02:20:
         c7:9c:a8:a4:b9:67:4a:01:1e:8c:ec:f8:fd:6a:4f:f5:9e:80:
         12:e8:42:66:85:f4:2a:74:54:23:be:28:f1:11:2f:ec:9a:4d:
         d9:ea:30:76:f4:c1:4a:dc:5a:8e:6d:d4:02:05:ee:0a:32:78:
         dd:5d:36:dd:c2:55:53:d3:86:d9:61:fa:fd:a6:5b:f5:0a:22:
         0f:a7:92:2d:47:1d:26:45:0c:16:0d:f8:05:80:ea:fb:4b:58:
         c1:a3:79:f5:27:f2:61:54:09:5f:bd:d7:f4:37:3a:29:b2:01:
         ad:29:fb:16:74:47:f1:17:7c:e4:c7:8e:b3:bf:ab:8a:ec:ac:
         45:35:3f:bc:ee:27:47:c0:fc:f6:4c:66:af:90:58:f4:3f:0e:
         68:a9:8f:b7:e0:16:f0:7e:66:1d:30:93:6d:f6:0c:4e:db:47:
         fb:4f:3f:29:a3:11:e5:d2:73:85:c9:74:97:f7:e4:72:62:ff:
         2b:f8:4f:1d:4f:54:21:40:ab:da:9f:21:f4:9e:73:17:a7:2e:
         a5:b5:99:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJgVTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmExZGJhMjQyMGFmNjk1ODZhNDdmNzQyNmViNTdjMjRkNjI4N2EyMB4XDTIyMDEw
MTAwNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBjNTA0OGFkODAy
NTI2OGJmZmNlNTlkYTdjNzkzZTAxYTk1YTRmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjoFpxiw2HI6ubSsC9D5f3KXLrQUZohqRVyQkeMEx4+K08c
47DtAtevY33Tn4dR1yIxD627IOEVwlvn5KoyiJh/joDQtddiEq0ujdaNA7JJwf0M
X0f2y4wqe2sjEWTP9UHDBBXigaOy3EdvGtUthYXEpEcK7aD5HeE9skeClQCu1cb1
XvgHd+KVJZOj0rgAMJgpMFLbvtgGuB1/4hxH1z6uc9KdkyXjBIsza1kqvzv3mSAz
bFvEoGHZuOUUg8hBRLrIWoLi/L5gRZJELnlOow/8ZiGNg29Yan4dcnt0qsXDkOXV
6/fgPo6rvXdh8/MULwINaQnAHI/PuS3llK6cAyUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQxQSK2AJSaL/85Z2nx5PgGpWk8TAfBgNVHSMEGDAWgBRCoduiQgr2lYak
f3Qm61fCTWKHojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FxSGJva0lLOXBXR3BIOTBKdXRYd2sxaWg2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvZTkwNjE5LTFmZDgtNGIwZS1hODljLTBjZGQ5Y2IyNjczNS8x
L1VNVUVpdGdDVW1pX19PV2RwOGVUNEJxVnBQRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
ZTkwNjE5LTFmZDgtNGIwZS1hODljLTBjZGQ5Y2IyNjczNS8xL1FxSGJva0lLOXBX
R3BIOTBKdXRYd2sxaWg2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQSdzANBgkqhkiG9w0BAQsFAAOC
AQEASdXZpUyL3AHYT8Tm1z/kNR7gmzOyPxyA2w2D1HfMGlJs8GuekicIm8gUb7tt
xPLLq28zkAIgx5yopLlnSgEejOz4/WpP9Z6AEuhCZoX0KnRUI74o8REv7JpN2eow
dvTBStxajm3UAgXuCjJ43V023cJVU9OG2WH6/aZb9QoiD6eSLUcdJkUMFg34BYDq
+0tYwaN59SfyYVQJX73X9Dc6KbIBrSn7FnRH8Rd85MeOs7+riuysRTU/vO4nR8D8
9kxmr5BY9D8OaKmPt+AW8H5mHTCTbfYMTttH+08/KaMR5dJzhcl0l/fkcmL/K/hP
HU9UIUCr2p8h9J5zF6cupbWZuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:02 2024 by rpki-client on console-fra.rpki-client.org