Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/DFgZ5gjsRPR4wrovz7ehNp6NLY0.roa
File:                     DFgZ5gjsRPR4wrovz7ehNp6NLY0.roa (raw, json)
Hash identifier:          rHcaJ+0KYWBLPpcF3WOS8FZH22NYL1c4Ykd6RrMEo9k=
Subject key identifier:   0C:58:19:E6:08:EC:44:F4:78:C2:BA:2F:CF:B7:A1:36:9E:8D:2D:8D
Certificate issuer:       /CN=2cb288b872bb847455d71e1c0b313a63265ebfd4
Certificate serial:       01870E524B3E568C40240B5CDE4B006AEB1F
Authority key identifier: 2C:B2:88:B8:72:BB:84:74:55:D7:1E:1C:0B:31:3A:63:26:5E:BF:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LLKIuHK7hHRV1x4cCzE6YyZev9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/DFgZ5gjsRPR4wrovz7ehNp6NLY0.roa
Signing time:             Thu 23 Mar 2023 11:54:46 +0000
ROA not before:           Thu 23 Mar 2023 11:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        109.107.155.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0e:52:4b:3e:56:8c:40:24:0b:5c:de:4b:00:6a:eb:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cb288b872bb847455d71e1c0b313a63265ebfd4
        Validity
            Not Before: Mar 23 11:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c5819e608ec44f478c2ba2fcfb7a1369e8d2d8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e2:07:6b:8a:f5:28:98:09:13:d3:0b:61:f9:
                    31:d9:18:3a:e4:ea:6f:c4:46:ac:31:3b:bc:8c:43:
                    5b:70:45:14:9a:4d:9e:b6:bf:e4:9d:22:d2:37:be:
                    29:d5:7c:c7:fc:5e:bb:03:15:a3:d8:a4:7e:29:d6:
                    5f:a8:82:bb:ff:ac:40:2e:6b:c5:30:6d:b4:ce:05:
                    e6:66:e3:d6:16:69:20:82:67:f7:55:26:b6:d5:a2:
                    c6:00:e3:65:88:03:1c:e9:37:a0:e3:d4:a5:6c:95:
                    b2:be:b5:5a:ca:a1:18:95:27:a7:1d:c2:13:ab:9d:
                    6f:6b:b5:54:66:f9:63:ff:b5:ff:7c:4e:4d:b6:e7:
                    1a:f6:c5:ea:10:c5:c2:1f:22:8e:78:b1:5f:e8:40:
                    61:88:23:ee:bc:6d:d4:3f:79:c1:3c:5c:8d:91:11:
                    17:35:fd:c6:b1:8c:13:02:8c:38:c3:bb:ab:ad:98:
                    b5:31:70:aa:40:57:a1:17:14:1c:06:73:9a:98:d4:
                    14:12:c6:26:b1:25:eb:fb:1c:b9:fc:35:f5:92:54:
                    dd:8c:79:35:73:ec:87:7c:28:68:48:c7:66:f9:e9:
                    97:59:27:66:49:3c:be:0d:65:be:d8:5a:96:2d:88:
                    a9:be:e0:a1:fc:ab:73:f7:c2:9e:fd:79:63:07:2b:
                    a6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:58:19:E6:08:EC:44:F4:78:C2:BA:2F:CF:B7:A1:36:9E:8D:2D:8D
            X509v3 Authority Key Identifier:
                keyid:2C:B2:88:B8:72:BB:84:74:55:D7:1E:1C:0B:31:3A:63:26:5E:BF:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLKIuHK7hHRV1x4cCzE6YyZev9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/DFgZ5gjsRPR4wrovz7ehNp6NLY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/LLKIuHK7hHRV1x4cCzE6YyZev9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.107.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:15:c6:68:ba:e0:56:34:6f:33:20:94:79:8b:b1:79:88:a6:
         1e:33:5a:5d:ad:1a:2c:f1:1b:3b:b9:a9:b9:8b:f9:d1:f7:e9:
         96:44:a8:5a:f0:71:80:da:e4:09:39:a6:dc:16:67:29:7c:a6:
         87:7f:c6:9c:70:46:53:10:86:67:a8:9a:36:26:b9:b9:19:f2:
         00:23:de:ea:9a:dd:b0:65:d1:b0:14:bf:63:5b:8c:2f:0e:64:
         76:ac:73:e2:7d:d7:d4:99:68:e1:79:75:61:e3:36:89:e8:44:
         da:ec:b2:90:8f:4d:7c:77:92:73:14:f2:3b:cf:55:d2:a0:65:
         27:9b:f9:9e:29:56:de:d2:36:4c:42:c5:3f:90:a1:56:ad:03:
         e1:10:90:50:0a:44:95:c3:31:b7:f9:d3:aa:21:25:33:dc:14:
         8d:d1:3d:55:81:cd:76:6c:af:70:b9:42:3b:0f:b6:5b:4d:31:
         69:29:74:a7:65:9e:f2:ca:50:b9:ea:4f:7c:d7:61:8d:20:36:
         0d:e7:72:03:c8:57:ef:f3:77:f9:5b:03:ed:97:b9:7a:f3:da:
         e6:68:89:c8:b4:fe:04:97:87:ef:cf:cb:ca:ce:48:1a:75:b6:
         03:e5:33:37:ae:93:da:74:2b:e3:06:f6:37:95:c2:ba:a8:6d:
         4e:11:23:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcOUks+VoxAJAtc3ksAausfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjI4OGI4NzJiYjg0NzQ1NWQ3MWUxYzBiMzEzYTYzMjY1
ZWJmZDQwHhcNMjMwMzIzMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU4MTllNjA4ZWM0NGY0NzhjMmJhMmZjZmI3YTEzNjllOGQyZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+IHa4r1KJgJE9MLYfkx2Rg65Opv
xEasMTu8jENbcEUUmk2etr/knSLSN74p1XzH/F67AxWj2KR+KdZfqIK7/6xALmvF
MG20zgXmZuPWFmkggmf3VSa21aLGAONliAMc6Teg49SlbJWyvrVayqEYlSenHcIT
q51va7VUZvlj/7X/fE5Ntuca9sXqEMXCHyKOeLFf6EBhiCPuvG3UP3nBPFyNkREX
Nf3GsYwTAow4w7urrZi1MXCqQFehFxQcBnOamNQUEsYmsSXr+xy5/DX1klTdjHk1
c+yHfChoSMdm+emXWSdmSTy+DWW+2FqWLYipvuCh/Ktz98Ke/XljByum6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxYGeYI7ET0eMK6L8+3oTaejS2NMB8GA1UdIwQY
MBaAFCyyiLhyu4R0VdceHAsxOmMmXr/UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExLSXVISzdoSFJWMXg0Y0N6RTZZeVpldjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8zZGFhODctZTA0NS00MTFlLWI2MTQt
OTk3MzU1NDE5YjBhLzEvREZnWjVnanNSUFI0d3Jvdno3ZWhOcDZOTFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8zZGFhODctZTA0NS00MTFlLWI2MTQtOTk3MzU1NDE5YjBh
LzEvTExLSXVISzdoSFJWMXg0Y0N6RTZZeVpldjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWubMA0G
CSqGSIb3DQEBCwUAA4IBAQBgFcZouuBWNG8zIJR5i7F5iKYeM1pdrRos8Rs7uam5
i/nR9+mWRKha8HGA2uQJOabcFmcpfKaHf8accEZTEIZnqJo2Jrm5GfIAI97qmt2w
ZdGwFL9jW4wvDmR2rHPifdfUmWjheXVh4zaJ6ETa7LKQj018d5JzFPI7z1XSoGUn
m/meKVbe0jZMQsU/kKFWrQPhEJBQCkSVwzG3+dOqISUz3BSN0T1Vgc12bK9wuUI7
D7ZbTTFpKXSnZZ7yylC56k9812GNIDYN53IDyFfv83f5WwPtl7l689rmaInItP4E
l4fvz8vKzkgadbYD5TM3rpPadCvjBvY3lcK6qG1OESNp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:13 2024 by rpki-client on console-fra.rpki-client.org