Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/p4YGE4PY-hvQVU-DkoKMls2Jr20.roa
File:                     p4YGE4PY-hvQVU-DkoKMls2Jr20.roa (raw, json)
Hash identifier:          o+QeYiQ1gQThM3fgxVtFLspe4YibHx+3CxXi+HqSafc=
Subject key identifier:   A7:86:06:13:83:D8:FA:1B:D0:55:4F:83:92:82:8C:96:CD:89:AF:6D
Certificate issuer:       /CN=2cb288b872bb847455d71e1c0b313a63265ebfd4
Certificate serial:       01876D76EC1834179C3F5D2B7600EECA4453
Authority key identifier: 2C:B2:88:B8:72:BB:84:74:55:D7:1E:1C:0B:31:3A:63:26:5E:BF:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LLKIuHK7hHRV1x4cCzE6YyZev9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/p4YGE4PY-hvQVU-DkoKMls2Jr20.roa
Signing time:             Mon 10 Apr 2023 23:18:42 +0000
ROA not before:           Mon 10 Apr 2023 23:18:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212756
IP address blocks:        109.107.155.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6d:76:ec:18:34:17:9c:3f:5d:2b:76:00:ee:ca:44:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cb288b872bb847455d71e1c0b313a63265ebfd4
        Validity
            Not Before: Apr 10 23:18:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a786061383d8fa1bd0554f8392828c96cd89af6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:db:b7:2d:75:4c:27:cb:8e:ba:67:ee:26:a4:
                    e4:9d:19:27:6b:c2:fe:2e:30:ad:f7:14:7d:c5:91:
                    b8:43:74:00:7e:b9:08:07:4f:63:a4:6d:b2:b5:db:
                    bd:1c:45:8d:1d:49:a0:47:42:36:5c:02:15:30:81:
                    b0:03:82:5d:eb:93:34:15:24:a1:9e:fa:d6:8a:a1:
                    09:4e:30:3a:56:09:b2:e0:54:7d:21:3e:be:ec:1c:
                    01:35:27:00:f2:c3:77:72:0f:48:61:4c:ab:a0:f7:
                    13:51:37:82:ca:28:f7:40:0b:1f:66:d8:39:8f:19:
                    37:02:42:cb:5f:b8:c8:d6:31:24:a4:53:0b:05:f4:
                    73:f5:f4:3d:cd:0d:cc:87:7a:f7:b7:70:23:11:10:
                    b4:a6:ca:c2:4d:72:85:5f:d0:58:8f:3a:ea:c4:2a:
                    90:c6:ee:b2:f8:23:34:89:99:fc:e2:31:b6:3d:c2:
                    47:99:5e:4b:a9:3f:50:89:32:72:66:8f:75:0a:dc:
                    3b:ba:f9:d8:93:8b:cb:e2:31:cb:c9:5d:7e:2d:b3:
                    ef:4f:38:b5:be:5e:95:d2:33:ce:36:10:b2:5c:90:
                    82:b4:71:e1:7c:cb:5b:fd:ec:57:cd:4f:ff:e9:e9:
                    b9:7f:8c:18:07:9f:d5:16:b6:c1:66:b7:2a:65:88:
                    70:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:86:06:13:83:D8:FA:1B:D0:55:4F:83:92:82:8C:96:CD:89:AF:6D
            X509v3 Authority Key Identifier:
                keyid:2C:B2:88:B8:72:BB:84:74:55:D7:1E:1C:0B:31:3A:63:26:5E:BF:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLKIuHK7hHRV1x4cCzE6YyZev9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/p4YGE4PY-hvQVU-DkoKMls2Jr20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3daa87-e045-411e-b614-997355419b0a/1/LLKIuHK7hHRV1x4cCzE6YyZev9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.107.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:80:5d:4a:94:fb:11:74:cb:38:6c:bf:4c:c4:cd:4c:bf:8f:
         1f:34:1a:58:65:fd:0d:c8:75:40:46:a1:51:5a:2a:4e:2d:8a:
         c2:9f:bb:92:be:bb:18:9d:f9:cb:b6:7a:4e:68:67:a8:4c:8e:
         ab:8a:45:ff:6b:d4:59:61:ac:47:2a:10:02:64:0d:c0:45:9c:
         da:28:67:41:d3:bf:7d:51:ec:58:23:a3:b4:07:2c:bb:2b:23:
         4c:55:e3:63:7a:92:5d:04:c1:11:7e:18:6c:87:03:e1:46:62:
         9e:e7:50:e6:f6:65:77:90:63:76:cc:64:df:83:5d:af:7d:01:
         bf:96:0b:7a:7e:8b:5b:02:44:fe:ba:43:e2:15:2c:56:31:85:
         5b:60:a6:3b:10:3f:09:15:2b:df:cb:48:5a:1c:b5:2f:10:76:
         69:fd:61:a7:a1:81:13:89:86:c1:9a:a1:f6:75:d5:b9:90:9f:
         b0:41:13:6d:0f:84:b4:27:03:33:b6:dc:5b:c8:72:2f:4b:be:
         c1:01:2d:d8:bf:92:66:5d:e5:bf:13:5d:2f:e2:7b:5b:9d:6c:
         62:9b:6d:09:c7:8f:c5:57:27:24:e2:f8:db:79:0f:2d:c1:94:
         7a:c0:e1:25:28:4b:03:7f:9b:4e:69:2d:50:4f:1a:a4:49:99:
         6a:41:4b:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdtduwYNBecP10rdgDuykRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjI4OGI4NzJiYjg0NzQ1NWQ3MWUxYzBiMzEzYTYzMjY1
ZWJmZDQwHhcNMjMwNDEwMjMxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg2MDYxMzgzZDhmYTFiZDA1NTRmODM5MjgyOGM5NmNkODlhZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNu3LXVMJ8uOumfuJqTknRkna8L+
LjCt9xR9xZG4Q3QAfrkIB09jpG2ytdu9HEWNHUmgR0I2XAIVMIGwA4Jd65M0FSSh
nvrWiqEJTjA6Vgmy4FR9IT6+7BwBNScA8sN3cg9IYUyroPcTUTeCyij3QAsfZtg5
jxk3AkLLX7jI1jEkpFMLBfRz9fQ9zQ3Mh3r3t3AjERC0psrCTXKFX9BYjzrqxCqQ
xu6y+CM0iZn84jG2PcJHmV5LqT9QiTJyZo91Ctw7uvnYk4vL4jHLyV1+LbPvTzi1
vl6V0jPONhCyXJCCtHHhfMtb/exXzU//6em5f4wYB5/VFrbBZrcqZYhwcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeGBhOD2Pob0FVPg5KCjJbNia9tMB8GA1UdIwQY
MBaAFCyyiLhyu4R0VdceHAsxOmMmXr/UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExLSXVISzdoSFJWMXg0Y0N6RTZZeVpldjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8zZGFhODctZTA0NS00MTFlLWI2MTQt
OTk3MzU1NDE5YjBhLzEvcDRZR0U0UFktaHZRVlUtRGtvS01sczJKcjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8zZGFhODctZTA0NS00MTFlLWI2MTQtOTk3MzU1NDE5YjBh
LzEvTExLSXVISzdoSFJWMXg0Y0N6RTZZeVpldjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWubMA0G
CSqGSIb3DQEBCwUAA4IBAQBDgF1KlPsRdMs4bL9MxM1Mv48fNBpYZf0NyHVARqFR
WipOLYrCn7uSvrsYnfnLtnpOaGeoTI6rikX/a9RZYaxHKhACZA3ARZzaKGdB0799
UexYI6O0Byy7KyNMVeNjepJdBMERfhhshwPhRmKe51Dm9mV3kGN2zGTfg12vfQG/
lgt6fotbAkT+ukPiFSxWMYVbYKY7ED8JFSvfy0haHLUvEHZp/WGnoYETiYbBmqH2
ddW5kJ+wQRNtD4S0JwMzttxbyHIvS77BAS3Yv5JmXeW/E10v4ntbnWxim20Jx4/F
Vyck4vjbeQ8twZR6wOElKEsDf5tOaS1QTxqkSZlqQUvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:13 2024 by rpki-client on console-fra.rpki-client.org