Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/qISidSbvT14F6ra-3VpZ9gIrALg.roa
File:                     qISidSbvT14F6ra-3VpZ9gIrALg.roa (raw, json)
Hash identifier:          Mj7f2jXi9wTNRo4F+tejQ+J0V3kMC8WIP8gowfEIo0Y=
Subject key identifier:   A8:84:A2:75:26:EF:4F:5E:05:EA:B6:BE:DD:5A:59:F6:02:2B:00:B8
Certificate issuer:       /CN=affd6578a7cbc6884049a0ebeb65c039c58e2583
Certificate serial:       01857014F86E3D62AF668019F933A2A15F9C
Authority key identifier: AF:FD:65:78:A7:CB:C6:88:40:49:A0:EB:EB:65:C0:39:C5:8E:25:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_1leKfLxohASaDr62XAOcWOJYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/qISidSbvT14F6ra-3VpZ9gIrALg.roa
Signing time:             Mon 02 Jan 2023 01:25:00 +0000
ROA not before:           Mon 02 Jan 2023 01:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        45.9.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:14:f8:6e:3d:62:af:66:80:19:f9:33:a2:a1:5f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=affd6578a7cbc6884049a0ebeb65c039c58e2583
        Validity
            Not Before: Jan  2 01:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a884a27526ef4f5e05eab6bedd5a59f6022b00b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:bd:88:2f:c1:f2:a7:04:32:0b:a5:40:04:f9:
                    40:1d:8d:0d:70:28:95:1e:87:33:a6:ed:9a:83:fd:
                    6c:66:3d:56:9a:9b:11:9a:5c:36:92:c6:72:26:ec:
                    95:cb:c2:d1:4e:e9:8c:c6:a6:9e:84:1f:00:8f:a0:
                    96:f4:60:c2:7c:6a:05:74:00:42:21:93:19:d7:c3:
                    92:c1:f9:4e:af:3b:d7:7b:ca:c2:bb:2e:66:59:38:
                    d9:6c:ae:42:30:ab:05:b3:c7:70:97:e5:80:5c:02:
                    52:d1:98:ad:9d:14:71:0c:9b:88:9b:86:4d:b8:20:
                    cd:c7:8e:c2:c8:d2:77:0c:b1:bf:d9:df:87:e1:c4:
                    e9:8a:c5:2d:5b:eb:24:91:0a:13:91:8f:b7:dc:93:
                    97:63:68:4c:c5:7d:1e:b5:42:2a:85:44:4d:48:c2:
                    d8:d0:ef:05:b6:ee:61:38:7a:8b:48:78:6c:2a:e9:
                    fc:31:63:0f:ff:42:ae:11:9b:71:1f:5c:3b:f1:40:
                    16:66:bd:39:a2:dd:8c:5e:fb:05:c9:75:00:17:2b:
                    ef:c3:81:2e:65:4a:6b:21:37:1d:b4:70:cd:db:ef:
                    f2:94:50:12:3f:b1:d5:0c:5a:eb:49:51:01:b9:27:
                    84:6e:1d:b0:9d:e9:fe:ee:67:f3:df:6a:d2:0d:69:
                    1e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:84:A2:75:26:EF:4F:5E:05:EA:B6:BE:DD:5A:59:F6:02:2B:00:B8
            X509v3 Authority Key Identifier:
                keyid:AF:FD:65:78:A7:CB:C6:88:40:49:A0:EB:EB:65:C0:39:C5:8E:25:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_1leKfLxohASaDr62XAOcWOJYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/qISidSbvT14F6ra-3VpZ9gIrALg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/r_1leKfLxohASaDr62XAOcWOJYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         db:ae:ad:55:5e:ff:7e:c7:64:74:3b:7e:a5:5d:f2:47:47:ba:
         39:30:da:6d:c2:67:bf:26:4e:42:15:87:49:8b:ea:ae:37:b7:
         31:32:bd:f4:78:9c:33:e3:69:b7:c8:2c:23:82:29:99:5d:ec:
         e1:39:02:e6:92:bb:30:99:80:8a:58:e6:35:d9:dc:8f:17:23:
         7d:33:2e:44:9a:c2:51:e2:7e:fd:a9:87:5a:3f:bc:06:ed:0f:
         cc:da:52:77:ab:57:8e:a8:98:16:c8:28:fe:25:50:7e:1c:de:
         8a:0d:a9:d6:92:7f:b8:3d:4c:f7:b1:c4:48:65:80:5d:b7:37:
         3b:55:54:7d:54:54:9f:b0:ec:f4:d6:fc:69:58:22:ba:2a:d2:
         e9:0b:b2:3e:2b:de:d0:89:34:25:07:5e:4d:c4:52:a9:81:22:
         68:02:70:36:56:86:ce:ed:59:24:46:1b:1c:06:c2:ea:d0:6a:
         62:e5:aa:a1:0f:c9:7c:f6:21:0c:9d:94:17:14:ab:61:e1:b9:
         0e:ad:3a:96:e7:bc:b8:55:d1:d1:2f:f4:e9:5e:a8:24:a5:a0:
         31:82:89:63:cb:aa:47:ba:20:ba:d9:d1:b1:cb:c1:7f:79:f8:
         97:dd:ba:fb:d8:60:7c:9f:1a:88:1c:c7:7d:21:63:d9:25:ff:
         ce:2f:a8:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFPhuPWKvZoAZ+TOioV+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmQ2NTc4YTdjYmM2ODg0MDQ5YTBlYmViNjVjMDM5YzU4
ZTI1ODMwHhcNMjMwMTAyMDEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg0YTI3NTI2ZWY0ZjVlMDVlYWI2YmVkZDVhNTlmNjAyMmIwMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj72IL8HypwQyC6VABPlAHY0NcCiV
Hoczpu2ag/1sZj1WmpsRmlw2ksZyJuyVy8LRTumMxqaehB8Aj6CW9GDCfGoFdABC
IZMZ18OSwflOrzvXe8rCuy5mWTjZbK5CMKsFs8dwl+WAXAJS0ZitnRRxDJuIm4ZN
uCDNx47CyNJ3DLG/2d+H4cTpisUtW+skkQoTkY+33JOXY2hMxX0etUIqhURNSMLY
0O8Ftu5hOHqLSHhsKun8MWMP/0KuEZtxH1w78UAWZr05ot2MXvsFyXUAFyvvw4Eu
ZUprITcdtHDN2+/ylFASP7HVDFrrSVEBuSeEbh2wnen+7mfz32rSDWkenQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiEonUm709eBeq2vt1aWfYCKwC4MB8GA1UdIwQY
MBaAFK/9ZXiny8aIQEmg6+tlwDnFjiWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl8xbGVLZkx4b2hBU2FEcjYyWEFPY1dPSllNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zZDAxZGMtMzVmNS00OGQ1LWE0ODkt
ZTVjMWNhMmM2Y2ZiLzEvcUlTaWRTYnZUMTRGNnJhLTNWcFo5Z0lyQUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zZDAxZGMtMzVmNS00OGQ1LWE0ODktZTVjMWNhMmM2Y2Zi
LzEvcl8xbGVLZkx4b2hBU2FEcjYyWEFPY1dPSllNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkVMA0G
CSqGSIb3DQEBCwUAA4IBAQDbrq1VXv9+x2R0O36lXfJHR7o5MNptwme/Jk5CFYdJ
i+quN7cxMr30eJwz42m3yCwjgimZXezhOQLmkrswmYCKWOY12dyPFyN9My5EmsJR
4n79qYdaP7wG7Q/M2lJ3q1eOqJgWyCj+JVB+HN6KDanWkn+4PUz3scRIZYBdtzc7
VVR9VFSfsOz01vxpWCK6KtLpC7I+K97QiTQlB15NxFKpgSJoAnA2VobO7VkkRhsc
BsLq0Gpi5aqhD8l89iEMnZQXFKth4bkOrTqW57y4VdHRL/TpXqgkpaAxgoljy6pH
uiC62dGxy8F/efiX3br72GB8nxqIHMd9IWPZJf/OL6gy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:09 2024 by rpki-client on console-fra.rpki-client.org