Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/xcaCPjfxNE-bMIhBma4fyXMlaZQ.roa
File:                     xcaCPjfxNE-bMIhBma4fyXMlaZQ.roa (raw, json)
Hash identifier:          yYdX1ql8PPor9dkDIewsgeRsEwHeTlXSD5FCyiIiPbg=
Subject key identifier:   C5:C6:82:3E:37:F1:34:4F:9B:30:88:41:99:AE:1F:C9:73:25:69:94
Certificate issuer:       /CN=affd6578a7cbc6884049a0ebeb65c039c58e2583
Certificate serial:       01857014F91E6DEE3217AEE6EAF7C3077F69
Authority key identifier: AF:FD:65:78:A7:CB:C6:88:40:49:A0:EB:EB:65:C0:39:C5:8E:25:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_1leKfLxohASaDr62XAOcWOJYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/xcaCPjfxNE-bMIhBma4fyXMlaZQ.roa
Signing time:             Mon 02 Jan 2023 01:25:00 +0000
ROA not before:           Mon 02 Jan 2023 01:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.9.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:14:f9:1e:6d:ee:32:17:ae:e6:ea:f7:c3:07:7f:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=affd6578a7cbc6884049a0ebeb65c039c58e2583
        Validity
            Not Before: Jan  2 01:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5c6823e37f1344f9b30884199ae1fc973256994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c2:b4:a3:a8:4f:39:20:9f:63:df:cd:46:11:
                    a9:55:ca:7c:5c:29:69:45:42:5c:ac:bc:cf:8c:06:
                    da:e7:6d:a0:4d:a1:2e:6e:50:be:0d:f9:fd:3f:9a:
                    e9:3c:80:7c:5a:45:fc:a9:ca:70:37:6d:0b:99:93:
                    7f:64:70:21:68:19:dd:41:7b:10:fb:d3:06:54:a3:
                    c8:77:63:ff:07:c5:9b:e0:38:6c:58:13:d8:b7:cf:
                    5e:6d:4b:ce:1d:71:fd:ce:e4:7c:4e:2f:28:32:8a:
                    81:68:db:9f:ee:dc:b7:46:eb:3c:77:e0:25:ba:d6:
                    81:07:a2:ca:ec:e8:05:a8:18:ce:da:c2:0d:e7:09:
                    71:85:20:94:42:45:44:87:27:40:89:bf:5e:73:de:
                    e0:9a:2b:8c:51:4b:bf:61:1a:15:b8:1b:13:2f:7a:
                    ce:f8:7f:fc:80:de:98:f2:47:f1:c4:10:61:5a:8e:
                    16:83:3b:44:2e:eb:99:f7:1f:17:76:26:80:1a:5b:
                    e0:41:3a:cd:5b:a4:97:14:96:03:dd:19:a1:97:45:
                    bd:2c:f5:c5:f0:cd:11:23:33:48:b8:91:ea:19:58:
                    d9:88:75:99:7e:f9:74:4e:a7:24:9e:9d:46:f8:a6:
                    33:40:87:61:4b:d0:7f:51:c2:f8:2f:73:04:bd:03:
                    83:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:C6:82:3E:37:F1:34:4F:9B:30:88:41:99:AE:1F:C9:73:25:69:94
            X509v3 Authority Key Identifier:
                keyid:AF:FD:65:78:A7:CB:C6:88:40:49:A0:EB:EB:65:C0:39:C5:8E:25:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_1leKfLxohASaDr62XAOcWOJYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/xcaCPjfxNE-bMIhBma4fyXMlaZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3d01dc-35f5-48d5-a489-e5c1ca2c6cfb/1/r_1leKfLxohASaDr62XAOcWOJYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:55:a7:67:0f:7e:d7:5b:42:09:01:e7:0e:bd:34:54:aa:af:
         fc:e0:90:a6:e4:be:04:23:bc:63:b5:5e:c1:e1:14:a3:24:71:
         79:a6:bc:9e:9f:55:2f:1b:a8:d5:bb:93:40:d0:6d:23:09:a9:
         f7:61:f6:32:ea:b6:6d:cd:72:b3:ce:82:06:60:13:eb:e9:27:
         02:b7:7a:5a:ad:16:39:cb:e7:79:10:16:7e:7b:cb:40:39:6f:
         3b:4a:e5:30:ee:81:73:e8:8a:94:da:50:29:c8:c3:cb:e2:fd:
         2e:78:18:5e:b3:be:ec:ff:67:4e:c8:90:b3:16:f5:aa:0a:4b:
         7d:d4:be:57:36:8f:41:70:4e:ba:36:b2:73:8f:bf:31:8a:3b:
         aa:aa:e2:4b:fa:25:e4:1e:c1:d4:c1:6d:97:e0:02:0f:f4:3e:
         16:00:37:65:70:17:78:dc:27:46:94:29:dc:30:85:2b:b8:bb:
         eb:cf:47:b1:bb:d8:4f:ca:18:ea:27:85:d9:3e:d4:c5:55:88:
         60:c1:6e:68:d4:0d:59:72:ca:40:6f:ae:c3:92:e4:0c:bc:0c:
         c0:95:42:8f:3b:0e:f5:a6:fc:28:7e:ac:a3:d0:95:65:c8:a4:
         8d:3d:71:97:8d:18:ab:50:be:25:91:62:10:e7:1e:7b:c6:91:
         3a:b6:54:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFPkebe4yF67m6vfDB39pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmQ2NTc4YTdjYmM2ODg0MDQ5YTBlYmViNjVjMDM5YzU4
ZTI1ODMwHhcNMjMwMTAyMDEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM2ODIzZTM3ZjEzNDRmOWIzMDg4NDE5OWFlMWZjOTczMjU2OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8K0o6hPOSCfY9/NRhGpVcp8XClp
RUJcrLzPjAba522gTaEublC+Dfn9P5rpPIB8WkX8qcpwN20LmZN/ZHAhaBndQXsQ
+9MGVKPId2P/B8Wb4DhsWBPYt89ebUvOHXH9zuR8Ti8oMoqBaNuf7ty3Rus8d+Al
utaBB6LK7OgFqBjO2sIN5wlxhSCUQkVEhydAib9ec97gmiuMUUu/YRoVuBsTL3rO
+H/8gN6Y8kfxxBBhWo4WgztELuuZ9x8XdiaAGlvgQTrNW6SXFJYD3Rmhl0W9LPXF
8M0RIzNIuJHqGVjZiHWZfvl0Tqcknp1G+KYzQIdhS9B/UcL4L3MEvQODOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXGgj438TRPmzCIQZmuH8lzJWmUMB8GA1UdIwQY
MBaAFK/9ZXiny8aIQEmg6+tlwDnFjiWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl8xbGVLZkx4b2hBU2FEcjYyWEFPY1dPSllNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zZDAxZGMtMzVmNS00OGQ1LWE0ODkt
ZTVjMWNhMmM2Y2ZiLzEveGNhQ1BqZnhORS1iTUloQm1hNGZ5WE1sYVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zZDAxZGMtMzVmNS00OGQ1LWE0ODktZTVjMWNhMmM2Y2Zi
LzEvcl8xbGVLZkx4b2hBU2FEcjYyWEFPY1dPSllNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkVMA0G
CSqGSIb3DQEBCwUAA4IBAQA8VadnD37XW0IJAecOvTRUqq/84JCm5L4EI7xjtV7B
4RSjJHF5pryen1UvG6jVu5NA0G0jCan3YfYy6rZtzXKzzoIGYBPr6ScCt3parRY5
y+d5EBZ+e8tAOW87SuUw7oFz6IqU2lApyMPL4v0ueBhes77s/2dOyJCzFvWqCkt9
1L5XNo9BcE66NrJzj78xijuqquJL+iXkHsHUwW2X4AIP9D4WADdlcBd43CdGlCnc
MIUruLvrz0exu9hPyhjqJ4XZPtTFVYhgwW5o1A1ZcspAb67DkuQMvAzAlUKPOw71
pvwofqyj0JVlyKSNPXGXjRirUL4lkWIQ5x57xpE6tlRy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:51 2024 by rpki-client on console-ams.rpki-client.org