Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/41flNw4b3mehLDHu1OxJC2CVPRQ.roa
File:                     41flNw4b3mehLDHu1OxJC2CVPRQ.roa (raw, json)
Hash identifier:          BH/aTiRuB/THg0ax1VpeQC+gzVWDcbHgyysY6Ybv5To=
Subject key identifier:   E3:57:E5:37:0E:1B:DE:67:A1:2C:31:EE:D4:EC:49:0B:60:95:3D:14
Certificate issuer:       /CN=f7e784f370640383e97ec92963bcad3181b99774
Certificate serial:       09193161
Authority key identifier: F7:E7:84:F3:70:64:03:83:E9:7E:C9:29:63:BC:AD:31:81:B9:97:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9-eE83BkA4PpfskpY7ytMYG5l3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/41flNw4b3mehLDHu1OxJC2CVPRQ.roa
Signing time:             Sat 01 Jan 2022 13:01:11 +0000
ROA not before:           Sat 01 Jan 2022 13:01:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210981
IP address blocks:        92.249.25.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152645985 (0x9193161)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7e784f370640383e97ec92963bcad3181b99774
        Validity
            Not Before: Jan  1 13:01:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e357e5370e1bde67a12c31eed4ec490b60953d14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f9:b9:0d:eb:fb:98:f3:d2:6d:29:00:2a:bc:
                    86:e3:59:7b:23:0e:88:5c:16:46:94:1e:80:bc:1a:
                    d3:af:e7:b8:76:ab:87:9a:fb:b3:9b:e6:35:79:a8:
                    5e:90:04:b4:78:b6:13:7c:e1:e2:9e:6a:01:da:fe:
                    45:67:ee:30:92:1d:e5:2d:06:ac:2a:9a:f0:13:3d:
                    ce:f6:80:12:32:34:31:40:c4:de:de:26:b2:7c:46:
                    7a:f7:ca:96:26:cb:c5:75:5c:4b:60:af:8e:0a:c1:
                    ce:7e:c5:d0:e3:29:a5:1d:ac:01:7e:28:43:0b:68:
                    f0:33:f5:d0:70:b3:73:93:88:a6:a8:5d:38:10:fc:
                    76:b8:dc:70:d7:f5:62:0e:32:75:f3:98:11:99:4d:
                    aa:c3:35:95:b9:df:b4:0d:51:63:1c:90:dc:2d:1c:
                    57:0d:0b:78:c7:eb:8a:1a:79:01:eb:33:3d:90:cc:
                    bc:04:dd:5e:a5:1b:8d:2f:36:e9:71:d3:b8:e6:a9:
                    62:77:14:3d:3a:00:fc:05:06:bd:f9:ca:1e:5b:da:
                    6f:aa:6d:26:47:1a:7d:38:52:26:7d:45:1a:10:9c:
                    b5:e4:e5:b9:e4:4a:58:88:26:2d:91:8a:28:9b:4f:
                    44:fc:09:4c:d5:88:5a:36:c4:5b:c2:aa:ac:6a:00:
                    77:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:57:E5:37:0E:1B:DE:67:A1:2C:31:EE:D4:EC:49:0B:60:95:3D:14
            X509v3 Authority Key Identifier:
                keyid:F7:E7:84:F3:70:64:03:83:E9:7E:C9:29:63:BC:AD:31:81:B9:97:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-eE83BkA4PpfskpY7ytMYG5l3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/41flNw4b3mehLDHu1OxJC2CVPRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/800b02-32a8-4899-805c-68e0a84feb46/1/9-eE83BkA4PpfskpY7ytMYG5l3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.249.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:1c:d4:81:15:0b:b8:35:f2:72:c5:9b:14:51:21:04:5a:57:
         6b:23:6a:10:56:e0:cc:89:0b:37:7c:c0:c0:41:1e:94:d1:7b:
         f8:0b:5d:36:e5:fc:1d:50:76:fa:9f:e1:c3:e2:6f:dc:6c:77:
         f7:7a:9a:e7:b5:c9:3f:65:2a:d1:2b:bc:a1:e9:c5:32:81:6f:
         97:2a:db:c9:ac:7e:31:ce:95:6b:06:6e:17:b0:fe:b8:4f:9d:
         f7:a1:55:63:53:70:2e:a4:b3:08:e5:3f:6f:9b:ed:fd:80:81:
         30:fd:78:aa:91:39:7a:18:04:02:65:eb:1a:b1:80:bd:d7:b9:
         67:d1:e4:a5:ef:28:27:7a:b0:8c:55:3b:96:43:f5:76:a3:af:
         a1:fc:f5:45:f2:e4:a3:1e:6a:6a:55:3a:77:11:ec:10:9a:ef:
         41:ac:d1:b0:54:c2:19:64:8e:f6:fe:eb:a9:79:dd:fe:54:92:
         e5:98:23:b0:44:a8:44:5c:50:d4:04:c5:f3:99:cc:28:ab:37:
         c0:04:6f:b2:a1:db:7f:fe:93:d6:d1:3c:2c:7f:4a:61:89:6b:
         f5:40:af:c0:14:1f:47:d5:cc:e4:d2:8c:50:28:72:49:cd:96:
         72:e4:9e:f2:52:42:ee:57:fe:1d:49:04:a6:5c:36:18:74:73:
         9b:34:5b:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRkxYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
N2U3ODRmMzcwNjQwMzgzZTk3ZWM5Mjk2M2JjYWQzMTgxYjk5Nzc0MB4XDTIyMDEw
MTEzMDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM1N2U1MzcwZTFi
ZGU2N2ExMmMzMWVlZDRlYzQ5MGI2MDk1M2QxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKL5uQ3r+5jz0m0pACq8huNZeyMOiFwWRpQegLwa06/nuHar
h5r7s5vmNXmoXpAEtHi2E3zh4p5qAdr+RWfuMJId5S0GrCqa8BM9zvaAEjI0MUDE
3t4msnxGevfKlibLxXVcS2CvjgrBzn7F0OMppR2sAX4oQwto8DP10HCzc5OIpqhd
OBD8drjccNf1Yg4ydfOYEZlNqsM1lbnftA1RYxyQ3C0cVw0LeMfrihp5AeszPZDM
vATdXqUbjS826XHTuOapYncUPToA/AUGvfnKHlvab6ptJkcafThSJn1FGhCcteTl
ueRKWIgmLZGKKJtPRPwJTNWIWjbEW8KqrGoAd/ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjV+U3DhveZ6EsMe7U7EkLYJU9FDAfBgNVHSMEGDAWgBT354TzcGQDg+l+
ySljvK0xgbmXdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzktZUU4M0JrQTRQcGZza3BZN3l0TVlHNWwzUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvODAwYjAyLTMyYTgtNDg5OS04MDVjLTY4ZTBhODRmZWI0Ni8x
LzQxZmxOdzRiM21laExESHUxT3hKQzJDVlBSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
ODAwYjAyLTMyYTgtNDg5OS04MDVjLTY4ZTBhODRmZWI0Ni8xLzktZUU4M0JrQTRQ
cGZza3BZN3l0TVlHNWwzUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFz5GTANBgkqhkiG9w0BAQsFAAOC
AQEAtRzUgRULuDXycsWbFFEhBFpXayNqEFbgzIkLN3zAwEEelNF7+AtdNuX8HVB2
+p/hw+Jv3Gx393qa57XJP2Uq0Su8oenFMoFvlyrbyax+Mc6VawZuF7D+uE+d96FV
Y1NwLqSzCOU/b5vt/YCBMP14qpE5ehgEAmXrGrGAvde5Z9Hkpe8oJ3qwjFU7lkP1
dqOvofz1RfLkox5qalU6dxHsEJrvQazRsFTCGWSO9v7rqXnd/lSS5ZgjsESoRFxQ
1ATF85nMKKs3wARvsqHbf/6T1tE8LH9KYYlr9UCvwBQfR9XM5NKMUChySc2WcuSe
8lJC7lf+HUkEplw2GHRzmzRbCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:23 2024 by rpki-client on console-fra.rpki-client.org