Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/kf8vGQyzB8MUBi4HKM6j601ooUo.roa
File:                     kf8vGQyzB8MUBi4HKM6j601ooUo.roa (raw, json)
Hash identifier:          3AVkiPDCE446NikgNOxyypKb2J3ld9N5iV8jL6vcuvI=
Subject key identifier:   91:FF:2F:19:0C:B3:07:C3:14:06:2E:07:28:CE:A3:EB:4D:68:A1:4A
Certificate issuer:       /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial:       018357799AEC4335A018DB4EEA0BC91A227C
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/kf8vGQyzB8MUBi4HKM6j601ooUo.roa
Signing time:             Mon 19 Sep 2022 20:38:50 +0000
ROA not before:           Mon 19 Sep 2022 20:38:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        217.28.128.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:57:79:9a:ec:43:35:a0:18:db:4e:ea:0b:c9:1a:22:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
        Validity
            Not Before: Sep 19 20:38:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=91ff2f190cb307c314062e0728cea3eb4d68a14a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:31:27:c0:f6:92:e4:64:22:19:f2:95:4f:2f:
                    85:47:4c:8b:bb:f9:4b:4e:e2:83:1d:42:1a:5a:67:
                    10:66:7f:33:4e:90:c0:2a:ee:24:ca:24:31:50:65:
                    9c:a2:3a:38:3d:f9:60:26:78:98:aa:b5:f8:2b:e2:
                    ec:9a:1d:0f:18:3b:bc:4a:97:2f:a5:20:6d:45:c9:
                    47:1e:93:28:c5:a4:0b:f0:a1:0a:de:04:7f:34:82:
                    ee:cc:68:7c:d0:ec:49:fb:ec:b0:3e:7b:3f:47:5f:
                    77:98:b8:fc:79:9e:b7:c1:16:03:c6:82:68:1c:a7:
                    7f:ba:58:a7:28:d3:b8:a3:04:64:aa:8e:4b:d3:01:
                    a0:7c:23:f0:6d:0e:bf:25:f9:c9:77:4a:ff:f8:3d:
                    5d:c7:58:a7:ec:66:12:a2:32:93:a2:54:a3:17:fe:
                    23:e8:8c:9e:a6:44:e3:94:90:4a:e7:6e:5d:16:01:
                    83:8a:9f:e1:d9:82:7a:54:ff:ff:5f:22:39:5f:e3:
                    e5:8c:84:bd:ba:32:c5:cf:85:98:80:c4:7f:af:42:
                    ea:22:a5:32:2f:94:89:a4:1e:97:47:31:74:93:99:
                    8b:91:02:13:06:c4:de:c8:4d:52:91:87:1b:db:c6:
                    f0:3d:43:69:65:51:1c:35:c2:27:ae:46:f7:9c:4f:
                    cb:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:FF:2F:19:0C:B3:07:C3:14:06:2E:07:28:CE:A3:EB:4D:68:A1:4A
            X509v3 Authority Key Identifier:
                keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/kf8vGQyzB8MUBi4HKM6j601ooUo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.28.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:59:fe:f9:6a:38:1a:bb:06:5e:84:67:d3:b9:ac:30:43:1b:
         96:4e:23:22:2a:f3:71:fa:15:16:b1:7a:15:3d:6d:74:19:f1:
         15:e8:70:37:2c:ac:f1:ff:aa:9c:82:6d:35:b5:a2:67:bf:4a:
         73:43:99:d0:ad:2e:ec:2a:c2:21:68:bb:63:f5:61:53:51:b5:
         06:f4:c8:65:47:16:f2:7b:55:75:93:38:d5:66:7e:5b:14:8b:
         71:51:5d:d7:97:a6:59:3c:22:dd:1d:87:d1:67:01:0e:19:82:
         1e:a1:04:30:74:54:43:53:01:e8:27:54:9a:46:df:a5:bd:74:
         00:b1:13:d6:fe:65:9a:94:c4:66:f4:7b:9e:f6:21:5d:84:59:
         63:c6:1d:61:57:c4:de:4d:16:70:87:3a:36:ca:68:47:c0:8e:
         ad:73:5a:76:27:e0:16:aa:9f:c7:c6:97:b6:fd:b5:b9:fc:41:
         4e:9b:5b:9d:0a:85:fa:b1:fe:30:d2:a2:70:a8:2d:ad:66:69:
         56:2f:28:8b:bf:31:80:be:b0:b5:c3:15:e9:03:dd:ec:ca:e5:
         27:58:07:69:35:47:2c:79:09:40:99:a9:f3:84:f5:e8:e3:5d:
         63:3a:74:bd:b0:a5:09:b9:0a:48:f0:98:4b:13:a4:b4:1d:35:
         d0:8c:48:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNXeZrsQzWgGNtO6gvJGiJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBj
NGEyMDYwHhcNMjIwOTE5MjAzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZmMmYxOTBjYjMwN2MzMTQwNjJlMDcyOGNlYTNlYjRkNjhhMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzEnwPaS5GQiGfKVTy+FR0yLu/lL
TuKDHUIaWmcQZn8zTpDAKu4kyiQxUGWcojo4PflgJniYqrX4K+Lsmh0PGDu8Spcv
pSBtRclHHpMoxaQL8KEK3gR/NILuzGh80OxJ++ywPns/R193mLj8eZ63wRYDxoJo
HKd/ulinKNO4owRkqo5L0wGgfCPwbQ6/JfnJd0r/+D1dx1in7GYSojKTolSjF/4j
6IyepkTjlJBK525dFgGDip/h2YJ6VP//XyI5X+PljIS9ujLFz4WYgMR/r0LqIqUy
L5SJpB6XRzF0k5mLkQITBsTeyE1SkYcb28bwPUNpZVEcNcInrkb3nE/L2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH/LxkMswfDFAYuByjOo+tNaKFKMB8GA1UdIwQY
MBaAFAASudyXbXzoB+Rv6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjIt
OTg0YTA4ODk4NDU5LzEva2Y4dkdReXpCOE1VQmk0SEtNNmo2MDFvb1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5
LzEvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyAMA0G
CSqGSIb3DQEBCwUAA4IBAQAFWf75ajgauwZehGfTuawwQxuWTiMiKvNx+hUWsXoV
PW10GfEV6HA3LKzx/6qcgm01taJnv0pzQ5nQrS7sKsIhaLtj9WFTUbUG9MhlRxby
e1V1kzjVZn5bFItxUV3Xl6ZZPCLdHYfRZwEOGYIeoQQwdFRDUwHoJ1SaRt+lvXQA
sRPW/mWalMRm9Hue9iFdhFljxh1hV8TeTRZwhzo2ymhHwI6tc1p2J+AWqp/Hxpe2
/bW5/EFOm1udCoX6sf4w0qJwqC2tZmlWLyiLvzGAvrC1wxXpA93syuUnWAdpNUcs
eQlAmanzhPXo411jOnS9sKUJuQpI8JhLE6S0HTXQjEix
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:21 2024 by rpki-client on console-ams.rpki-client.org