Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa
File:                     tXPdZBE8uTFx4681tSuF8IW2heQ.roa (raw, json)
Hash identifier:          bLuG2N9VSGytDMx0PLcSwmY9Lp2sxpLpw+4Ok5p9+Ys=
Subject key identifier:   B5:73:DD:64:11:3C:B9:31:71:E3:AF:35:B5:2B:85:F0:85:B6:85:E4
Certificate issuer:       /CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
Certificate serial:       04C39F61
Authority key identifier: 92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa
Signing time:             Sat 01 Jan 2022 11:57:22 +0000
ROA not before:           Sat 01 Jan 2022 11:57:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47753
IP address blocks:        2001:678:dd0::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79929185 (0x4c39f61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922fbdff15c9bec0fee7309be592e5d86dd9408a
        Validity
            Not Before: Jan  1 11:57:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b573dd64113cb93171e3af35b52b85f085b685e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c1:35:39:ee:af:95:c0:7a:91:1c:d1:fe:f1:
                    ae:58:e1:c6:95:18:f6:9d:54:c3:38:91:c1:98:53:
                    db:fa:60:48:e7:1b:61:3a:82:42:65:74:dc:27:ec:
                    09:cd:a9:c6:17:48:e2:fe:46:0c:95:74:c1:52:53:
                    2b:c7:82:08:5a:99:f7:87:76:57:e9:e4:2e:3a:0f:
                    47:62:64:5c:c0:fb:b7:0b:43:9e:ea:97:e2:a3:fd:
                    48:d5:57:84:49:bd:9c:6e:ea:36:c3:02:c3:a5:34:
                    6e:2f:72:b3:fa:a1:02:40:45:aa:07:d3:fe:b6:27:
                    05:86:ef:c3:7e:d2:a1:c6:f3:65:fb:df:49:66:ca:
                    0d:cf:3a:2c:dc:e9:76:b7:43:be:2a:f4:a3:66:d8:
                    c1:e9:cb:31:41:74:1a:a7:10:00:c8:5e:14:3d:b2:
                    be:3f:76:99:78:cc:4b:eb:3d:bf:bb:c3:3b:6e:6d:
                    b9:87:d6:44:9b:9c:68:71:8f:49:25:b8:46:02:3b:
                    34:f7:a8:3a:d1:e1:eb:d7:22:62:f6:14:c7:64:63:
                    68:26:44:1a:8c:44:5e:9f:39:f2:62:57:09:64:2d:
                    7d:4d:4d:e2:fb:d0:62:56:da:1e:38:c2:0d:f1:1d:
                    b4:0c:de:28:e3:7c:94:da:4d:04:ab:5e:2f:b3:31:
                    e8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:73:DD:64:11:3C:B9:31:71:E3:AF:35:B5:2B:85:F0:85:B6:85:E4
            X509v3 Authority Key Identifier:
                keyid:92:2F:BD:FF:15:C9:BE:C0:FE:E7:30:9B:E5:92:E5:D8:6D:D9:40:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/tXPdZBE8uTFx4681tSuF8IW2heQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e882-0350-46e7-8c69-ff37c9a84110/1/ki-9_xXJvsD-5zCb5ZLl2G3ZQIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:dd0::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:d9:65:c1:e7:4b:15:ca:9a:8f:d5:a6:f9:ad:e3:b5:5f:4d:
         f1:9d:4e:0f:ba:4b:1d:66:82:aa:73:85:91:dd:b4:42:e4:a9:
         f4:20:ca:d3:0a:f7:8e:6d:c7:5c:2e:90:2e:9e:6d:18:03:90:
         a9:30:7d:77:83:64:db:ed:e8:a1:16:05:de:d2:e5:29:40:15:
         cb:78:5b:55:c3:51:dc:b1:ae:30:65:3f:2c:07:69:05:4a:d4:
         ef:c1:f7:06:9e:e9:35:9e:b4:5b:8d:52:9f:81:53:ff:6f:4e:
         2e:48:81:77:2a:94:8d:06:76:22:ac:d0:e6:63:52:f4:06:76:
         0f:f4:5c:7f:f5:6a:6d:cc:81:f8:f3:a8:01:50:de:b5:56:ca:
         df:88:87:a2:89:aa:27:62:19:cb:bf:23:b6:7d:ed:21:4c:30:
         a6:65:4b:3d:46:55:0e:90:2e:34:aa:cd:ff:e6:9a:90:fc:10:
         db:92:4f:3e:14:a7:f0:71:77:38:8a:0e:6a:49:3c:0e:9f:5d:
         ce:6f:4a:ef:c0:92:d6:b3:aa:ca:76:cb:90:4a:b6:f5:c3:44:
         f3:0e:d8:76:fa:8b:4e:84:18:4c:c7:d8:9d:d2:48:78:3c:5b:
         e0:9e:ba:c4:b6:cd:0c:e6:d0:c5:54:e6:83:03:2d:e3:3e:8b:
         7a:df:d2:e3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBMOfYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjJmYmRmZjE1YzliZWMwZmVlNzMwOWJlNTkyZTVkODZkZDk0MDhhMB4XDTIyMDEw
MTExNTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU3M2RkNjQxMTNj
YjkzMTcxZTNhZjM1YjUyYjg1ZjA4NWI2ODVlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3BNTnur5XAepEc0f7xrljhxpUY9p1UwziRwZhT2/pgSOcb
YTqCQmV03CfsCc2pxhdI4v5GDJV0wVJTK8eCCFqZ94d2V+nkLjoPR2JkXMD7twtD
nuqX4qP9SNVXhEm9nG7qNsMCw6U0bi9ys/qhAkBFqgfT/rYnBYbvw37SocbzZfvf
SWbKDc86LNzpdrdDvir0o2bYwenLMUF0GqcQAMheFD2yvj92mXjMS+s9v7vDO25t
uYfWRJucaHGPSSW4RgI7NPeoOtHh69ciYvYUx2RjaCZEGoxEXp858mJXCWQtfU1N
4vvQYlbaHjjCDfEdtAzeKON8lNpNBKteL7Mx6NMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS1c91kETy5MXHjrzW1K4XwhbaF5DAfBgNVHSMEGDAWgBSSL73/Fcm+wP7n
MJvlkuXYbdlAijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpLTlfeFhKdnNELTV6Q2I1WkxsMkczWlFJby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8x
L3RYUGRaQkU4dVRGeDQ2ODF0U3VGOElXMmhlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NDZlODgyLTAzNTAtNDZlNy04YzY5LWZmMzdjOWE4NDExMC8xL2tpLTlfeFhKdnNE
LTV6Q2I1WkxsMkczWlFJby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN0DANBgkqhkiG9w0BAQsF
AAOCAQEABtllwedLFcqaj9Wm+a3jtV9N8Z1OD7pLHWaCqnOFkd20QuSp9CDK0wr3
jm3HXC6QLp5tGAOQqTB9d4Nk2+3ooRYF3tLlKUAVy3hbVcNR3LGuMGU/LAdpBUrU
78H3Bp7pNZ60W41Sn4FT/29OLkiBdyqUjQZ2IqzQ5mNS9AZ2D/Rcf/VqbcyB+POo
AVDetVbK34iHoomqJ2IZy78jtn3tIUwwpmVLPUZVDpAuNKrN/+aakPwQ25JPPhSn
8HF3OIoOakk8Dp9dzm9K78CS1rOqynbLkEq29cNE8w7YdvqLToQYTMfYndJIeDxb
4J66xLbNDObQxVTmgwMt4z6Let/S4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:31 2024 by rpki-client on console-ams.rpki-client.org