Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/3ac039-18c2-424c-ae59-374c9b7ad1e7/1/K7PaU0CyS3bnjGen8AQ6ys3O_R0.roa
File:                     K7PaU0CyS3bnjGen8AQ6ys3O_R0.roa (raw, json)
Hash identifier:          T6IVw/axdJdRr1S3CYdeJ6XBBmwN8s73Y37ocW3o0cI=
Subject key identifier:   2B:B3:DA:53:40:B2:4B:76:E7:8C:67:A7:F0:04:3A:CA:CD:CE:FD:1D
Certificate issuer:       /CN=2e4dd492aba37802f99020379b0daa49f101b7da
Certificate serial:       015058
Authority key identifier: 2E:4D:D4:92:AB:A3:78:02:F9:90:20:37:9B:0D:AA:49:F1:01:B7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lk3UkqujeAL5kCA3mw2qSfEBt9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/3ac039-18c2-424c-ae59-374c9b7ad1e7/1/K7PaU0CyS3bnjGen8AQ6ys3O_R0.roa
Signing time:             Wed 20 Apr 2022 13:07:51 +0000
ROA not before:           Wed 20 Apr 2022 13:07:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        194.15.150.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86104 (0x15058)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e4dd492aba37802f99020379b0daa49f101b7da
        Validity
            Not Before: Apr 20 13:07:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2bb3da5340b24b76e78c67a7f0043acacdcefd1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:72:23:66:56:e6:b3:af:9a:ca:f5:15:a8:8d:
                    d5:ce:8a:b7:bb:45:f4:97:b9:95:d8:e8:91:6a:c1:
                    82:7f:43:ef:7c:3e:a6:36:c8:63:2a:88:8c:ac:27:
                    5c:01:4e:b1:a0:b4:75:52:a3:5d:d0:38:3d:6b:23:
                    1a:b0:ea:22:b6:bb:f7:29:31:85:7d:16:b3:9f:4e:
                    49:3a:5c:19:36:b3:69:5b:26:e8:79:b5:3f:66:dd:
                    a0:76:de:d0:a2:71:9d:bf:58:d7:76:78:54:c2:39:
                    51:a9:50:71:1e:a8:a5:d5:3f:79:c5:70:4d:6c:41:
                    53:ed:64:f3:8f:06:78:16:48:3e:63:8e:02:0a:e2:
                    66:3c:93:f2:b5:2e:e9:c6:ef:ef:df:5d:7c:6f:bc:
                    bb:5a:22:a1:b5:4b:ee:19:13:0b:c7:cf:61:67:61:
                    ea:72:cf:cd:83:db:f2:6c:0b:98:4b:03:a0:85:06:
                    ea:35:ec:95:8e:ed:a2:1d:15:88:4a:ce:2c:29:3d:
                    8b:87:52:bb:45:33:9b:d9:9b:06:66:a2:72:9c:26:
                    f4:e1:46:2a:4c:be:7c:1e:68:bc:c7:b0:80:b9:7a:
                    80:db:b6:e3:ba:db:8f:d1:e7:29:f2:4a:c5:3f:f7:
                    70:09:3c:09:05:bd:16:78:9d:52:10:cc:80:34:80:
                    d9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:B3:DA:53:40:B2:4B:76:E7:8C:67:A7:F0:04:3A:CA:CD:CE:FD:1D
            X509v3 Authority Key Identifier:
                keyid:2E:4D:D4:92:AB:A3:78:02:F9:90:20:37:9B:0D:AA:49:F1:01:B7:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lk3UkqujeAL5kCA3mw2qSfEBt9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3ac039-18c2-424c-ae59-374c9b7ad1e7/1/K7PaU0CyS3bnjGen8AQ6ys3O_R0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/3ac039-18c2-424c-ae59-374c9b7ad1e7/1/Lk3UkqujeAL5kCA3mw2qSfEBt9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:41:e3:33:8e:05:5e:98:cb:a1:b0:4f:ca:23:16:79:9a:5b:
         84:b4:2e:fe:01:45:19:b9:c4:fa:af:7c:6a:74:5f:10:71:b7:
         45:fe:16:95:77:b3:52:35:15:18:21:93:9d:04:92:67:27:6a:
         e9:45:ea:9e:9a:4f:53:07:fe:b9:73:b9:41:65:42:9d:e8:73:
         f1:96:b5:92:40:a3:5e:d3:e0:e6:57:1c:91:3d:95:6a:5d:b3:
         2a:c1:a0:60:e8:eb:0f:68:47:ab:b0:e3:87:a9:57:4b:5a:f2:
         22:22:5f:79:c1:91:29:74:2c:36:e8:3d:2e:0e:8c:7c:3a:4f:
         ae:75:65:51:57:81:d3:51:87:97:70:75:d5:b3:e2:eb:fc:6a:
         2e:2a:38:83:8a:97:04:3f:11:03:e1:4c:0c:08:10:e5:37:73:
         0d:7a:ac:45:c3:c2:11:e7:c7:90:ca:21:dc:ce:4e:13:88:6e:
         b6:31:7f:37:c4:00:5a:04:e2:bb:d3:b9:bc:c6:b1:43:85:d7:
         4d:b5:e1:c0:b5:a6:80:83:18:6f:fe:28:d5:55:91:16:e7:67:
         68:73:70:f4:d0:45:b5:fe:6f:f4:2c:67:d5:eb:04:3f:00:e6:
         d2:75:5d:d9:e5:87:cb:9d:f0:1d:a5:bf:7d:bc:dd:3f:dd:70:
         f3:1c:59:fa
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAVBYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
NGRkNDkyYWJhMzc4MDJmOTkwMjAzNzliMGRhYTQ5ZjEwMWI3ZGEwHhcNMjIwNDIw
MTMwNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYmIzZGE1MzQwYjI0
Yjc2ZTc4YzY3YTdmMDA0M2FjYWNkY2VmZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAonIjZlbms6+ayvUVqI3Vzoq3u0X0l7mV2OiRasGCf0PvfD6m
NshjKoiMrCdcAU6xoLR1UqNd0Dg9ayMasOoitrv3KTGFfRazn05JOlwZNrNpWybo
ebU/Zt2gdt7QonGdv1jXdnhUwjlRqVBxHqil1T95xXBNbEFT7WTzjwZ4Fkg+Y44C
CuJmPJPytS7pxu/v3118b7y7WiKhtUvuGRMLx89hZ2Hqcs/Ng9vybAuYSwOghQbq
NeyVju2iHRWISs4sKT2Lh1K7RTOb2ZsGZqJynCb04UYqTL58Hmi8x7CAuXqA27bj
utuP0ecp8krFP/dwCTwJBb0WeJ1SEMyANIDZpwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCuz2lNAskt254xnp/AEOsrNzv0dMB8GA1UdIwQYMBaAFC5N1JKro3gC+ZAg
N5sNqknxAbfaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TGszVWtxdWplQUw1a0NBM213MnFTZkVCdDlvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ny8zYWMwMzktMThjMi00MjRjLWFlNTktMzc0YzliN2FkMWU3LzEv
SzdQYVUwQ3lTM2JuakdlbjhBUTZ5czNPX1IwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8z
YWMwMzktMThjMi00MjRjLWFlNTktMzc0YzliN2FkMWU3LzEvTGszVWtxdWplQUw1
a0NBM213MnFTZkVCdDlvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg+WMA0GCSqGSIb3DQEBCwUAA4IB
AQCMQeMzjgVemMuhsE/KIxZ5mluEtC7+AUUZucT6r3xqdF8QcbdF/haVd7NSNRUY
IZOdBJJnJ2rpReqemk9TB/65c7lBZUKd6HPxlrWSQKNe0+DmVxyRPZVqXbMqwaBg
6OsPaEersOOHqVdLWvIiIl95wZEpdCw26D0uDox8Ok+udWVRV4HTUYeXcHXVs+Lr
/GouKjiDipcEPxED4UwMCBDlN3MNeqxFw8IR58eQyiHczk4TiG62MX83xABaBOK7
07m8xrFDhddNteHAtaaAgxhv/ijVVZEW52doc3D00EW1/m/0LGfV6wQ/AObSdV3Z
5YfLnfAdpb99vN0/3XDzHFn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:43 2024 by rpki-client on console-ams.rpki-client.org