Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/gSaqh1DZjinueBISQ5anhc6MqlA.roa
File:                     gSaqh1DZjinueBISQ5anhc6MqlA.roa (raw, json)
Hash identifier:          YkDe1Wo2TrGPwfsmswv7MwC0iQtLHQzp66HRxfv/M8I=
Subject key identifier:   81:26:AA:87:50:D9:8E:29:EE:78:12:12:43:96:A7:85:CE:8C:AA:50
Certificate issuer:       /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial:       045D9F40
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/gSaqh1DZjinueBISQ5anhc6MqlA.roa
Signing time:             Sat 01 Jan 2022 02:55:28 +0000
ROA not before:           Sat 01 Jan 2022 02:55:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211535
IP address blocks:        2a10:4741::/44 maxlen: 44

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73244480 (0x45d9f40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
        Validity
            Not Before: Jan  1 02:55:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8126aa8750d98e29ee7812124396a785ce8caa50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8a:2d:a4:73:c1:da:b8:c3:61:a8:bd:77:c4:
                    a4:af:e6:83:93:ad:f1:30:2f:57:4e:2a:2f:5c:80:
                    0b:5b:e6:ff:ba:57:ba:94:f0:dc:5d:8e:87:9b:f6:
                    53:69:54:30:35:9c:c5:6c:1b:5c:4d:00:c8:a0:c5:
                    af:e4:33:4b:1d:29:9c:c1:53:8c:85:17:00:fd:2f:
                    0e:91:1e:57:0e:b9:39:41:33:d9:7d:31:c5:3c:b1:
                    03:c6:cd:10:7f:00:4c:71:d0:1d:85:30:df:f8:7e:
                    23:ed:42:4e:c6:00:68:80:4d:4c:10:c0:98:01:20:
                    ad:2d:2c:99:c7:11:4e:8c:f3:9a:ef:24:8c:ae:c6:
                    29:62:ea:48:b3:df:0a:64:c6:c2:b1:dc:f0:ea:b8:
                    bd:33:ba:ef:2d:2a:f6:9b:fc:ad:d1:08:5e:c1:a2:
                    b1:49:51:f1:b5:fb:c3:49:6e:0d:ca:bc:b5:71:0d:
                    ac:81:8b:37:19:6d:6b:99:03:4a:66:5d:89:3b:ee:
                    28:f4:99:1e:66:9d:e9:e6:e3:2a:b4:8c:79:6f:6c:
                    86:5e:d4:31:84:ac:10:ed:d1:08:50:e3:40:81:cd:
                    e8:a8:34:cd:5d:87:37:cc:2d:6a:d8:95:31:8a:c3:
                    b1:db:59:cb:a1:5e:ad:9e:dc:bc:5c:cc:7a:9b:60:
                    04:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:26:AA:87:50:D9:8E:29:EE:78:12:12:43:96:A7:85:CE:8C:AA:50
            X509v3 Authority Key Identifier:
                keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/gSaqh1DZjinueBISQ5anhc6MqlA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4741::/44

    Signature Algorithm: sha256WithRSAEncryption
         af:3a:c1:5a:69:55:61:6e:36:25:fe:19:40:c7:e1:77:4a:1a:
         9d:90:de:f2:9f:3d:18:33:28:51:df:bd:eb:cf:07:c0:0e:b3:
         0c:cd:ff:ab:8b:ff:64:3a:19:9d:37:f2:35:4e:e0:5d:49:ce:
         c4:8c:4b:eb:32:66:19:f9:d5:f9:2d:00:01:66:6d:e0:cf:c6:
         6a:4d:eb:70:e3:07:b1:76:8e:07:52:44:2b:8d:58:4f:2a:b0:
         1b:3d:75:0b:eb:ea:92:f7:83:2e:09:b5:1b:09:cc:ef:b9:c4:
         fb:62:5c:b9:b0:c6:26:ed:30:f1:d6:85:70:ec:78:2d:04:dd:
         87:ac:22:5a:56:a6:ac:38:56:87:36:c1:ad:2c:5f:82:92:93:
         46:13:e6:16:2c:9d:c0:9e:55:0f:3a:9b:c4:76:07:66:1e:42:
         f2:34:54:9a:b4:2d:b5:30:0d:b0:a6:72:f4:00:8d:fd:9b:16:
         57:4f:93:60:0f:51:48:c1:42:75:94:21:73:ac:3c:f5:46:0c:
         c0:c5:2e:ee:af:34:86:56:98:7b:9d:b8:e8:a8:8a:9f:b1:cf:
         03:83:67:da:fe:be:26:a3:8c:c6:d1:27:03:8c:47:0f:e0:a2:
         de:0f:ee:9e:22:65:fa:ff:23:a8:cc:c1:6e:12:3e:68:05:a7:
         9b:08:63:d3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBF2fQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY1MzY0NTg0M2U2ZDI4ODNkYzhmOWM0ZjQxNWMxZWFkYmJmNjBhMB4XDTIyMDEw
MTAyNTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODEyNmFhODc1MGQ5
OGUyOWVlNzgxMjEyNDM5NmE3ODVjZThjYWE1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWKLaRzwdq4w2GovXfEpK/mg5Ot8TAvV04qL1yAC1vm/7pX
upTw3F2Oh5v2U2lUMDWcxWwbXE0AyKDFr+QzSx0pnMFTjIUXAP0vDpEeVw65OUEz
2X0xxTyxA8bNEH8ATHHQHYUw3/h+I+1CTsYAaIBNTBDAmAEgrS0smccRTozzmu8k
jK7GKWLqSLPfCmTGwrHc8Oq4vTO67y0q9pv8rdEIXsGisUlR8bX7w0luDcq8tXEN
rIGLNxlta5kDSmZdiTvuKPSZHmad6ebjKrSMeW9shl7UMYSsEO3RCFDjQIHN6Kg0
zV2HN8wtatiVMYrDsdtZy6FerZ7cvFzMeptgBI0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSBJqqHUNmOKe54EhJDlqeFzoyqUDAfBgNVHSMEGDAWgBRd9TZFhD5tKIPc
j5xPQVwerbv2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmVTJSWVEtYlNpRDNJLWNUMEZjSHEyNzlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8x
L2dTYXFoMURaamludWVCSVNRNWFuaGM2TXFsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8xL1hmVTJSWVEtYlNp
RDNJLWNUMEZjSHEyNzlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQR0EAADANBgkqhkiG9w0BAQsF
AAOCAQEArzrBWmlVYW42Jf4ZQMfhd0oanZDe8p89GDMoUd+9688HwA6zDM3/q4v/
ZDoZnTfyNU7gXUnOxIxL6zJmGfnV+S0AAWZt4M/Gak3rcOMHsXaOB1JEK41YTyqw
Gz11C+vqkveDLgm1GwnM77nE+2JcubDGJu0w8daFcOx4LQTdh6wiWlamrDhWhzbB
rSxfgpKTRhPmFiydwJ5VDzqbxHYHZh5C8jRUmrQttTANsKZy9ACN/ZsWV0+TYA9R
SMFCdZQhc6w89UYMwMUu7q80hlaYe5246KiKn7HPA4Nn2v6+JqOMxtEnA4xHD+Ci
3g/uniJl+v8jqMzBbhI+aAWnmwhj0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:04 2024 by rpki-client on console-fra.rpki-client.org