Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1f7540-84c7-49e0-bcaa-51e176c7f650/1/LEZBvBJuXKRQudmiVKfT0bazP1g.roa
File:                     LEZBvBJuXKRQudmiVKfT0bazP1g.roa (raw, json)
Hash identifier:          mLqbd7ZQOulY7MWp9fEMD07MwUs6jRBZaPCg15Rc8gA=
Subject key identifier:   2C:46:41:BC:12:6E:5C:A4:50:B9:D9:A2:54:A7:D3:D1:B6:B3:3F:58
Certificate issuer:       /CN=64a5dbede5a42b81f080c7a3d3674e550ad3b6a9
Certificate serial:       05EBC482
Authority key identifier: 64:A5:DB:ED:E5:A4:2B:81:F0:80:C7:A3:D3:67:4E:55:0A:D3:B6:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZKXb7eWkK4HwgMej02dOVQrTtqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/1f7540-84c7-49e0-bcaa-51e176c7f650/1/LEZBvBJuXKRQudmiVKfT0bazP1g.roa
Signing time:             Sat 01 Jan 2022 06:54:38 +0000
ROA not before:           Sat 01 Jan 2022 06:54:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56971
IP address blocks:        45.156.24.0/22 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99337346 (0x5ebc482)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64a5dbede5a42b81f080c7a3d3674e550ad3b6a9
        Validity
            Not Before: Jan  1 06:54:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c4641bc126e5ca450b9d9a254a7d3d1b6b33f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:36:8e:32:33:f1:9a:28:b6:41:35:11:ca:8f:
                    ad:27:9f:63:8a:18:24:23:ad:27:a4:85:f0:c7:b9:
                    a3:65:dd:61:bb:70:56:95:a9:8b:34:5f:6a:cb:f0:
                    08:66:66:9f:5e:70:d3:58:e6:55:53:11:92:ea:1c:
                    20:1e:fa:08:07:ff:d0:0b:fb:a2:c0:60:f9:3e:28:
                    97:59:1a:57:39:93:8d:06:b5:48:d9:7b:15:b2:1e:
                    b0:53:83:5a:98:1a:d0:c5:70:15:f1:0f:f5:6d:cc:
                    6d:12:c7:9a:3c:16:61:db:b9:ed:9f:0e:3c:b9:8a:
                    0c:9d:19:13:0c:6d:a6:73:c2:cd:1f:2a:70:de:e9:
                    f2:31:4c:17:63:9f:84:53:93:93:1d:b5:34:fd:3c:
                    d4:76:97:f0:a6:04:24:0a:c8:81:de:b1:cc:98:01:
                    54:e7:ed:63:44:0e:e6:50:3e:1b:0b:57:d9:ed:57:
                    7f:28:bb:34:0b:f6:9b:9b:34:b5:ea:87:92:9f:cf:
                    a2:ce:9f:6b:37:f6:88:a9:58:ba:35:26:fd:e1:61:
                    c5:e4:0a:f4:d3:56:25:00:87:f8:0d:98:14:3b:c1:
                    8d:b4:94:50:b4:3e:68:4f:ab:c4:b7:02:c6:b0:73:
                    45:15:4d:3c:02:94:02:42:73:00:1e:54:00:2e:be:
                    bb:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:46:41:BC:12:6E:5C:A4:50:B9:D9:A2:54:A7:D3:D1:B6:B3:3F:58
            X509v3 Authority Key Identifier:
                keyid:64:A5:DB:ED:E5:A4:2B:81:F0:80:C7:A3:D3:67:4E:55:0A:D3:B6:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKXb7eWkK4HwgMej02dOVQrTtqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1f7540-84c7-49e0-bcaa-51e176c7f650/1/LEZBvBJuXKRQudmiVKfT0bazP1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1f7540-84c7-49e0-bcaa-51e176c7f650/1/ZKXb7eWkK4HwgMej02dOVQrTtqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:bd:23:99:1e:d4:1d:7f:2a:d4:6c:a6:c2:c3:9c:8d:25:a3:
         30:ec:db:d8:e5:24:cc:7c:10:00:0b:fc:68:51:af:4c:a3:26:
         16:f8:d3:d1:30:a7:b8:ff:d9:43:de:10:a2:87:58:11:93:8a:
         d5:af:10:14:70:4b:09:ad:da:3d:c4:47:dc:10:45:a8:8f:eb:
         1a:0a:b5:1e:02:e4:92:7b:8c:03:c2:8a:8f:e5:14:3c:a7:44:
         30:5c:d2:36:43:85:7d:7d:f9:9e:92:93:47:ca:e8:0a:3f:04:
         75:88:7e:ce:bc:6c:a8:33:c6:76:21:91:86:74:6a:76:96:34:
         f5:cd:c9:6f:47:08:c8:11:f6:e2:b7:14:45:77:71:c1:84:1e:
         58:d5:af:e5:0c:b1:ad:04:34:8b:56:d0:0f:f4:4d:97:46:a8:
         fa:19:d6:14:42:5a:a9:83:11:5e:37:3c:af:3b:44:ba:8b:1a:
         44:c0:57:2c:8f:70:cf:83:d9:74:f7:c4:b2:17:1d:6e:d7:bd:
         b2:f9:02:d5:49:65:45:08:08:c7:87:1a:4b:82:55:5f:9a:42:
         75:7d:b4:91:80:6c:41:b4:f3:2f:bb:7e:20:84:6a:63:66:d0:
         46:a0:ae:75:cd:66:cd:38:e8:c6:94:e2:20:e6:68:77:a4:ab:
         c4:1b:e8:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBevEgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGE1ZGJlZGU1YTQyYjgxZjA4MGM3YTNkMzY3NGU1NTBhZDNiNmE5MB4XDTIyMDEw
MTA2NTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM0NjQxYmMxMjZl
NWNhNDUwYjlkOWEyNTRhN2QzZDFiNmIzM2Y1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO82jjIz8ZootkE1EcqPrSefY4oYJCOtJ6SF8Me5o2XdYbtw
VpWpizRfasvwCGZmn15w01jmVVMRkuocIB76CAf/0Av7osBg+T4ol1kaVzmTjQa1
SNl7FbIesFODWpga0MVwFfEP9W3MbRLHmjwWYdu57Z8OPLmKDJ0ZEwxtpnPCzR8q
cN7p8jFMF2OfhFOTkx21NP081HaX8KYEJArIgd6xzJgBVOftY0QO5lA+GwtX2e1X
fyi7NAv2m5s0teqHkp/Pos6fazf2iKlYujUm/eFhxeQK9NNWJQCH+A2YFDvBjbSU
ULQ+aE+rxLcCxrBzRRVNPAKUAkJzAB5UAC6+u0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsRkG8Em5cpFC52aJUp9PRtrM/WDAfBgNVHSMEGDAWgBRkpdvt5aQrgfCA
x6PTZ05VCtO2qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pLWGI3ZVdrSzRId2dNZWowMmRPVlFyVHRxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvMWY3NTQwLTg0YzctNDllMC1iY2FhLTUxZTE3NmM3ZjY1MC8x
L0xFWkJ2Qkp1WEtSUXVkbWlWS2ZUMGJhelAxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
MWY3NTQwLTg0YzctNDllMC1iY2FhLTUxZTE3NmM3ZjY1MC8xL1pLWGI3ZVdrSzRI
d2dNZWowMmRPVlFyVHRxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2cGDANBgkqhkiG9w0BAQsFAAOC
AQEAcL0jmR7UHX8q1GymwsOcjSWjMOzb2OUkzHwQAAv8aFGvTKMmFvjT0TCnuP/Z
Q94QoodYEZOK1a8QFHBLCa3aPcRH3BBFqI/rGgq1HgLkknuMA8KKj+UUPKdEMFzS
NkOFfX35npKTR8roCj8EdYh+zrxsqDPGdiGRhnRqdpY09c3Jb0cIyBH24rcURXdx
wYQeWNWv5QyxrQQ0i1bQD/RNl0ao+hnWFEJaqYMRXjc8rztEuosaRMBXLI9wz4PZ
dPfEshcdbte9svkC1UllRQgIx4caS4JVX5pCdX20kYBsQbTzL7t+IIRqY2bQRqCu
dc1mzTjoxpTiIOZod6SrxBvoSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:42 2024 by rpki-client on console-fra.rpki-client.org