Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/tz5pb77Ytn4qwhx7xYnOgl57pas.roa
File:                     tz5pb77Ytn4qwhx7xYnOgl57pas.roa (raw, json)
Hash identifier:          kHcH/FIGF94CkE2uEB8/bmdJrSIc3hpmldVRQImBil8=
Subject key identifier:   B7:3E:69:6F:BE:D8:B6:7E:2A:C2:1C:7B:C5:89:CE:82:5E:7B:A5:AB
Certificate issuer:       /CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Certificate serial:       346BDB06
Authority key identifier: 3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/tz5pb77Ytn4qwhx7xYnOgl57pas.roa
Signing time:             Mon 21 Mar 2022 12:10:09 +0000
ROA not before:           Mon 21 Mar 2022 12:10:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12735
IP address blocks:        193.106.197.0/24 maxlen: 24
                          193.106.196.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 879483654 (0x346bdb06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
        Validity
            Not Before: Mar 21 12:10:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b73e696fbed8b67e2ac21c7bc589ce825e7ba5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1d:b7:13:79:29:c2:52:fd:e5:ac:28:ad:3d:
                    82:57:14:c1:3f:80:a0:ab:97:43:e6:5a:ab:19:65:
                    c9:66:24:d0:a8:12:a1:c4:10:86:2a:1e:74:7b:c2:
                    c1:04:47:d8:3b:68:67:67:c3:82:66:4a:d3:2c:a5:
                    82:e5:77:f7:b3:2a:67:51:97:c2:55:f3:ca:97:2b:
                    4c:a3:93:d5:be:0f:f9:29:05:c2:7a:b4:32:ca:a9:
                    75:ef:b5:1e:5a:2b:1c:f4:ba:fa:87:1d:b3:95:8b:
                    59:2d:e6:98:2e:93:0a:4a:5c:d3:f2:86:69:e1:e9:
                    00:a1:d7:75:b6:95:59:67:e1:6e:79:e0:30:02:19:
                    87:b8:e3:a6:00:2b:24:00:51:a5:6d:39:5c:4a:a7:
                    70:3c:f5:59:76:b8:00:bc:db:e0:4e:2e:68:42:19:
                    56:33:fe:bf:e5:03:cb:b1:83:df:16:79:c8:c6:3c:
                    b7:64:a1:aa:63:43:28:90:3c:6b:de:28:9e:06:f7:
                    e4:bf:cc:07:d0:ac:76:1c:73:7d:bc:cf:e4:2d:79:
                    b7:b3:36:57:2a:d3:a9:d4:54:78:2f:8d:a1:e0:27:
                    60:59:04:81:d6:3b:06:13:a6:19:7a:22:8a:81:ac:
                    01:c3:35:7a:c2:f4:ca:8f:ca:cc:31:bb:e7:e7:6e:
                    e0:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:3E:69:6F:BE:D8:B6:7E:2A:C2:1C:7B:C5:89:CE:82:5E:7B:A5:AB
            X509v3 Authority Key Identifier:
                keyid:3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/tz5pb77Ytn4qwhx7xYnOgl57pas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.106.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         58:aa:0d:78:48:f7:ac:db:03:cb:bd:b7:00:5f:98:28:72:a7:
         93:08:d5:ac:11:4a:fe:6b:20:f8:3e:8a:b1:b7:8c:90:cc:c8:
         c4:87:84:82:71:9e:9a:fd:ce:e9:15:a6:fa:f5:c1:eb:96:cf:
         56:76:c1:ef:65:10:5f:b9:0e:e0:c9:94:f9:0d:ad:cd:4e:cd:
         de:8b:df:3c:d9:8c:7f:01:25:f3:da:ce:40:8d:ef:1d:e3:00:
         a7:b4:c9:9d:5a:68:ee:94:d4:ac:07:01:a0:29:bb:c7:51:f4:
         b4:4c:16:2d:13:47:07:9e:7a:c1:03:97:0c:60:21:71:e9:64:
         cc:57:e0:00:c8:ba:51:c6:d7:60:c5:30:8f:67:27:b6:af:12:
         0b:29:70:2e:cc:a9:ec:cf:60:56:54:be:a8:11:d6:ff:8a:8c:
         63:90:ed:45:2f:2c:27:dc:40:e4:85:76:65:b9:ed:cc:be:a8:
         90:61:ae:61:5f:0a:a7:28:d2:73:66:0f:ff:37:c7:6e:b3:ea:
         31:c4:a4:b8:c6:81:8d:82:12:25:7b:02:92:43:e2:3f:c8:bc:
         e6:c6:8a:97:9c:44:0a:88:ea:28:0d:e6:2b:be:81:ea:61:33:
         f8:5e:71:5f:5f:b7:a4:02:10:b0:b1:9a:04:b8:4e:67:ac:c4:
         f4:23:c8:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENGvbBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWRlZWEzYjZhYWM0ZDgzNGI0ZmQ3YzJlNWQzYzM5N2Y2MWY0M2Q2MB4XDTIyMDMy
MTEyMTAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjczZTY5NmZiZWQ4
YjY3ZTJhYzIxYzdiYzU4OWNlODI1ZTdiYTVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAdtxN5KcJS/eWsKK09glcUwT+AoKuXQ+ZaqxllyWYk0KgS
ocQQhioedHvCwQRH2DtoZ2fDgmZK0yylguV397MqZ1GXwlXzypcrTKOT1b4P+SkF
wnq0Msqpde+1HlorHPS6+ocds5WLWS3mmC6TCkpc0/KGaeHpAKHXdbaVWWfhbnng
MAIZh7jjpgArJABRpW05XEqncDz1WXa4ALzb4E4uaEIZVjP+v+UDy7GD3xZ5yMY8
t2ShqmNDKJA8a94ongb35L/MB9CsdhxzfbzP5C15t7M2VyrTqdRUeC+NoeAnYFkE
gdY7BhOmGXoiioGsAcM1esL0yo/KzDG75+du4MMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3Pmlvvti2firCHHvFic6CXnulqzAfBgNVHSMEGDAWgBQ63uo7aqxNg0tP
18Ll08OX9h9D1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L090N3FPMnFzVFlOTFQ5ZkM1ZFBEbF9ZZlE5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvMDE1ZjQ0LTBmNGMtNDcxNC04NjE1LTIzYjA3MmY1YjE4OC8x
L3R6NXBiNzdZdG40cXdoeDd4WW5PZ2w1N3Bhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
MDE1ZjQ0LTBmNGMtNDcxNC04NjE1LTIzYjA3MmY1YjE4OC8xL090N3FPMnFzVFlO
TFQ5ZkM1ZFBEbF9ZZlE5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcFqxDANBgkqhkiG9w0BAQsFAAOC
AQEAWKoNeEj3rNsDy723AF+YKHKnkwjVrBFK/msg+D6KsbeMkMzIxIeEgnGemv3O
6RWm+vXB65bPVnbB72UQX7kO4MmU+Q2tzU7N3ovfPNmMfwEl89rOQI3vHeMAp7TJ
nVpo7pTUrAcBoCm7x1H0tEwWLRNHB556wQOXDGAhcelkzFfgAMi6UcbXYMUwj2cn
tq8SCylwLsyp7M9gVlS+qBHW/4qMY5DtRS8sJ9xA5IV2ZbntzL6okGGuYV8KpyjS
c2YP/zfHbrPqMcSkuMaBjYISJXsCkkPiP8i85saKl5xECojqKA3mK76B6mEz+F5x
X1+3pAIQsLGaBLhOZ6zE9CPIIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:27 2024 by rpki-client on console-ams.rpki-client.org