Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/f28598-6754-45c3-b411-812d4d8501df/1/2vy1ArEN1tXDaMIBM0WdPrsrzAk.roa
File:                     2vy1ArEN1tXDaMIBM0WdPrsrzAk.roa (raw, json)
Hash identifier:          NnGfO3BGBL6B48Nr4B1/nm7Cz/vlrka/jzic9QDesLo=
Subject key identifier:   DA:FC:B5:02:B1:0D:D6:D5:C3:68:C2:01:33:45:9D:3E:BB:2B:CC:09
Certificate issuer:       /CN=9a5684aa26c1abba18c191c6ead6d69d292af987
Certificate serial:       01877F20B0D202F0A8DC280AA25CE856D9CE
Authority key identifier: 9A:56:84:AA:26:C1:AB:BA:18:C1:91:C6:EA:D6:D6:9D:29:2A:F9:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlaEqibBq7oYwZHG6tbWnSkq-Yc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/f28598-6754-45c3-b411-812d4d8501df/1/2vy1ArEN1tXDaMIBM0WdPrsrzAk.roa
Signing time:             Fri 14 Apr 2023 09:37:41 +0000
ROA not before:           Fri 14 Apr 2023 09:37:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12837
IP address blocks:        2a03:6306::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7f:20:b0:d2:02:f0:a8:dc:28:0a:a2:5c:e8:56:d9:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a5684aa26c1abba18c191c6ead6d69d292af987
        Validity
            Not Before: Apr 14 09:37:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dafcb502b10dd6d5c368c20133459d3ebb2bcc09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:74:be:97:49:3f:37:65:b6:c0:ee:4f:cd:d8:
                    a9:b1:fd:61:be:c7:a8:80:72:69:c0:2e:b5:b5:aa:
                    68:da:e3:4b:b0:ef:5d:38:5d:84:ae:e3:fb:b4:ed:
                    bd:ad:2e:da:e8:a6:26:15:77:9a:33:5c:f0:c0:d5:
                    10:72:33:82:65:65:e7:79:38:24:e4:74:8a:27:89:
                    b5:f5:d3:75:f4:43:a5:04:b9:20:0f:0c:8a:7c:42:
                    85:ab:88:d3:66:aa:2a:ba:e1:b5:d8:1b:ab:42:e7:
                    88:80:c0:86:f8:94:c9:52:41:28:7d:a5:33:e3:07:
                    5d:93:16:c3:1b:96:82:51:94:b6:05:08:9d:e3:bc:
                    2d:2f:78:6b:2f:3e:83:ab:e3:a1:28:51:45:86:9f:
                    c3:77:40:7e:ed:2b:10:5c:20:ca:cf:f5:d4:e1:88:
                    78:8c:90:eb:06:bf:98:f1:b4:89:70:c9:18:34:41:
                    78:98:d3:a5:31:92:05:af:82:b7:6f:30:db:cc:a9:
                    0b:6a:a0:c8:0a:a3:7e:5f:c1:ae:14:89:6e:40:05:
                    f3:c5:e4:bc:01:52:ce:43:79:3c:5c:32:2d:75:1f:
                    49:aa:b3:36:19:08:b9:d3:52:f3:1e:59:ba:2e:8f:
                    33:87:1c:ca:8f:7c:4d:59:68:e5:15:e2:84:8a:ab:
                    86:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:FC:B5:02:B1:0D:D6:D5:C3:68:C2:01:33:45:9D:3E:BB:2B:CC:09
            X509v3 Authority Key Identifier:
                keyid:9A:56:84:AA:26:C1:AB:BA:18:C1:91:C6:EA:D6:D6:9D:29:2A:F9:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlaEqibBq7oYwZHG6tbWnSkq-Yc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f28598-6754-45c3-b411-812d4d8501df/1/2vy1ArEN1tXDaMIBM0WdPrsrzAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f28598-6754-45c3-b411-812d4d8501df/1/mlaEqibBq7oYwZHG6tbWnSkq-Yc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:6306::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:ca:56:59:8c:09:cc:66:0b:7c:61:ea:7f:f6:bb:9a:47:8b:
         a5:30:0a:14:f2:59:2b:9f:be:15:9b:97:44:3e:67:a1:ff:df:
         77:d0:f3:ce:03:d4:88:b1:53:2f:5f:d0:c2:92:98:48:db:15:
         b1:af:3a:65:62:8d:f0:25:ca:f0:13:fc:44:e5:fa:99:eb:16:
         da:8d:83:ce:10:06:4e:c3:0c:6b:0d:d7:72:a7:b5:45:17:83:
         de:37:32:c0:4d:8d:f3:62:21:91:df:89:e7:f5:f1:96:f8:f1:
         89:cc:b1:5c:d1:5c:a9:40:a3:67:3e:4c:6c:7b:7a:c8:21:aa:
         52:a8:47:86:71:2b:f4:9c:e5:ea:d7:aa:89:62:67:a7:76:81:
         27:2a:9b:8d:99:e3:c3:e9:cd:e4:07:f7:b8:e7:ea:2f:c1:c7:
         f2:8d:bc:35:fe:0c:88:45:47:a3:8a:24:32:f7:44:1a:6b:f1:
         45:54:19:7d:97:e3:da:db:7a:d8:d1:f3:8c:af:1d:6b:bc:4e:
         0d:77:9b:00:eb:f3:2e:b5:cf:a2:a2:75:8a:fe:8e:6a:88:fd:
         eb:ca:24:88:06:5d:12:6f:98:2a:bf:1d:e2:53:75:c8:0a:42:
         24:04:88:de:45:c5:60:bf:d0:59:b0:90:0d:cd:ae:ab:0b:fd:
         be:18:b1:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYd/ILDSAvCo3CgKolzoVtnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTY4NGFhMjZjMWFiYmExOGMxOTFjNmVhZDZkNjlkMjky
YWY5ODcwHhcNMjMwNDE0MDkzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZjYjUwMmIxMGRkNmQ1YzM2OGMyMDEzMzQ1OWQzZWJiMmJjYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nS+l0k/N2W2wO5Pzdipsf1hvseo
gHJpwC61tapo2uNLsO9dOF2EruP7tO29rS7a6KYmFXeaM1zwwNUQcjOCZWXneTgk
5HSKJ4m19dN19EOlBLkgDwyKfEKFq4jTZqoquuG12BurQueIgMCG+JTJUkEofaUz
4wddkxbDG5aCUZS2BQid47wtL3hrLz6Dq+OhKFFFhp/Dd0B+7SsQXCDKz/XU4Yh4
jJDrBr+Y8bSJcMkYNEF4mNOlMZIFr4K3bzDbzKkLaqDICqN+X8GuFIluQAXzxeS8
AVLOQ3k8XDItdR9JqrM2GQi501LzHlm6Lo8zhxzKj3xNWWjlFeKEiquGRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNr8tQKxDdbVw2jCATNFnT67K8wJMB8GA1UdIwQY
MBaAFJpWhKomwau6GMGRxurW1p0pKvmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxhRXFpYkJxN29Zd1pIRzZ0YlduU2txLVljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mMjg1OTgtNjc1NC00NWMzLWI0MTEt
ODEyZDRkODUwMWRmLzEvMnZ5MUFyRU4xdFhEYU1JQk0wV2RQcnNyekFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mMjg1OTgtNjc1NC00NWMzLWI0MTEtODEyZDRkODUwMWRm
LzEvbWxhRXFpYkJxN29Zd1pIRzZ0YlduU2txLVljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNjBjAN
BgkqhkiG9w0BAQsFAAOCAQEAXspWWYwJzGYLfGHqf/a7mkeLpTAKFPJZK5++FZuX
RD5nof/fd9DzzgPUiLFTL1/QwpKYSNsVsa86ZWKN8CXK8BP8ROX6mesW2o2DzhAG
TsMMaw3Xcqe1RReD3jcywE2N82Ihkd+J5/XxlvjxicyxXNFcqUCjZz5MbHt6yCGq
UqhHhnEr9Jzl6teqiWJnp3aBJyqbjZnjw+nN5Af3uOfqL8HH8o28Nf4MiEVHo4ok
MvdEGmvxRVQZfZfj2tt62NHzjK8da7xODXebAOvzLrXPoqJ1iv6Oaoj968okiAZd
Em+YKr8d4lN1yApCJASI3kXFYL/QWbCQDc2uqwv9vhix5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:35 2024 by rpki-client on console-ams.rpki-client.org