Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1a31bd-42e3-4f89-b981-d0a1c92899a4/1/Jt9u2QwiqNe9m5bG0xxzhHUh38k.roa
File:                     Jt9u2QwiqNe9m5bG0xxzhHUh38k.roa (raw, json)
Hash identifier:          b55VjN2YWtpuHZQouF5/0V0uxtVIDEfiC4klxKcDVHk=
Subject key identifier:   26:DF:6E:D9:0C:22:A8:D7:BD:9B:96:C6:D3:1C:73:84:75:21:DF:C9
Certificate issuer:       /CN=91aa574b511c291b7cfae9195bdd09e0038602c0
Certificate serial:       018237125D935D3345BD927A1F72EB6481D3
Authority key identifier: 91:AA:57:4B:51:1C:29:1B:7C:FA:E9:19:5B:DD:09:E0:03:86:02:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kapXS1EcKRt8-ukZW90J4AOGAsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1a31bd-42e3-4f89-b981-d0a1c92899a4/1/Jt9u2QwiqNe9m5bG0xxzhHUh38k.roa
Signing time:             Mon 25 Jul 2022 20:35:26 +0000
ROA not before:           Mon 25 Jul 2022 20:35:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        2a11:a8c0::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:37:12:5d:93:5d:33:45:bd:92:7a:1f:72:eb:64:81:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91aa574b511c291b7cfae9195bdd09e0038602c0
        Validity
            Not Before: Jul 25 20:35:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=26df6ed90c22a8d7bd9b96c6d31c73847521dfc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a8:c4:3a:b1:9b:c9:9c:3b:99:eb:2e:ae:00:
                    9d:d4:6c:10:0d:5e:e4:20:22:98:6a:f6:6b:ab:0f:
                    41:49:17:23:8d:b9:25:86:87:b6:05:60:af:2c:ea:
                    58:4e:bb:00:91:39:ae:09:95:b8:99:00:33:40:2a:
                    4a:29:a9:8f:1a:26:dd:74:03:78:a9:15:e4:17:ff:
                    9c:4a:7e:90:af:e8:39:ef:f5:dd:cd:10:e0:8f:a0:
                    4c:f4:f2:e0:e9:0b:47:fc:3b:a5:db:94:01:11:cb:
                    3c:38:46:cb:43:fa:31:0f:70:6a:82:0a:55:cc:77:
                    29:42:87:ed:11:7f:7d:2b:36:f3:db:ce:f4:36:b5:
                    08:09:2e:a7:c7:67:77:97:95:9e:4f:5e:d5:08:26:
                    df:77:43:f5:72:4d:44:25:5a:bf:7c:96:db:eb:6c:
                    74:64:e1:43:0b:91:ad:ef:67:24:9e:1e:a4:f0:13:
                    5c:6f:7e:62:0c:ab:95:ac:f1:25:1e:37:d8:ec:90:
                    6b:c1:42:6d:60:b5:52:b3:19:b6:7f:00:da:e6:e3:
                    3f:c1:f6:ef:aa:80:7b:db:88:89:8c:b1:03:cb:bb:
                    34:2b:86:c0:c7:ae:46:10:19:b5:7c:e0:3a:5c:2f:
                    4f:3e:79:59:98:b3:93:bd:1c:52:e8:da:27:ca:11:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:DF:6E:D9:0C:22:A8:D7:BD:9B:96:C6:D3:1C:73:84:75:21:DF:C9
            X509v3 Authority Key Identifier:
                keyid:91:AA:57:4B:51:1C:29:1B:7C:FA:E9:19:5B:DD:09:E0:03:86:02:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kapXS1EcKRt8-ukZW90J4AOGAsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1a31bd-42e3-4f89-b981-d0a1c92899a4/1/Jt9u2QwiqNe9m5bG0xxzhHUh38k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1a31bd-42e3-4f89-b981-d0a1c92899a4/1/kapXS1EcKRt8-ukZW90J4AOGAsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:a8c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6c:05:33:84:a5:7a:e3:93:4b:fc:86:f5:45:d4:40:ea:2a:12:
         26:91:2b:ad:f1:e6:03:48:11:72:bc:17:3d:3d:5b:3f:4e:bb:
         5e:31:8d:62:8d:28:fc:0b:1c:2c:2a:60:cc:f2:5d:0b:94:33:
         74:11:5d:4a:d8:bb:a8:fb:0f:5f:33:47:d2:3b:6d:e9:48:07:
         74:d5:3f:cf:65:2a:c6:ff:05:34:40:6b:1e:84:3d:b9:4b:3c:
         84:e9:bd:d2:49:f7:4e:cb:d1:83:ee:62:83:f6:2f:1a:7e:52:
         11:62:da:dd:fe:a1:07:84:eb:3f:4b:ee:3e:fa:e3:b6:25:ca:
         b7:17:5a:38:bf:0a:a3:da:cf:59:69:ed:4f:18:b6:64:97:03:
         42:e8:fb:6c:01:32:36:45:63:3c:b4:af:58:b1:bf:bd:6c:be:
         13:01:56:4c:09:f6:1a:a5:a2:80:50:d3:ce:e9:80:da:6c:08:
         62:f2:6c:ee:48:56:87:6c:f2:33:95:c7:37:7b:46:64:8c:35:
         52:8f:11:e3:17:aa:d6:e1:c4:07:39:7a:15:26:11:c6:55:1a:
         8b:17:a4:0b:09:41:e7:0a:74:aa:ec:35:1f:81:94:a3:17:d3:
         0b:29:d9:18:84:0d:a0:5a:70:04:89:44:cc:0c:82:9b:cc:29:
         9e:a9:00:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3El2TXTNFvZJ6H3LrZIHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYWE1NzRiNTExYzI5MWI3Y2ZhZTkxOTViZGQwOWUwMDM4
NjAyYzAwHhcNMjIwNzI1MjAzNTI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRmNmVkOTBjMjJhOGQ3YmQ5Yjk2YzZkMzFjNzM4NDc1MjFkZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ajEOrGbyZw7mesurgCd1GwQDV7k
ICKYavZrqw9BSRcjjbklhoe2BWCvLOpYTrsAkTmuCZW4mQAzQCpKKamPGibddAN4
qRXkF/+cSn6Qr+g57/XdzRDgj6BM9PLg6QtH/Dul25QBEcs8OEbLQ/oxD3BqggpV
zHcpQoftEX99Kzbz2870NrUICS6nx2d3l5WeT17VCCbfd0P1ck1EJVq/fJbb62x0
ZOFDC5Gt72cknh6k8BNcb35iDKuVrPElHjfY7JBrwUJtYLVSsxm2fwDa5uM/wfbv
qoB724iJjLEDy7s0K4bAx65GEBm1fOA6XC9PPnlZmLOTvRxS6NonyhFFoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCbfbtkMIqjXvZuWxtMcc4R1Id/JMB8GA1UdIwQY
MBaAFJGqV0tRHCkbfPrpGVvdCeADhgLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FwWFMxRWNLUnQ4LXVrWlc5MEo0QU9HQXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xYTMxYmQtNDJlMy00Zjg5LWI5ODEt
ZDBhMWM5Mjg5OWE0LzEvSnQ5dTJRd2lxTmU5bTViRzB4eHpoSFVoMzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xYTMxYmQtNDJlMy00Zjg5LWI5ODEtZDBhMWM5Mjg5OWE0
LzEva2FwWFMxRWNLUnQ4LXVrWlc5MEo0QU9HQXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGowDAN
BgkqhkiG9w0BAQsFAAOCAQEAbAUzhKV645NL/Ib1RdRA6ioSJpErrfHmA0gRcrwX
PT1bP067XjGNYo0o/AscLCpgzPJdC5QzdBFdSti7qPsPXzNH0jtt6UgHdNU/z2Uq
xv8FNEBrHoQ9uUs8hOm90kn3TsvRg+5ig/YvGn5SEWLa3f6hB4TrP0vuPvrjtiXK
txdaOL8Ko9rPWWntTxi2ZJcDQuj7bAEyNkVjPLSvWLG/vWy+EwFWTAn2GqWigFDT
zumA2mwIYvJs7khWh2zyM5XHN3tGZIw1Uo8R4xeq1uHEBzl6FSYRxlUaixekCwlB
5wp0quw1H4GUoxfTCynZGIQNoFpwBIlEzAyCm8wpnqkApw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:43 2024 by rpki-client on console-ams.rpki-client.org