Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/450963-ad15-4060-8b7b-64f1a723a6c6/1/KUqpmlGWoh05ZtgU8eluaJYwf4o.roa
File:                     KUqpmlGWoh05ZtgU8eluaJYwf4o.roa (raw, json)
Hash identifier:          RS0JLaMDVhY3wFs9axIJM8MEg8sJqyJTfokoXPxII0w=
Subject key identifier:   29:4A:A9:9A:51:96:A2:1D:39:66:D8:14:F1:E9:6E:68:96:30:7F:8A
Certificate issuer:       /CN=25c85962a1c268cea9fe329e4f4e2e4454d2c08c
Certificate serial:       01856BDC5E6063FA7EC88D6F871615AC8EF6
Authority key identifier: 25:C8:59:62:A1:C2:68:CE:A9:FE:32:9E:4F:4E:2E:44:54:D2:C0:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchZYqHCaM6p_jKeT04uRFTSwIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/450963-ad15-4060-8b7b-64f1a723a6c6/1/KUqpmlGWoh05ZtgU8eluaJYwf4o.roa
Signing time:             Sun 01 Jan 2023 05:44:42 +0000
ROA not before:           Sun 01 Jan 2023 05:44:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59253
IP address blocks:        146.19.41.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:5e:60:63:fa:7e:c8:8d:6f:87:16:15:ac:8e:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c85962a1c268cea9fe329e4f4e2e4454d2c08c
        Validity
            Not Before: Jan  1 05:44:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=294aa99a5196a21d3966d814f1e96e6896307f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:53:06:50:46:c1:ea:88:f5:3e:b9:56:d3:33:
                    c7:91:a5:c6:bd:64:e2:46:83:9e:e9:7e:e7:a3:81:
                    c0:17:1b:97:68:58:f8:e9:0d:24:88:73:ec:4f:46:
                    e5:e7:47:0f:65:3a:ea:bc:16:47:88:76:4d:85:17:
                    9a:2e:6a:c3:26:12:51:5b:e9:35:9f:cd:3b:de:6d:
                    ea:e5:2a:b1:fd:77:da:d2:28:22:c8:a8:1a:35:58:
                    1d:bf:e1:01:2e:7b:ae:fb:9d:8e:e8:b6:28:5d:fa:
                    e0:07:81:66:a3:6a:e3:76:86:af:03:c9:4d:08:ec:
                    31:b0:e4:1f:55:05:dd:cf:f4:44:fd:81:eb:e6:18:
                    10:1c:98:65:3f:83:e3:2b:12:62:84:41:48:ec:18:
                    3d:7f:83:d1:c7:2b:dd:b6:8b:b9:b5:34:21:b9:09:
                    ad:70:85:de:76:87:6f:73:23:d2:b5:bb:29:32:81:
                    c3:31:90:e4:83:c7:a6:28:df:9d:1f:66:3b:5c:87:
                    b9:a6:76:de:b8:7d:de:73:8c:3b:ba:5b:d2:71:ec:
                    81:7c:4b:55:6f:f6:7f:ba:5b:8d:1a:45:cd:95:19:
                    63:d7:3c:ac:b2:a1:2d:08:c3:bc:6b:fa:40:5d:09:
                    19:f1:0b:3a:10:9b:65:ac:0c:fa:35:cb:52:f5:95:
                    1d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:4A:A9:9A:51:96:A2:1D:39:66:D8:14:F1:E9:6E:68:96:30:7F:8A
            X509v3 Authority Key Identifier:
                keyid:25:C8:59:62:A1:C2:68:CE:A9:FE:32:9E:4F:4E:2E:44:54:D2:C0:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchZYqHCaM6p_jKeT04uRFTSwIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/450963-ad15-4060-8b7b-64f1a723a6c6/1/KUqpmlGWoh05ZtgU8eluaJYwf4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/450963-ad15-4060-8b7b-64f1a723a6c6/1/JchZYqHCaM6p_jKeT04uRFTSwIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:96:d1:bf:da:1a:12:b4:c9:74:43:36:90:73:9e:3d:6c:5a:
         1d:b6:ab:bf:79:56:ea:fd:40:09:b8:2f:46:2f:ad:8e:c2:24:
         d1:4c:42:f6:df:08:dd:e9:78:93:2e:e8:e9:42:d2:0c:3d:cb:
         87:17:1c:a6:e5:7f:f1:51:d2:4c:ed:16:23:2e:c7:0a:68:ad:
         52:ca:9a:bf:4c:a7:38:c1:a3:2b:08:9b:eb:10:b1:66:35:46:
         2f:40:09:27:54:ed:a1:da:75:f1:53:84:46:7c:02:4a:ac:99:
         17:f4:47:a0:19:5d:39:c5:39:69:71:02:97:84:b1:bf:8d:56:
         88:e0:41:57:31:23:bf:58:64:7b:41:08:13:c0:c9:10:a2:b1:
         0e:ca:6b:42:73:cb:2b:1d:c3:0c:39:3b:9e:6e:5f:2a:8e:8b:
         2e:07:40:95:7a:8e:07:a0:8a:ed:83:10:90:64:35:c5:81:3d:
         4c:1e:67:03:b4:fe:59:86:2d:74:49:1e:07:d3:19:c3:39:47:
         7a:2d:a5:64:9c:5a:ae:9c:1d:75:ac:f2:b5:5c:bf:3d:ae:e3:
         a7:e8:e5:43:26:24:a6:41:21:3a:75:e3:e1:e6:6b:15:7b:eb:
         43:3f:b7:81:65:e8:2f:2c:5a:24:98:cd:63:f1:f0:55:05:ec:
         9f:0e:d4:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3F5gY/p+yI1vhxYVrI72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg1OTYyYTFjMjY4Y2VhOWZlMzI5ZTRmNGUyZTQ0NTRk
MmMwOGMwHhcNMjMwMTAxMDU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRhYTk5YTUxOTZhMjFkMzk2NmQ4MTRmMWU5NmU2ODk2MzA3ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlMGUEbB6oj1PrlW0zPHkaXGvWTi
RoOe6X7no4HAFxuXaFj46Q0kiHPsT0bl50cPZTrqvBZHiHZNhReaLmrDJhJRW+k1
n8073m3q5Sqx/Xfa0igiyKgaNVgdv+EBLnuu+52O6LYoXfrgB4Fmo2rjdoavA8lN
COwxsOQfVQXdz/RE/YHr5hgQHJhlP4PjKxJihEFI7Bg9f4PRxyvdtou5tTQhuQmt
cIXedodvcyPStbspMoHDMZDkg8emKN+dH2Y7XIe5pnbeuH3ec4w7ulvSceyBfEtV
b/Z/uluNGkXNlRlj1zyssqEtCMO8a/pAXQkZ8Qs6EJtlrAz6NctS9ZUdcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClKqZpRlqIdOWbYFPHpbmiWMH+KMB8GA1UdIwQY
MBaAFCXIWWKhwmjOqf4ynk9OLkRU0sCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoWllxSENhTTZwX2pLZVQwNHVSRlRTd0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80NTA5NjMtYWQxNS00MDYwLThiN2It
NjRmMWE3MjNhNmM2LzEvS1VxcG1sR1dvaDA1WnRnVThlbHVhSll3ZjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80NTA5NjMtYWQxNS00MDYwLThiN2ItNjRmMWE3MjNhNmM2
LzEvSmNoWllxSENhTTZwX2pLZVQwNHVSRlRTd0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMpMA0G
CSqGSIb3DQEBCwUAA4IBAQBAltG/2hoStMl0QzaQc549bFodtqu/eVbq/UAJuC9G
L62OwiTRTEL23wjd6XiTLujpQtIMPcuHFxym5X/xUdJM7RYjLscKaK1Sypq/TKc4
waMrCJvrELFmNUYvQAknVO2h2nXxU4RGfAJKrJkX9EegGV05xTlpcQKXhLG/jVaI
4EFXMSO/WGR7QQgTwMkQorEOymtCc8srHcMMOTuebl8qjosuB0CVeo4HoIrtgxCQ
ZDXFgT1MHmcDtP5Zhi10SR4H0xnDOUd6LaVknFqunB11rPK1XL89ruOn6OVDJiSm
QSE6dePh5msVe+tDP7eBZegvLFokmM1j8fBVBeyfDtSn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:13 2024 by rpki-client on console-fra.rpki-client.org