Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/9Al-aTVIa6v4huHBkWiRlK5EGuQ.roa
File:                     9Al-aTVIa6v4huHBkWiRlK5EGuQ.roa (raw, json)
Hash identifier:          +3/agkvOpoYsocIbwXBcHfAeELXdfgr1lJ/C3YQbJZo=
Subject key identifier:   F4:09:7E:69:35:48:6B:AB:F8:86:E1:C1:91:68:91:94:AE:44:1A:E4
Certificate issuer:       /CN=327519fc8684d3a9442df69619142228279a4f57
Certificate serial:       ED0574
Authority key identifier: 32:75:19:FC:86:84:D3:A9:44:2D:F6:96:19:14:22:28:27:9A:4F:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MnUZ_IaE06lELfaWGRQiKCeaT1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/9Al-aTVIa6v4huHBkWiRlK5EGuQ.roa
Signing time:             Fri 18 Feb 2022 11:58:18 +0000
ROA not before:           Fri 18 Feb 2022 11:58:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12735
IP address blocks:        146.19.93.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15533428 (0xed0574)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=327519fc8684d3a9442df69619142228279a4f57
        Validity
            Not Before: Feb 18 11:58:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4097e6935486babf886e1c191689194ae441ae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:06:c0:7e:93:e9:82:4d:98:e8:1a:f6:6c:ca:
                    1c:4f:45:7b:04:59:0a:ba:ce:6a:5d:cd:58:05:77:
                    0e:a0:85:4e:e2:3b:11:40:b2:76:a8:1d:97:5d:36:
                    2d:5b:6b:f9:9a:67:a4:96:25:aa:81:a7:7d:7a:79:
                    9a:66:43:bd:39:5e:2d:0a:6a:e7:87:53:f6:8e:64:
                    b5:68:42:27:bf:b8:24:dc:62:1a:5a:0c:c8:99:19:
                    83:21:a8:58:3f:01:26:e0:47:53:2f:c9:79:7e:9b:
                    05:a0:1d:77:81:1e:b3:72:63:cf:8c:17:46:48:b1:
                    69:10:53:ca:09:92:ae:c6:d9:72:20:ef:ff:f6:49:
                    8c:19:64:e4:71:15:b2:e9:4c:26:e0:a2:94:f8:7d:
                    6d:9b:a8:77:0b:3d:b6:53:95:e5:5d:48:ac:1c:c2:
                    d9:80:da:7d:5e:01:5c:65:8c:87:d8:1d:fa:9c:b0:
                    fa:e8:a6:62:09:7e:6e:f7:85:38:aa:33:08:01:3a:
                    5e:cb:bb:3e:e0:18:65:5b:e4:31:2a:26:79:ec:e4:
                    b0:5b:0e:be:8a:4d:d5:53:d6:1e:d3:e1:d3:3c:b2:
                    da:68:e7:d5:f2:75:c6:f0:68:1a:16:71:83:09:59:
                    7d:b2:26:da:c2:01:c3:5d:92:a0:81:f9:31:69:6c:
                    4e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:09:7E:69:35:48:6B:AB:F8:86:E1:C1:91:68:91:94:AE:44:1A:E4
            X509v3 Authority Key Identifier:
                keyid:32:75:19:FC:86:84:D3:A9:44:2D:F6:96:19:14:22:28:27:9A:4F:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnUZ_IaE06lELfaWGRQiKCeaT1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/9Al-aTVIa6v4huHBkWiRlK5EGuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/MnUZ_IaE06lELfaWGRQiKCeaT1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d0:01:5a:67:ac:fa:e2:3d:c5:21:3b:ad:e1:ec:66:9d:82:d3:
         5a:c9:7c:e7:83:f4:65:d7:f4:75:53:96:f4:a7:f5:cf:99:13:
         aa:13:a8:ea:6a:86:48:bb:56:23:44:b7:14:e3:21:31:8e:03:
         12:98:a0:b5:99:e4:5a:32:e4:5a:fa:00:9f:d1:60:e7:af:ce:
         a7:6a:e8:0f:75:f2:a6:c0:6f:a6:01:28:ce:fd:e1:be:05:4e:
         14:da:14:bd:02:70:b8:c7:b1:a5:5e:c3:21:1a:50:64:16:7d:
         47:2c:1a:41:5c:22:9a:bb:3f:2d:cd:44:f5:bd:09:b5:c6:1a:
         36:5d:d2:db:b5:4d:54:21:da:31:cb:ba:ea:7b:04:84:12:a7:
         5b:a6:a3:b8:0e:37:58:81:54:88:d1:0e:e3:f4:14:46:f9:a0:
         99:e2:2b:2a:83:0f:77:ae:80:60:eb:fd:e3:75:15:32:9b:9b:
         68:a0:18:59:79:cd:9a:f4:2c:26:78:42:7c:c6:e1:df:86:ca:
         31:4b:e3:37:cd:dc:d1:cf:9c:83:8e:3d:08:1e:22:16:71:d3:
         ca:9f:bd:f4:f4:33:eb:96:d6:a6:1c:07:be:f0:82:9c:52:67:
         7c:49:ef:02:9f:b1:ec:e8:5a:43:4c:77:fa:91:87:59:e3:de:
         42:37:af:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAO0FdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Mjc1MTlmYzg2ODRkM2E5NDQyZGY2OTYxOTE0MjIyODI3OWE0ZjU3MB4XDTIyMDIx
ODExNTgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQwOTdlNjkzNTQ4
NmJhYmY4ODZlMWMxOTE2ODkxOTRhZTQ0MWFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYGwH6T6YJNmOga9mzKHE9FewRZCrrOal3NWAV3DqCFTuI7
EUCydqgdl102LVtr+ZpnpJYlqoGnfXp5mmZDvTleLQpq54dT9o5ktWhCJ7+4JNxi
GloMyJkZgyGoWD8BJuBHUy/JeX6bBaAdd4Ees3Jjz4wXRkixaRBTygmSrsbZciDv
//ZJjBlk5HEVsulMJuCilPh9bZuodws9tlOV5V1IrBzC2YDafV4BXGWMh9gd+pyw
+uimYgl+bveFOKozCAE6Xsu7PuAYZVvkMSomeezksFsOvopN1VPWHtPh0zyy2mjn
1fJ1xvBoGhZxgwlZfbIm2sIBw12SoIH5MWlsTsMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0CX5pNUhrq/iG4cGRaJGUrkQa5DAfBgNVHSMEGDAWgBQydRn8hoTTqUQt
9pYZFCIoJ5pPVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01uVVpfSWFFMDZsRUxmYVdHUlFpS0NlYVQxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvZDNhNmQzLTMwY2MtNGMyMS05Nzg5LTk2NzFmODhhNzdlMi8x
LzlBbC1hVFZJYTZ2NGh1SEJrV2lSbEs1RUd1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
ZDNhNmQzLTMwY2MtNGMyMS05Nzg5LTk2NzFmODhhNzdlMi8xL01uVVpfSWFFMDZs
RUxmYVdHUlFpS0NlYVQxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITXTANBgkqhkiG9w0BAQsFAAOC
AQEA0AFaZ6z64j3FITut4exmnYLTWsl854P0Zdf0dVOW9Kf1z5kTqhOo6mqGSLtW
I0S3FOMhMY4DEpigtZnkWjLkWvoAn9Fg56/Op2roD3XypsBvpgEozv3hvgVOFNoU
vQJwuMexpV7DIRpQZBZ9RywaQVwimrs/Lc1E9b0JtcYaNl3S27VNVCHaMcu66nsE
hBKnW6ajuA43WIFUiNEO4/QURvmgmeIrKoMPd66AYOv943UVMpubaKAYWXnNmvQs
JnhCfMbh34bKMUvjN83c0c+cg449CB4iFnHTyp+99PQz65bWphwHvvCCnFJnfEnv
Ap+x7OhaQ0x3+pGHWePeQjevDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:18 2024 by rpki-client on console-fra.rpki-client.org