Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/XdPa3XD8U1cRi5C4VmwWLjPJ5Hk.roa
File:                     XdPa3XD8U1cRi5C4VmwWLjPJ5Hk.roa (raw, json)
Hash identifier:          w1UMWZr07eYGibtY5gNWQ+0OX/CxHrN5t/zE4YtnRhs=
Subject key identifier:   5D:D3:DA:DD:70:FC:53:57:11:8B:90:B8:56:6C:16:2E:33:C9:E4:79
Certificate issuer:       /CN=327519fc8684d3a9442df69619142228279a4f57
Certificate serial:       0189CA140911D72CB3108858C4C6FD6EC0AF
Authority key identifier: 32:75:19:FC:86:84:D3:A9:44:2D:F6:96:19:14:22:28:27:9A:4F:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MnUZ_IaE06lELfaWGRQiKCeaT1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/XdPa3XD8U1cRi5C4VmwWLjPJ5Hk.roa
Signing time:             Sun 06 Aug 2023 09:00:57 +0000
ROA not before:           Sun 06 Aug 2023 09:00:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        146.19.93.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ca:14:09:11:d7:2c:b3:10:88:58:c4:c6:fd:6e:c0:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=327519fc8684d3a9442df69619142228279a4f57
        Validity
            Not Before: Aug  6 09:00:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5dd3dadd70fc5357118b90b8566c162e33c9e479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bf:1a:cb:8c:04:83:5e:6b:09:2b:9b:d0:c3:
                    c8:36:1a:cd:63:07:d4:cb:1c:42:d4:3f:b0:c6:3a:
                    b6:8a:2b:82:9a:d2:e0:14:a7:a6:0d:f3:d7:36:41:
                    13:97:57:e9:f1:e9:96:79:1f:0f:b4:ba:87:70:94:
                    85:43:02:d5:cb:ae:80:d3:3b:8b:32:59:bb:c9:07:
                    96:43:f0:79:ee:78:ac:37:98:e1:6f:f9:cc:23:a6:
                    20:b0:69:96:03:aa:12:53:1c:7b:b5:2b:bb:14:d0:
                    73:0b:b5:e3:e3:89:41:aa:f9:98:01:47:70:6a:9a:
                    5d:f8:81:dd:58:8e:73:e8:0b:c9:dc:12:3c:1b:22:
                    81:25:b8:79:c3:d8:db:02:05:87:71:7c:bf:90:d3:
                    19:a6:47:51:e2:84:7b:9a:59:ed:66:16:b3:09:fa:
                    09:06:91:05:76:2f:56:90:1b:26:06:ff:2d:06:2f:
                    50:64:67:ef:fd:44:74:9c:67:0b:9e:ed:a9:41:d6:
                    34:63:06:b6:64:ef:ea:93:77:26:ff:71:d2:52:47:
                    95:7f:29:54:14:6e:2a:f8:eb:ec:6a:a3:74:d2:f3:
                    fd:c5:49:ce:62:38:f7:56:9e:4e:f5:1f:18:66:9d:
                    f7:7b:b4:71:08:7e:38:a6:fe:48:73:9e:a3:6a:10:
                    f2:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D3:DA:DD:70:FC:53:57:11:8B:90:B8:56:6C:16:2E:33:C9:E4:79
            X509v3 Authority Key Identifier:
                keyid:32:75:19:FC:86:84:D3:A9:44:2D:F6:96:19:14:22:28:27:9A:4F:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnUZ_IaE06lELfaWGRQiKCeaT1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/XdPa3XD8U1cRi5C4VmwWLjPJ5Hk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d3a6d3-30cc-4c21-9789-9671f88a77e2/1/MnUZ_IaE06lELfaWGRQiKCeaT1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:8c:fc:9b:47:52:1a:88:44:a0:b8:2b:f6:15:30:f3:14:33:
         23:9f:c9:4b:06:d8:27:a0:c8:1b:0e:06:aa:03:5a:fb:44:e8:
         ce:f8:9c:5b:8e:3d:33:e4:95:2e:fc:7d:cb:18:1f:6e:c7:71:
         05:26:2e:dd:41:c2:b2:72:a2:3e:c5:f8:e0:bc:ec:4c:97:42:
         f1:87:02:03:30:8e:64:bd:b1:5f:0e:81:d8:88:c8:d4:18:fb:
         0a:f5:47:1b:c3:c8:3c:d5:59:38:ef:3b:61:9a:fc:be:d7:08:
         e3:a7:81:1f:de:3b:62:a8:15:c2:13:e1:ac:92:e8:50:41:72:
         fa:8d:93:f9:92:48:a9:37:08:0b:8d:18:25:13:73:57:cc:dd:
         32:83:7a:88:37:60:ed:11:59:86:3e:1c:6b:47:5c:16:57:83:
         5a:4b:e1:22:17:e5:36:22:b5:88:1c:2d:01:bb:4b:35:a0:76:
         03:85:71:fe:a0:25:d6:e4:33:a7:58:ea:a3:a6:b4:10:62:e8:
         1c:ad:02:ab:7c:62:cb:fd:fe:69:cf:92:a0:3c:7d:19:b1:c6:
         d7:e5:2e:88:35:48:96:39:3a:12:3a:6c:3d:61:4e:b5:1f:c0:
         31:09:cb:6b:6e:35:4e:57:71:38:f5:11:53:30:e1:47:f7:7b:
         ac:00:bd:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnKFAkR1yyzEIhYxMb9bsCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzUxOWZjODY4NGQzYTk0NDJkZjY5NjE5MTQyMjI4Mjc5
YTRmNTcwHhcNMjMwODA2MDkwMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQzZGFkZDcwZmM1MzU3MTE4YjkwYjg1NjZjMTYyZTMzYzllNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp78ay4wEg15rCSub0MPINhrNYwfU
yxxC1D+wxjq2iiuCmtLgFKemDfPXNkETl1fp8emWeR8PtLqHcJSFQwLVy66A0zuL
Mlm7yQeWQ/B57nisN5jhb/nMI6YgsGmWA6oSUxx7tSu7FNBzC7Xj44lBqvmYAUdw
appd+IHdWI5z6AvJ3BI8GyKBJbh5w9jbAgWHcXy/kNMZpkdR4oR7mlntZhazCfoJ
BpEFdi9WkBsmBv8tBi9QZGfv/UR0nGcLnu2pQdY0Ywa2ZO/qk3cm/3HSUkeVfylU
FG4q+OvsaqN00vP9xUnOYjj3Vp5O9R8YZp33e7RxCH44pv5Ic56jahDynQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3T2t1w/FNXEYuQuFZsFi4zyeR5MB8GA1UdIwQY
MBaAFDJ1GfyGhNOpRC32lhkUIignmk9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5VWl9JYUUwNmxFTGZhV0dSUWlLQ2VhVDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kM2E2ZDMtMzBjYy00YzIxLTk3ODkt
OTY3MWY4OGE3N2UyLzEvWGRQYTNYRDhVMWNSaTVDNFZtd1dMalBKNUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9kM2E2ZDMtMzBjYy00YzIxLTk3ODktOTY3MWY4OGE3N2Uy
LzEvTW5VWl9JYUUwNmxFTGZhV0dSUWlLQ2VhVDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNdMA0G
CSqGSIb3DQEBCwUAA4IBAQA5jPybR1IaiESguCv2FTDzFDMjn8lLBtgnoMgbDgaq
A1r7ROjO+Jxbjj0z5JUu/H3LGB9ux3EFJi7dQcKycqI+xfjgvOxMl0LxhwIDMI5k
vbFfDoHYiMjUGPsK9Ucbw8g81Vk47zthmvy+1wjjp4Ef3jtiqBXCE+GskuhQQXL6
jZP5kkipNwgLjRglE3NXzN0yg3qIN2DtEVmGPhxrR1wWV4NaS+EiF+U2IrWIHC0B
u0s1oHYDhXH+oCXW5DOnWOqjprQQYugcrQKrfGLL/f5pz5KgPH0ZscbX5S6INUiW
OToSOmw9YU61H8AxCctrbjVOV3E49RFTMOFH93usAL1r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:18 2024 by rpki-client on console-fra.rpki-client.org