Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/thm8KtvpxhQ4yjprm9gkZQB6gP4.roa
File:                     thm8KtvpxhQ4yjprm9gkZQB6gP4.roa (raw, json)
Hash identifier:          DoqyJkPB/fp708a64D5SavHc9/EsoowVfmwEEb2xhx4=
Subject key identifier:   B6:19:BC:2A:DB:E9:C6:14:38:CA:3A:6B:9B:D8:24:65:00:7A:80:FE
Certificate issuer:       /CN=dd849063616aee8b9ae9084ade72842a007d3676
Certificate serial:       01FCCDFF
Authority key identifier: DD:84:90:63:61:6A:EE:8B:9A:E9:08:4A:DE:72:84:2A:00:7D:36:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3YSQY2Fq7oua6QhK3nKEKgB9NnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/thm8KtvpxhQ4yjprm9gkZQB6gP4.roa
Signing time:             Wed 15 Jun 2022 15:35:45 +0000
ROA not before:           Wed 15 Jun 2022 15:35:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        146.19.38.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33345023 (0x1fccdff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd849063616aee8b9ae9084ade72842a007d3676
        Validity
            Not Before: Jun 15 15:35:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b619bc2adbe9c61438ca3a6b9bd82465007a80fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:98:66:3a:b7:72:09:b0:73:71:36:53:3e:71:
                    e6:03:27:0e:22:93:eb:5a:d4:f7:1e:00:08:3c:18:
                    c2:16:2e:0c:10:5c:dc:86:fa:b0:86:b4:39:74:5f:
                    54:fd:3a:f4:3d:e5:da:96:40:9d:3a:90:2d:c8:3f:
                    76:78:cb:72:86:d7:01:95:24:ce:d1:72:b7:a9:5d:
                    40:ab:7b:a7:ae:9a:06:a9:1e:70:d3:b3:fd:f2:0e:
                    5c:f9:76:f7:33:81:1c:81:0b:22:7b:de:72:48:ab:
                    87:7f:c6:b4:5e:cd:62:e9:92:8d:fd:eb:62:dc:b6:
                    a9:c1:d8:64:53:76:63:f3:d6:0a:58:2f:2e:40:2f:
                    79:1b:36:77:2b:ab:c6:27:b4:2d:55:a4:1e:03:58:
                    ca:fa:58:29:d9:c2:57:6a:1b:3d:cb:49:a7:7d:34:
                    b8:ce:29:f6:4c:b7:4e:31:5f:af:4d:96:52:91:9c:
                    29:d7:ba:e0:04:ef:3f:1b:85:6e:f3:1f:93:e5:70:
                    5e:ca:72:07:aa:00:89:e3:85:88:d3:62:1b:d0:a2:
                    75:1e:46:18:bd:2a:da:2b:bb:6e:59:49:e5:ea:33:
                    29:f9:fe:9a:b9:9b:88:96:96:c1:2c:ca:f8:0f:00:
                    db:4a:38:0b:bd:d1:b5:57:13:f7:8d:53:7a:31:89:
                    5c:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:19:BC:2A:DB:E9:C6:14:38:CA:3A:6B:9B:D8:24:65:00:7A:80:FE
            X509v3 Authority Key Identifier:
                keyid:DD:84:90:63:61:6A:EE:8B:9A:E9:08:4A:DE:72:84:2A:00:7D:36:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YSQY2Fq7oua6QhK3nKEKgB9NnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/thm8KtvpxhQ4yjprm9gkZQB6gP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/093058-de40-45d9-8f2f-c8f1e1478838/1/3YSQY2Fq7oua6QhK3nKEKgB9NnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:15:be:60:9f:7a:10:d5:62:6d:e5:9a:48:54:45:c5:f6:54:
         f8:08:13:8a:59:4e:3d:e2:51:72:25:cb:78:f2:05:d6:b1:fd:
         ed:f4:da:12:a2:af:72:b5:d7:81:33:28:28:fc:16:73:4d:5a:
         fa:19:3a:80:fa:92:3d:d1:4c:97:1a:3c:31:d0:a8:12:45:ea:
         6d:82:24:81:7b:19:5a:ff:70:17:c9:32:f9:46:f6:4c:f1:ab:
         e0:6d:16:08:e6:22:db:b4:08:6c:f8:79:bb:1b:d8:8e:cf:f6:
         ed:3f:ed:a4:2a:a0:69:ae:47:6c:ff:ae:2c:a8:a8:d4:84:0a:
         c0:6f:31:c5:b0:56:12:87:2d:e4:2f:fa:d3:08:b3:92:5e:8e:
         be:67:a0:e4:a1:8a:8f:0d:5c:c4:0d:4e:4a:6c:8b:51:29:fe:
         3b:05:e2:a4:f9:c0:6c:89:2f:05:2c:f6:49:2f:36:bb:76:17:
         8d:b2:4d:20:1b:60:89:71:31:b3:07:35:20:86:b8:6a:33:ce:
         d1:29:11:03:f6:11:b3:84:dc:9d:fb:23:d1:b9:67:f2:66:50:
         36:92:c7:6d:71:b4:c1:aa:f4:f8:e7:c8:47:41:f6:a2:e5:64:
         6d:62:09:2d:de:bc:29:06:d4:53:26:23:cb:39:f5:0c:57:88:
         7d:a5:a8:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfzN/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDg0OTA2MzYxNmFlZThiOWFlOTA4NGFkZTcyODQyYTAwN2QzNjc2MB4XDTIyMDYx
NTE1MzU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYxOWJjMmFkYmU5
YzYxNDM4Y2EzYTZiOWJkODI0NjUwMDdhODBmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCYZjq3cgmwc3E2Uz5x5gMnDiKT61rU9x4ACDwYwhYuDBBc
3Ib6sIa0OXRfVP069D3l2pZAnTqQLcg/dnjLcobXAZUkztFyt6ldQKt7p66aBqke
cNOz/fIOXPl29zOBHIELInveckirh3/GtF7NYumSjf3rYty2qcHYZFN2Y/PWClgv
LkAveRs2dyurxie0LVWkHgNYyvpYKdnCV2obPctJp300uM4p9ky3TjFfr02WUpGc
Kde64ATvPxuFbvMfk+VwXspyB6oAieOFiNNiG9CidR5GGL0q2iu7bllJ5eozKfn+
mrmbiJaWwSzK+A8A20o4C73RtVcT941TejGJXPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2Gbwq2+nGFDjKOmub2CRlAHqA/jAfBgNVHSMEGDAWgBTdhJBjYWrui5rp
CErecoQqAH02djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNZU1FZMkZxN291YTZRaEszbktFS2dCOU5uWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvMDkzMDU4LWRlNDAtNDVkOS04ZjJmLWM4ZjFlMTQ3ODgzOC8x
L3RobThLdHZweGhRNHlqcHJtOWdrWlFCNmdQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
MDkzMDU4LWRlNDAtNDVkOS04ZjJmLWM4ZjFlMTQ3ODgzOC8xLzNZU1FZMkZxN291
YTZRaEszbktFS2dCOU5uWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITJjANBgkqhkiG9w0BAQsFAAOC
AQEAihW+YJ96ENVibeWaSFRFxfZU+AgTillOPeJRciXLePIF1rH97fTaEqKvcrXX
gTMoKPwWc01a+hk6gPqSPdFMlxo8MdCoEkXqbYIkgXsZWv9wF8ky+Ub2TPGr4G0W
COYi27QIbPh5uxvYjs/27T/tpCqgaa5HbP+uLKio1IQKwG8xxbBWEoct5C/60wiz
kl6Ovmeg5KGKjw1cxA1OSmyLUSn+OwXipPnAbIkvBSz2SS82u3YXjbJNIBtgiXEx
swc1IIa4ajPO0SkRA/YRs4Tcnfsj0bln8mZQNpLHbXG0war0+OfIR0H2ouVkbWIJ
Ld68KQbUUyYjyzn1DFeIfaWobQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:20 2024 by rpki-client on console-fra.rpki-client.org