Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/1e1ca8-5ac4-44e6-8df9-d9fde6da633a/1/ylATl-J_gs1qEV0-vxW9Ri7qGxU.roa
File:                     ylATl-J_gs1qEV0-vxW9Ri7qGxU.roa (raw, json)
Hash identifier:          5JHb27tWQoOoTsXgdk66DJXqCVM2b3Jya9l5h8JtPOc=
Subject key identifier:   CA:50:13:97:E2:7F:82:CD:6A:11:5D:3E:BF:15:BD:46:2E:EA:1B:15
Certificate issuer:       /CN=411a41dcf4928ef5ef8e837daa9d5a9bf34152c9
Certificate serial:       0185712798A7A65246A3BCF3294AF8B910E5
Authority key identifier: 41:1A:41:DC:F4:92:8E:F5:EF:8E:83:7D:AA:9D:5A:9B:F3:41:52:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QRpB3PSSjvXvjoN9qp1am_NBUsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/1e1ca8-5ac4-44e6-8df9-d9fde6da633a/1/ylATl-J_gs1qEV0-vxW9Ri7qGxU.roa
Signing time:             Mon 02 Jan 2023 06:24:58 +0000
ROA not before:           Mon 02 Jan 2023 06:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212667
IP address blocks:        188.64.140.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:98:a7:a6:52:46:a3:bc:f3:29:4a:f8:b9:10:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=411a41dcf4928ef5ef8e837daa9d5a9bf34152c9
        Validity
            Not Before: Jan  2 06:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca501397e27f82cd6a115d3ebf15bd462eea1b15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:39:53:09:ca:5a:3f:87:0a:59:a5:0d:d2:17:
                    86:d1:73:e2:5d:79:98:c8:1f:eb:bb:ed:d4:b7:f4:
                    fc:de:26:c3:53:5b:63:b2:fc:4a:03:64:59:16:a4:
                    13:5b:ba:b8:0c:9c:b8:cc:28:fa:5a:19:64:eb:65:
                    f8:a8:fe:2c:ae:f5:1b:2f:52:70:e0:4e:a6:34:0b:
                    f0:48:26:d4:11:04:26:7c:76:ed:a4:c9:14:dd:73:
                    1e:b4:08:eb:5e:d2:18:d2:1d:fe:3d:6a:1e:9f:1a:
                    ad:b0:12:d4:76:ca:ef:76:bb:74:18:d7:78:46:2a:
                    99:29:30:7f:b7:0a:17:ae:6f:b5:1c:1b:25:cf:9f:
                    2e:37:55:61:3d:17:0f:4a:71:ad:9d:88:6c:57:d5:
                    a6:a4:c4:2d:c2:76:d2:60:67:b1:4a:2d:c2:78:53:
                    29:23:59:a2:3f:a4:9f:a0:16:6f:50:ce:de:7e:53:
                    89:24:00:e1:c0:63:2c:5d:a3:c3:f4:6b:84:67:98:
                    63:b1:59:02:fb:c2:ef:15:44:8c:18:a9:5a:b8:5f:
                    a9:9c:ff:15:07:28:c8:e3:32:e3:74:5c:94:7a:ea:
                    26:12:0b:8d:4b:ee:9c:11:ac:02:63:e8:50:f9:1c:
                    b9:c2:39:d1:32:8e:21:44:6e:04:6a:90:03:26:cc:
                    c4:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:50:13:97:E2:7F:82:CD:6A:11:5D:3E:BF:15:BD:46:2E:EA:1B:15
            X509v3 Authority Key Identifier:
                keyid:41:1A:41:DC:F4:92:8E:F5:EF:8E:83:7D:AA:9D:5A:9B:F3:41:52:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRpB3PSSjvXvjoN9qp1am_NBUsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/1e1ca8-5ac4-44e6-8df9-d9fde6da633a/1/ylATl-J_gs1qEV0-vxW9Ri7qGxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/1e1ca8-5ac4-44e6-8df9-d9fde6da633a/1/QRpB3PSSjvXvjoN9qp1am_NBUsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:1d:14:42:71:74:cf:d0:ad:6c:23:a8:83:47:f9:2e:6e:2a:
         01:ef:a9:02:9b:d9:61:26:ef:65:e3:4d:fc:86:96:84:01:97:
         4d:ff:d5:16:c8:63:93:b6:57:79:13:ab:77:63:c1:ee:25:43:
         1a:28:7f:b5:c9:76:5d:dc:08:d4:07:49:2a:a8:57:8f:99:44:
         76:55:60:3b:d9:96:2a:cf:ce:e3:44:dd:65:69:6d:d6:1b:1e:
         23:2b:66:f3:d7:eb:ee:95:ce:b4:17:26:36:fc:e5:59:99:82:
         55:ec:40:b2:ce:61:4d:78:ad:52:33:4a:2e:fb:ee:dd:09:c9:
         7b:42:01:63:0f:ef:58:8b:e6:b9:52:8d:c8:84:86:34:d5:eb:
         73:d6:a0:63:87:ef:04:1d:d4:74:9c:58:ec:38:b2:d7:0c:f1:
         35:97:76:3f:03:07:65:00:fb:66:56:51:59:f7:93:d8:f0:fc:
         5f:a6:a1:0e:6d:33:81:f2:c4:60:b7:cd:ec:62:d2:ea:aa:86:
         de:58:47:c1:38:1f:06:f6:ec:b7:e3:41:aa:cc:3c:0a:2b:15:
         3f:20:08:29:fa:44:bc:38:e6:90:1b:06:54:90:8e:3b:8e:32:
         b4:8a:b6:da:16:5f:56:c7:ee:ea:9c:40:7b:19:65:29:f8:52:
         28:74:67:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ5inplJGo7zzKUr4uRDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWE0MWRjZjQ5MjhlZjVlZjhlODM3ZGFhOWQ1YTliZjM0
MTUyYzkwHhcNMjMwMTAyMDYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUwMTM5N2UyN2Y4MmNkNmExMTVkM2ViZjE1YmQ0NjJlZWExYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojlTCcpaP4cKWaUN0heG0XPiXXmY
yB/ru+3Ut/T83ibDU1tjsvxKA2RZFqQTW7q4DJy4zCj6Whlk62X4qP4srvUbL1Jw
4E6mNAvwSCbUEQQmfHbtpMkU3XMetAjrXtIY0h3+PWoenxqtsBLUdsrvdrt0GNd4
RiqZKTB/twoXrm+1HBslz58uN1VhPRcPSnGtnYhsV9WmpMQtwnbSYGexSi3CeFMp
I1miP6SfoBZvUM7eflOJJADhwGMsXaPD9GuEZ5hjsVkC+8LvFUSMGKlauF+pnP8V
ByjI4zLjdFyUeuomEguNS+6cEawCY+hQ+Ry5wjnRMo4hRG4EapADJszEpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpQE5fif4LNahFdPr8VvUYu6hsVMB8GA1UdIwQY
MBaAFEEaQdz0ko71746DfaqdWpvzQVLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJwQjNQU1Nqdlh2am9OOXFwMWFtX05CVXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xZTFjYTgtNWFjNC00NGU2LThkZjkt
ZDlmZGU2ZGE2MzNhLzEveWxBVGwtSl9nczFxRVYwLXZ4VzlSaTdxR3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xZTFjYTgtNWFjNC00NGU2LThkZjktZDlmZGU2ZGE2MzNh
LzEvUVJwQjNQU1Nqdlh2am9OOXFwMWFtX05CVXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvECMMA0G
CSqGSIb3DQEBCwUAA4IBAQBLHRRCcXTP0K1sI6iDR/kubioB76kCm9lhJu9l4038
hpaEAZdN/9UWyGOTtld5E6t3Y8HuJUMaKH+1yXZd3AjUB0kqqFePmUR2VWA72ZYq
z87jRN1laW3WGx4jK2bz1+vulc60FyY2/OVZmYJV7ECyzmFNeK1SM0ou++7dCcl7
QgFjD+9Yi+a5Uo3IhIY01etz1qBjh+8EHdR0nFjsOLLXDPE1l3Y/AwdlAPtmVlFZ
95PY8PxfpqEObTOB8sRgt83sYtLqqobeWEfBOB8G9uy340GqzDwKKxU/IAgp+kS8
OOaQGwZUkI47jjK0irbaFl9Wx+7qnEB7GWUp+FIodGea
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:20 2024 by rpki-client on console-fra.rpki-client.org