Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b192f4-480b-45f5-9a86-c8bb034fa0fb/1/dtBMuTDv85-uKtbJb1bFEi0xiRE.roa
File:                     dtBMuTDv85-uKtbJb1bFEi0xiRE.roa (raw, json)
Hash identifier:          xDy0J4ewYeP9UjTkFwzbD5W05t8byDoZHrPTgkyUJ34=
Subject key identifier:   76:D0:4C:B9:30:EF:F3:9F:AE:2A:D6:C9:6F:56:C5:12:2D:31:89:11
Certificate issuer:       /CN=473071cd63af587058e5fb146b8506abe2342293
Certificate serial:       0232F01B
Authority key identifier: 47:30:71:CD:63:AF:58:70:58:E5:FB:14:6B:85:06:AB:E2:34:22:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzBxzWOvWHBY5fsUa4UGq-I0IpM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/b192f4-480b-45f5-9a86-c8bb034fa0fb/1/dtBMuTDv85-uKtbJb1bFEi0xiRE.roa
Signing time:             Sat 01 Jan 2022 10:59:38 +0000
ROA not before:           Sat 01 Jan 2022 10:59:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47693
IP address blocks:        185.43.31.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36892699 (0x232f01b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473071cd63af587058e5fb146b8506abe2342293
        Validity
            Not Before: Jan  1 10:59:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76d04cb930eff39fae2ad6c96f56c5122d318911
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:15:f2:40:56:bf:87:5c:36:4b:56:22:5e:15:
                    c0:b4:15:49:56:2a:88:27:3c:3b:f2:18:67:3a:1e:
                    99:5e:e2:88:d8:39:26:94:b0:c2:18:db:9d:93:bc:
                    9a:df:af:ce:b8:ca:06:57:11:31:f0:a2:62:ef:84:
                    e3:10:6d:5a:92:b5:a0:67:44:7f:bc:a5:73:0a:1e:
                    2a:33:74:07:65:8a:c7:6f:15:55:64:6b:92:66:65:
                    02:15:b4:ce:23:0b:7f:62:61:57:66:7b:b9:f1:03:
                    a0:4a:81:17:d4:58:a5:f8:72:af:75:be:f1:7a:9f:
                    71:20:9a:f5:e9:6d:2b:8d:10:c1:22:5f:bd:ba:57:
                    1b:95:c7:ee:36:2c:cf:e3:c1:74:88:27:98:82:28:
                    69:2c:df:c5:79:59:2b:43:c3:92:3c:b0:97:86:4e:
                    f4:ba:90:ef:59:3a:f4:b0:58:7a:76:29:a2:a0:cd:
                    1b:fd:a5:40:10:7f:ae:b6:67:bc:50:8d:52:1a:6e:
                    b5:38:8f:1d:50:63:b5:41:90:81:64:20:c9:63:f6:
                    ea:b0:30:03:f1:20:fc:91:16:a4:75:6b:46:1c:fd:
                    8f:e5:a5:0e:22:13:aa:a8:6e:52:e6:30:ee:f9:f9:
                    8a:54:37:e3:12:81:00:8d:53:8d:cc:20:1d:60:6b:
                    f5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D0:4C:B9:30:EF:F3:9F:AE:2A:D6:C9:6F:56:C5:12:2D:31:89:11
            X509v3 Authority Key Identifier:
                keyid:47:30:71:CD:63:AF:58:70:58:E5:FB:14:6B:85:06:AB:E2:34:22:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzBxzWOvWHBY5fsUa4UGq-I0IpM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b192f4-480b-45f5-9a86-c8bb034fa0fb/1/dtBMuTDv85-uKtbJb1bFEi0xiRE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b192f4-480b-45f5-9a86-c8bb034fa0fb/1/RzBxzWOvWHBY5fsUa4UGq-I0IpM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:bf:51:c1:b9:7e:9b:2c:a5:69:e0:0d:b5:08:6d:85:08:65:
         16:75:c4:b3:8e:24:b4:84:d9:26:eb:35:e8:8b:9d:dc:0f:05:
         a5:2b:c7:1e:f0:98:67:c1:dd:ef:31:56:cd:cf:07:0e:22:10:
         e6:d1:2d:8a:c8:9b:ef:f7:e2:e7:16:3a:a7:9e:6d:2e:ae:fa:
         77:41:c4:91:e5:ee:11:a6:63:4e:ef:1f:2b:9a:11:b2:1b:b7:
         66:42:87:77:58:10:2d:5e:e1:6a:88:7d:ab:9a:b6:b3:ea:46:
         8a:56:8e:2a:b8:f4:f7:22:a5:70:30:3d:ad:c2:5b:34:98:e6:
         4c:9c:d6:72:71:1a:64:04:9b:0a:02:1f:e2:67:40:f4:43:03:
         84:2c:d0:6b:25:26:03:f3:6b:d4:43:aa:79:ab:27:7f:8a:b0:
         02:f1:a0:c7:a7:b9:cd:b9:c7:6e:e8:32:45:c8:42:6b:80:9c:
         e8:ff:3b:03:33:30:16:c5:c7:6c:45:b6:86:69:29:30:54:df:
         a4:af:0b:7b:fa:e4:a2:52:8e:6b:98:c8:04:b3:3d:84:2f:0b:
         1b:a5:dc:9d:6a:0c:95:21:10:df:b7:b6:07:67:ac:1e:f2:01:
         3d:e3:68:db:4e:a7:dc:8d:e0:34:9a:e9:5c:9d:96:e9:2d:58:
         87:7d:d1:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAjLwGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NzMwNzFjZDYzYWY1ODcwNThlNWZiMTQ2Yjg1MDZhYmUyMzQyMjkzMB4XDTIyMDEw
MTEwNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZkMDRjYjkzMGVm
ZjM5ZmFlMmFkNmM5NmY1NmM1MTIyZDMxODkxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsV8kBWv4dcNktWIl4VwLQVSVYqiCc8O/IYZzoemV7iiNg5
JpSwwhjbnZO8mt+vzrjKBlcRMfCiYu+E4xBtWpK1oGdEf7ylcwoeKjN0B2WKx28V
VWRrkmZlAhW0ziMLf2JhV2Z7ufEDoEqBF9RYpfhyr3W+8XqfcSCa9eltK40QwSJf
vbpXG5XH7jYsz+PBdIgnmIIoaSzfxXlZK0PDkjywl4ZO9LqQ71k69LBYenYpoqDN
G/2lQBB/rrZnvFCNUhputTiPHVBjtUGQgWQgyWP26rAwA/Eg/JEWpHVrRhz9j+Wl
DiITqqhuUuYw7vn5ilQ34xKBAI1TjcwgHWBr9d0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR20Ey5MO/zn64q1slvVsUSLTGJETAfBgNVHSMEGDAWgBRHMHHNY69YcFjl
+xRrhQar4jQikzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J6Qnh6V092V0hCWTVmc1VhNFVHcS1JMElwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvYjE5MmY0LTQ4MGItNDVmNS05YTg2LWM4YmIwMzRmYTBmYi8x
L2R0Qk11VER2ODUtdUt0YkpiMWJGRWkweGlSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
YjE5MmY0LTQ4MGItNDVmNS05YTg2LWM4YmIwMzRmYTBmYi8xL1J6Qnh6V092V0hC
WTVmc1VhNFVHcS1JMElwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkrHzANBgkqhkiG9w0BAQsFAAOC
AQEAL79Rwbl+myylaeANtQhthQhlFnXEs44ktITZJus16Iud3A8FpSvHHvCYZ8Hd
7zFWzc8HDiIQ5tEtisib7/fi5xY6p55tLq76d0HEkeXuEaZjTu8fK5oRshu3ZkKH
d1gQLV7haoh9q5q2s+pGilaOKrj09yKlcDA9rcJbNJjmTJzWcnEaZASbCgIf4mdA
9EMDhCzQayUmA/Nr1EOqeasnf4qwAvGgx6e5zbnHbugyRchCa4Cc6P87AzMwFsXH
bEW2hmkpMFTfpK8Le/rkolKOa5jIBLM9hC8LG6XcnWoMlSEQ37e2B2esHvIBPeNo
206n3I3gNJrpXJ2W6S1Yh33RAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:00 2024 by rpki-client on console-ams.rpki-client.org