Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/d6a49d-5c58-44dc-bb4d-cf8cb175c84b/1/YXGjOptmdsvU1vQ0N8vX-i_EN7Q.roa
File:                     YXGjOptmdsvU1vQ0N8vX-i_EN7Q.roa (raw, json)
Hash identifier:          uWLGxvrWA9c9jNDb7SWzCoIOkaJBBTsonOGiYM3hZ8Q=
Subject key identifier:   61:71:A3:3A:9B:66:76:CB:D4:D6:F4:34:37:CB:D7:FA:2F:C4:37:B4
Certificate issuer:       /CN=5335dd1ce4f0e4119ae6c970d5b3b3fd585e6a31
Certificate serial:       024758DD
Authority key identifier: 53:35:DD:1C:E4:F0:E4:11:9A:E6:C9:70:D5:B3:B3:FD:58:5E:6A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UzXdHOTw5BGa5slw1bOz_VheajE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/d6a49d-5c58-44dc-bb4d-cf8cb175c84b/1/YXGjOptmdsvU1vQ0N8vX-i_EN7Q.roa
Signing time:             Sat 01 Jan 2022 01:55:42 +0000
ROA not before:           Sat 01 Jan 2022 01:55:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        45.144.153.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38230237 (0x24758dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5335dd1ce4f0e4119ae6c970d5b3b3fd585e6a31
        Validity
            Not Before: Jan  1 01:55:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6171a33a9b6676cbd4d6f43437cbd7fa2fc437b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fc:e0:34:68:41:09:63:0c:1b:77:3e:3b:a8:
                    dc:99:fe:d4:e5:90:79:53:ee:db:5c:af:3c:4f:44:
                    db:ad:3e:b3:cb:92:df:51:6f:26:89:e0:a5:fa:20:
                    b3:02:09:59:26:cb:c6:65:fd:03:b1:e9:b4:01:e9:
                    66:2f:2d:03:aa:59:75:a4:da:87:8d:cd:0b:c3:78:
                    c0:9d:f3:bf:aa:bb:8a:17:2d:55:13:a9:b7:14:04:
                    ef:76:21:28:fc:5a:b6:a4:36:d7:66:a4:d1:15:5f:
                    e4:73:e1:a8:ab:20:86:bf:9a:5f:8a:12:5b:c3:9e:
                    63:e8:5a:28:f2:c4:16:83:3c:ce:58:fc:1a:a6:84:
                    b5:d0:ac:4d:ce:7b:36:ca:a7:c7:7d:c5:7e:42:48:
                    94:37:5b:1f:ac:51:a9:ea:ae:85:89:96:f8:51:15:
                    a2:28:f1:61:53:4e:59:5e:1e:76:83:57:1d:48:34:
                    e8:f2:01:b2:b5:51:8d:16:bb:90:4b:9e:8a:88:d6:
                    af:01:de:06:60:e6:e9:20:d2:ca:65:94:56:43:d3:
                    99:bc:33:17:de:35:99:ff:b4:bc:6a:b3:79:70:99:
                    57:98:02:20:80:20:cc:ad:b1:4f:bb:ce:66:36:9e:
                    f5:a4:1f:78:d9:60:cd:48:3e:48:cb:e5:84:be:5b:
                    a1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:71:A3:3A:9B:66:76:CB:D4:D6:F4:34:37:CB:D7:FA:2F:C4:37:B4
            X509v3 Authority Key Identifier:
                keyid:53:35:DD:1C:E4:F0:E4:11:9A:E6:C9:70:D5:B3:B3:FD:58:5E:6A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzXdHOTw5BGa5slw1bOz_VheajE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d6a49d-5c58-44dc-bb4d-cf8cb175c84b/1/YXGjOptmdsvU1vQ0N8vX-i_EN7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d6a49d-5c58-44dc-bb4d-cf8cb175c84b/1/UzXdHOTw5BGa5slw1bOz_VheajE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:02:50:91:56:91:8f:64:0a:da:b6:d3:3e:76:c7:73:47:53:
         ce:d0:c2:52:b6:5d:f2:91:7f:57:a8:ec:ec:74:8d:ca:05:e6:
         f2:b9:ae:8f:95:46:8b:2f:fb:ed:0a:64:d8:b6:89:ef:1f:7e:
         10:1c:4f:62:a2:a0:e5:53:06:8a:57:67:cb:23:fd:76:f1:1c:
         b3:2e:4e:0f:00:5c:f7:ae:32:f5:fe:63:f8:11:75:d9:5f:4c:
         0a:8c:93:f3:91:78:35:da:f0:13:ee:f8:cd:9e:01:c2:67:6f:
         02:af:0c:a7:5b:27:46:eb:83:52:c8:f3:c5:aa:c4:fc:57:6d:
         6c:03:d6:d5:b6:6a:5a:2e:7c:36:f5:b9:57:81:90:3e:57:d1:
         cc:05:67:ba:83:3a:ac:ff:3b:cd:75:c6:5d:ac:d4:81:ae:b2:
         43:bf:03:08:23:c6:7a:26:fa:55:96:f3:05:a1:5d:38:40:d3:
         de:6f:9c:87:22:7e:25:50:3c:e5:07:c8:82:ef:08:09:a8:da:
         6c:cf:e7:c5:fe:08:9c:64:97:55:75:d0:db:2e:e9:b5:10:9e:
         42:2e:91:16:53:50:6d:c0:62:35:b7:60:a2:30:d0:59:63:53:
         a9:88:71:0a:89:9f:6f:61:6c:1b:ea:13:dc:08:6c:46:6a:2a:
         86:09:f2:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkdY3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzM1ZGQxY2U0ZjBlNDExOWFlNmM5NzBkNWIzYjNmZDU4NWU2YTMxMB4XDTIyMDEw
MTAxNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE3MWEzM2E5YjY2
NzZjYmQ0ZDZmNDM0MzdjYmQ3ZmEyZmM0MzdiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP84DRoQQljDBt3Pjuo3Jn+1OWQeVPu21yvPE9E260+s8uS
31FvJongpfogswIJWSbLxmX9A7HptAHpZi8tA6pZdaTah43NC8N4wJ3zv6q7ihct
VROptxQE73YhKPxatqQ212ak0RVf5HPhqKsghr+aX4oSW8OeY+haKPLEFoM8zlj8
GqaEtdCsTc57Nsqnx33FfkJIlDdbH6xRqequhYmW+FEVoijxYVNOWV4edoNXHUg0
6PIBsrVRjRa7kEueiojWrwHeBmDm6SDSymWUVkPTmbwzF941mf+0vGqzeXCZV5gC
IIAgzK2xT7vOZjae9aQfeNlgzUg+SMvlhL5boYkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhcaM6m2Z2y9TW9DQ3y9f6L8Q3tDAfBgNVHSMEGDAWgBRTNd0c5PDkEZrm
yXDVs7P9WF5qMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V6WGRIT1R3NUJHYTVzbHcxYk96X1ZoZWFqRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvZDZhNDlkLTVjNTgtNDRkYy1iYjRkLWNmOGNiMTc1Yzg0Yi8x
L1lYR2pPcHRtZHN2VTF2UTBOOHZYLWlfRU43US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ZDZhNDlkLTVjNTgtNDRkYy1iYjRkLWNmOGNiMTc1Yzg0Yi8xL1V6WGRIT1R3NUJH
YTVzbHcxYk96X1ZoZWFqRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2QmTANBgkqhkiG9w0BAQsFAAOC
AQEAZgJQkVaRj2QK2rbTPnbHc0dTztDCUrZd8pF/V6js7HSNygXm8rmuj5VGiy/7
7Qpk2LaJ7x9+EBxPYqKg5VMGildnyyP9dvEcsy5ODwBc964y9f5j+BF12V9MCoyT
85F4NdrwE+74zZ4BwmdvAq8Mp1snRuuDUsjzxarE/FdtbAPW1bZqWi58NvW5V4GQ
PlfRzAVnuoM6rP87zXXGXazUga6yQ78DCCPGeib6VZbzBaFdOEDT3m+chyJ+JVA8
5QfIgu8ICajabM/nxf4InGSXVXXQ2y7ptRCeQi6RFlNQbcBiNbdgojDQWWNTqYhx
Comfb2FsG+oT3AhsRmoqhgnyhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:31 2024 by rpki-client on console-fra.rpki-client.org