Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/759ca5-0d99-428e-85ad-f8872bbdd186/1/X2G9Un3_dDLPerhbYB6mziPC6wY.roa
File:                     X2G9Un3_dDLPerhbYB6mziPC6wY.roa (raw, json)
Hash identifier:          yAj9aUwFVn+EYSo0DAsKDijmfCHB/PWOI1swtVs+pjY=
Subject key identifier:   5F:61:BD:52:7D:FF:74:32:CF:7A:B8:5B:60:1E:A6:CE:23:C2:EB:06
Certificate issuer:       /CN=2f32b5d5f1b98e085eea3a016e080c859b417583
Certificate serial:       018572A806F151E62DEEB5D89598630288F7
Authority key identifier: 2F:32:B5:D5:F1:B9:8E:08:5E:EA:3A:01:6E:08:0C:85:9B:41:75:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzK11fG5jghe6joBbggMhZtBdYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/759ca5-0d99-428e-85ad-f8872bbdd186/1/X2G9Un3_dDLPerhbYB6mziPC6wY.roa
Signing time:             Mon 02 Jan 2023 13:24:52 +0000
ROA not before:           Mon 02 Jan 2023 13:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        146.19.150.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a8:06:f1:51:e6:2d:ee:b5:d8:95:98:63:02:88:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f32b5d5f1b98e085eea3a016e080c859b417583
        Validity
            Not Before: Jan  2 13:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f61bd527dff7432cf7ab85b601ea6ce23c2eb06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a1:48:1e:d0:2b:5f:f9:5e:e9:4e:25:ab:bf:
                    e1:6f:90:8f:2e:0a:91:1d:d5:d5:98:f0:33:ac:be:
                    c4:0d:6f:66:93:a5:59:8f:cc:e0:36:53:8d:cf:a1:
                    e8:27:55:68:f9:9d:04:8e:27:a5:4c:ad:b7:97:24:
                    a8:78:e8:22:f9:cb:a8:7a:c9:62:4e:1a:c2:f9:f3:
                    1e:52:dd:33:90:8d:7d:1f:b9:50:08:20:0e:9b:73:
                    95:f5:a5:b0:0e:10:25:8b:ca:0f:18:1d:79:97:6f:
                    e8:38:ca:a8:37:c0:bf:0f:69:2a:c8:7a:bc:11:49:
                    f2:10:59:8c:c2:68:19:87:00:e8:b1:ca:66:89:d4:
                    7e:23:60:27:eb:bd:07:97:e3:98:01:06:20:3d:25:
                    06:61:e2:7d:28:5c:05:3b:53:cc:63:e0:af:44:34:
                    cb:c0:4a:2c:c9:6e:ba:ef:cf:8c:da:1e:c9:d6:a6:
                    08:db:bd:14:34:bb:a7:97:4f:5d:2e:3b:64:45:58:
                    13:df:f5:10:8d:95:54:b6:8f:78:a1:bf:6b:c8:dc:
                    6b:26:72:2e:5a:1f:2c:71:43:50:0f:af:0e:70:6e:
                    44:d9:e1:c0:bf:2e:7d:2d:59:db:3b:51:15:04:33:
                    ce:e8:0b:ef:2c:1c:c0:2c:dc:05:77:96:39:83:30:
                    91:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:61:BD:52:7D:FF:74:32:CF:7A:B8:5B:60:1E:A6:CE:23:C2:EB:06
            X509v3 Authority Key Identifier:
                keyid:2F:32:B5:D5:F1:B9:8E:08:5E:EA:3A:01:6E:08:0C:85:9B:41:75:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzK11fG5jghe6joBbggMhZtBdYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/759ca5-0d99-428e-85ad-f8872bbdd186/1/X2G9Un3_dDLPerhbYB6mziPC6wY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/759ca5-0d99-428e-85ad-f8872bbdd186/1/LzK11fG5jghe6joBbggMhZtBdYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:b1:0d:54:56:bb:28:a7:36:da:67:9a:bc:b4:65:e2:6e:10:
         6c:a9:ff:9e:57:23:76:71:64:9c:25:64:f7:42:7f:2b:a5:94:
         f8:87:28:cc:79:01:ef:b5:2c:c1:25:de:2b:ea:2e:c0:eb:e2:
         3d:05:05:80:59:ba:cd:d1:35:d9:42:75:cb:f6:dc:75:3f:22:
         d5:f1:7c:31:75:f2:14:0a:6b:db:57:ac:34:5c:62:8d:c2:bc:
         68:a2:a3:dd:1f:01:3c:84:84:eb:0b:33:ab:c4:dd:6d:15:87:
         df:ff:3e:73:bf:43:71:d2:1f:45:c2:43:10:4a:c4:34:d5:bf:
         af:ff:17:06:f2:97:d7:e3:c9:19:58:e6:5d:c8:c3:ae:18:fc:
         61:aa:0e:b2:5d:32:39:e5:17:ae:8c:ff:f9:ad:69:b1:0e:f0:
         4d:de:46:fd:80:f7:4b:53:07:ee:1c:44:65:38:7d:3d:50:35:
         bb:62:4d:c2:a5:f1:fb:6f:60:3a:41:e2:d2:67:66:94:a2:ef:
         c6:90:bb:bd:93:b1:dd:a5:50:a1:a1:57:67:39:29:e9:b7:22:
         20:85:07:a6:03:8d:49:a5:cc:3a:e9:03:21:6d:4d:94:c7:25:
         e9:4e:10:80:56:eb:56:22:3b:b2:06:b8:d2:f5:6b:ae:37:a8:
         b4:f8:4c:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyqAbxUeYt7rXYlZhjAoj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzJiNWQ1ZjFiOThlMDg1ZWVhM2EwMTZlMDgwYzg1OWI0
MTc1ODMwHhcNMjMwMTAyMTMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjYxYmQ1MjdkZmY3NDMyY2Y3YWI4NWI2MDFlYTZjZTIzYzJlYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKFIHtArX/le6U4lq7/hb5CPLgqR
HdXVmPAzrL7EDW9mk6VZj8zgNlONz6HoJ1Vo+Z0EjielTK23lySoeOgi+cuoesli
ThrC+fMeUt0zkI19H7lQCCAOm3OV9aWwDhAli8oPGB15l2/oOMqoN8C/D2kqyHq8
EUnyEFmMwmgZhwDoscpmidR+I2An670Hl+OYAQYgPSUGYeJ9KFwFO1PMY+CvRDTL
wEosyW6678+M2h7J1qYI270UNLunl09dLjtkRVgT3/UQjZVUto94ob9ryNxrJnIu
Wh8scUNQD68OcG5E2eHAvy59LVnbO1EVBDPO6AvvLBzALNwFd5Y5gzCRhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9hvVJ9/3Qyz3q4W2Aeps4jwusGMB8GA1UdIwQY
MBaAFC8ytdXxuY4IXuo6AW4IDIWbQXWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpLMTFmRzVqZ2hlNmpvQmJnZ01oWnRCZFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83NTljYTUtMGQ5OS00MjhlLTg1YWQt
Zjg4NzJiYmRkMTg2LzEvWDJHOVVuM19kRExQZXJoYllCNm16aVBDNndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83NTljYTUtMGQ5OS00MjhlLTg1YWQtZjg4NzJiYmRkMTg2
LzEvTHpLMTFmRzVqZ2hlNmpvQmJnZ01oWnRCZFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAUsQ1UVrsopzbaZ5q8tGXibhBsqf+eVyN2cWScJWT3
Qn8rpZT4hyjMeQHvtSzBJd4r6i7A6+I9BQWAWbrN0TXZQnXL9tx1PyLV8XwxdfIU
CmvbV6w0XGKNwrxooqPdHwE8hITrCzOrxN1tFYff/z5zv0Nx0h9FwkMQSsQ01b+v
/xcG8pfX48kZWOZdyMOuGPxhqg6yXTI55ReujP/5rWmxDvBN3kb9gPdLUwfuHERl
OH09UDW7Yk3CpfH7b2A6QeLSZ2aUou/GkLu9k7HdpVChoVdnOSnptyIghQemA41J
pcw66QMhbU2UxyXpThCAVutWIjuyBrjS9WuuN6i0+Ezl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:45 2024 by rpki-client on console-ams.rpki-client.org