Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/s0EqXh0JSPNIrVn1rStEG2EAClc.roa
File:                     s0EqXh0JSPNIrVn1rStEG2EAClc.roa (raw, json)
Hash identifier:          ywxWPOJZLr3EckMc0KiW6RQStFyyHjzte+tobPeWNg8=
Subject key identifier:   B3:41:2A:5E:1D:09:48:F3:48:AD:59:F5:AD:2B:44:1B:61:00:0A:57
Certificate issuer:       /CN=d191342b98368ad4be832a67e355db275c8da3ad
Certificate serial:       0181DACF90AFFBCE3747CFC135DB01191C2C
Authority key identifier: D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/s0EqXh0JSPNIrVn1rStEG2EAClc.roa
Signing time:             Thu 07 Jul 2022 22:37:24 +0000
ROA not before:           Thu 07 Jul 2022 22:37:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     701
IP address blocks:        2a12:4200::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:da:cf:90:af:fb:ce:37:47:cf:c1:35:db:01:19:1c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d191342b98368ad4be832a67e355db275c8da3ad
        Validity
            Not Before: Jul  7 22:37:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3412a5e1d0948f348ad59f5ad2b441b61000a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:16:1c:d7:68:3d:3f:e3:35:c3:59:d1:de:16:
                    a9:e4:50:0b:df:c1:75:f8:5d:3b:d0:41:04:dc:17:
                    62:1b:2c:47:97:66:cd:97:7d:0b:f4:cd:5e:7b:ee:
                    02:16:48:42:4e:be:d7:a1:5d:ae:45:84:85:b8:0b:
                    dc:c5:42:37:0b:b1:e6:a4:3c:02:50:14:5d:ad:85:
                    51:12:e7:d2:68:17:f5:56:7d:4d:bf:a0:dc:38:c6:
                    9f:aa:c6:20:72:4f:8d:4c:2a:82:8b:75:7f:f9:7c:
                    22:91:d5:c5:ce:02:22:37:f7:a5:93:f7:81:cc:88:
                    4b:ad:8e:14:89:28:9a:99:90:60:e6:7d:3b:ba:ed:
                    b7:75:ab:ac:9c:3c:3f:4e:2c:cd:d2:6b:f7:5c:a6:
                    17:81:ca:ed:69:5c:82:df:f5:e9:54:d2:79:b5:dc:
                    ce:d5:b1:e9:29:42:0a:d8:3d:c5:1f:fd:06:12:05:
                    4b:ac:32:e2:32:30:0b:79:b9:e6:76:16:17:eb:ad:
                    09:e7:46:91:15:8c:dc:34:df:df:50:96:3a:cb:e6:
                    b0:c6:37:15:08:f1:80:10:dd:9e:17:a5:9f:f7:93:
                    50:b7:c6:68:08:b4:df:d7:0d:c3:34:cc:a9:cc:56:
                    56:ab:a1:da:39:79:21:39:62:1a:30:11:35:73:8d:
                    f8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:41:2A:5E:1D:09:48:F3:48:AD:59:F5:AD:2B:44:1B:61:00:0A:57
            X509v3 Authority Key Identifier:
                keyid:D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/s0EqXh0JSPNIrVn1rStEG2EAClc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/0ZE0K5g2itS-gypn41XbJ1yNo60.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:4200::/29

    Signature Algorithm: sha256WithRSAEncryption
         95:5f:ba:41:d4:c5:84:c5:9c:fb:f4:6b:07:e5:8b:fd:a1:a5:
         1b:bb:9c:19:8f:e1:df:4c:06:62:b0:b6:a3:15:12:bb:4f:c9:
         ce:01:80:3b:b4:be:35:27:e9:83:f9:92:8f:07:fa:17:fc:08:
         f0:1a:6e:33:2d:35:6c:ce:77:bd:fd:3d:df:e8:ea:51:9d:f6:
         95:54:41:f9:cf:ea:ff:1b:24:02:fc:40:3e:01:ad:9a:49:ef:
         d3:b6:ac:96:d3:33:d2:f6:af:ab:c5:ab:08:f4:f2:84:26:4f:
         0a:47:0e:dd:59:02:89:7e:f6:d2:77:d9:99:91:12:2b:f0:52:
         5c:b2:b0:53:98:4d:d6:c9:cd:00:2d:39:1e:02:da:fa:ec:9e:
         ba:18:32:3b:0b:f1:0e:b5:77:83:3e:c5:d6:8f:80:88:8a:aa:
         07:c3:58:84:64:e2:bf:ce:ea:da:e8:23:70:18:98:d4:f1:d1:
         44:1c:1b:21:06:4f:a7:6d:05:38:91:b6:83:b1:da:7b:d2:69:
         35:04:53:73:03:47:b9:99:8b:e2:55:01:33:47:14:ce:02:30:
         1a:4e:b3:21:77:eb:e3:cf:5e:81:86:f1:0d:60:f4:27:09:b5:
         ed:5c:44:49:10:04:79:c7:94:64:fd:62:29:b9:66:c3:1b:26:
         8a:73:10:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaz5Cv+843R8/BNdsBGRwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTEzNDJiOTgzNjhhZDRiZTgzMmE2N2UzNTVkYjI3NWM4
ZGEzYWQwHhcNMjIwNzA3MjIzNzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQxMmE1ZTFkMDk0OGYzNDhhZDU5ZjVhZDJiNDQxYjYxMDAwYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRYc12g9P+M1w1nR3hap5FAL38F1
+F070EEE3BdiGyxHl2bNl30L9M1ee+4CFkhCTr7XoV2uRYSFuAvcxUI3C7HmpDwC
UBRdrYVREufSaBf1Vn1Nv6DcOMafqsYgck+NTCqCi3V/+XwikdXFzgIiN/elk/eB
zIhLrY4UiSiamZBg5n07uu23dausnDw/TizN0mv3XKYXgcrtaVyC3/XpVNJ5tdzO
1bHpKUIK2D3FH/0GEgVLrDLiMjALebnmdhYX660J50aRFYzcNN/fUJY6y+awxjcV
CPGAEN2eF6Wf95NQt8ZoCLTf1w3DNMypzFZWq6HaOXkhOWIaMBE1c434MwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLNBKl4dCUjzSK1Z9a0rRBthAApXMB8GA1UdIwQY
MBaAFNGRNCuYNorUvoMqZ+NV2ydcjaOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQt
NDY3MDU4ODFiMTYxLzEvczBFcVhoMEpTUE5JclZuMXJTdEVHMkVBQ2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQtNDY3MDU4ODFiMTYx
LzEvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJCADAN
BgkqhkiG9w0BAQsFAAOCAQEAlV+6QdTFhMWc+/RrB+WL/aGlG7ucGY/h30wGYrC2
oxUSu0/JzgGAO7S+NSfpg/mSjwf6F/wI8BpuMy01bM53vf093+jqUZ32lVRB+c/q
/xskAvxAPgGtmknv07asltMz0vavq8WrCPTyhCZPCkcO3VkCiX720nfZmZESK/BS
XLKwU5hN1snNAC05HgLa+uyeuhgyOwvxDrV3gz7F1o+AiIqqB8NYhGTiv87q2ugj
cBiY1PHRRBwbIQZPp20FOJG2g7Hae9JpNQRTcwNHuZmL4lUBM0cUzgIwGk6zIXfr
489egYbxDWD0Jwm17VxESRAEeceUZP1iKblmwxsminMQrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:04 2024 by rpki-client on console-fra.rpki-client.org