Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/KB76Ry4l3v4AbtK4rUWXi8KOTuw.roa
File:                     KB76Ry4l3v4AbtK4rUWXi8KOTuw.roa (raw, json)
Hash identifier:          aLfZXM10da7p9XMFdRTG/h1pIkYQvfqgjMedVLxIAM0=
Subject key identifier:   28:1E:FA:47:2E:25:DE:FE:00:6E:D2:B8:AD:45:97:8B:C2:8E:4E:EC
Certificate issuer:       /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial:       08235508
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/KB76Ry4l3v4AbtK4rUWXi8KOTuw.roa
Signing time:             Sat 01 Jan 2022 03:52:27 +0000
ROA not before:           Sat 01 Jan 2022 03:52:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        91.149.200.0/24 maxlen: 24
                          91.149.218.0/24 maxlen: 24
                          91.149.229.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136533256 (0x8235508)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
        Validity
            Not Before: Jan  1 03:52:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=281efa472e25defe006ed2b8ad45978bc28e4eec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:12:2d:8b:5b:e4:6e:90:9f:ae:f7:65:45:1b:
                    2e:a0:12:9c:82:0b:f8:61:81:76:09:32:fa:f3:be:
                    0a:36:85:88:1f:f7:ed:95:f0:81:2d:05:2b:55:25:
                    39:3b:32:0d:e4:ff:a7:a6:f6:65:02:8b:34:cd:a5:
                    fa:dd:ea:ee:bb:51:b5:c1:d9:f5:a7:e7:cb:9c:b9:
                    05:93:b3:9e:a9:9f:43:48:da:93:a0:2d:92:40:4b:
                    0d:a3:5b:d4:37:9d:e4:72:66:f1:f7:34:39:1a:1c:
                    c7:77:38:4d:c8:2b:88:31:4b:0c:9f:a7:92:24:6d:
                    eb:1e:58:fd:37:53:8d:63:2e:2e:32:61:65:b6:72:
                    46:93:9d:18:43:79:a2:6c:b5:d0:6e:1e:a5:55:f1:
                    b2:68:3d:96:f2:ce:80:37:3c:e2:a5:75:04:e7:ea:
                    10:82:e4:68:dc:3c:b8:af:81:d3:3e:8e:08:5e:95:
                    b2:7d:19:1c:fd:8c:df:c6:e9:59:d8:5b:7a:77:ae:
                    5e:52:6b:2f:1d:e2:d0:9a:75:9c:80:7f:f0:90:3a:
                    11:ce:65:a7:2b:d3:d1:91:bf:8a:4f:50:f1:2d:4e:
                    e4:da:99:43:07:a3:af:3d:56:4d:c1:05:92:2d:94:
                    0e:fc:1c:44:04:fd:3c:24:40:a4:b0:1a:bb:74:b2:
                    f2:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:1E:FA:47:2E:25:DE:FE:00:6E:D2:B8:AD:45:97:8B:C2:8E:4E:EC
            X509v3 Authority Key Identifier:
                keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/KB76Ry4l3v4AbtK4rUWXi8KOTuw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.200.0/24
                  91.149.218.0/24
                  91.149.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:a9:78:ca:5d:2b:f0:40:7b:4a:b5:16:cc:b3:3a:6d:0d:b3:
         f5:f5:04:c0:9b:cc:da:f9:6c:a4:7d:66:ae:92:e1:7c:e9:45:
         09:5b:2e:74:d9:44:84:61:05:12:fe:04:7c:ba:f0:4e:57:51:
         09:ba:77:57:e0:c9:5a:ff:0d:83:2f:42:2e:f9:1e:36:1c:55:
         21:4e:be:37:c0:30:8d:6e:44:2c:91:53:40:7d:c7:b7:96:30:
         dd:67:f8:3c:31:77:d6:e0:46:6b:24:85:bc:85:7b:67:84:e1:
         1a:1a:2a:49:94:62:15:a8:d8:b1:36:1d:da:75:7d:c2:4f:74:
         a5:8b:aa:f7:18:c6:d9:e7:fd:d5:c6:88:38:f6:72:6e:02:bf:
         bc:92:c1:7a:3d:27:f4:c5:49:29:d9:f2:e5:f2:2a:17:bc:7f:
         f4:8a:5e:79:b3:34:cb:90:20:4a:0b:7a:bd:c2:ca:03:aa:4d:
         da:dd:80:8f:ac:97:c3:92:a8:6b:e5:ad:3b:68:78:a5:5f:e5:
         70:d1:c9:5e:67:01:66:b3:32:41:65:17:16:8a:58:d3:58:b1:
         1f:ff:00:d2:2c:5f:0c:24:5c:69:35:20:ed:05:bc:5e:b8:9d:
         e8:2d:83:8e:f9:1a:c7:db:0c:73:17:d2:05:54:2f:10:d8:0a:
         99:7e:46:be
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECCNVCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njc4NTBlNTcxZjNmMmFjYTJjMWVjMWQ3ZTUwMmQ5YmQxODRjNDVjMB4XDTIyMDEw
MTAzNTIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgxZWZhNDcyZTI1
ZGVmZTAwNmVkMmI4YWQ0NTk3OGJjMjhlNGVlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKESLYtb5G6Qn673ZUUbLqASnIIL+GGBdgky+vO+CjaFiB/3
7ZXwgS0FK1UlOTsyDeT/p6b2ZQKLNM2l+t3q7rtRtcHZ9afny5y5BZOznqmfQ0ja
k6AtkkBLDaNb1Ded5HJm8fc0ORocx3c4TcgriDFLDJ+nkiRt6x5Y/TdTjWMuLjJh
ZbZyRpOdGEN5omy10G4epVXxsmg9lvLOgDc84qV1BOfqEILkaNw8uK+B0z6OCF6V
sn0ZHP2M38bpWdhbeneuXlJrLx3i0Jp1nIB/8JA6Ec5lpyvT0ZG/ik9Q8S1O5NqZ
Qwejrz1WTcEFki2UDvwcRAT9PCRApLAau3Sy8p0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQoHvpHLiXe/gBu0ritRZeLwo5O7DAfBgNVHSMEGDAWgBSmeFDlcfPyrKLB
7B1+UC2b0YTEXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BuaFE1WEh6OHF5aXdld2RmbEF0bTlHRXhGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8x
L0tCNzZSeTRsM3Y0QWJ0SzRyVVdYaThLT1R1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8xL3BuaFE1WEh6OHF5
aXdld2RmbEF0bTlHRXhGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFuVyAMEAFuV2gMEAFuV5TANBgkq
hkiG9w0BAQsFAAOCAQEAOql4yl0r8EB7SrUWzLM6bQ2z9fUEwJvM2vlspH1mrpLh
fOlFCVsudNlEhGEFEv4EfLrwTldRCbp3V+DJWv8Ngy9CLvkeNhxVIU6+N8AwjW5E
LJFTQH3Ht5Yw3Wf4PDF31uBGaySFvIV7Z4ThGhoqSZRiFajYsTYd2nV9wk90pYuq
9xjG2ef91caIOPZybgK/vJLBej0n9MVJKdny5fIqF7x/9IpeebM0y5AgSgt6vcLK
A6pN2t2Aj6yXw5Koa+WtO2h4pV/lcNHJXmcBZrMyQWUXFopY01ixH/8A0ixfDCRc
aTUg7QW8Xrid6C2Djvkax9sMcxfSBVQvENgKmX5Gvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:20 2024 by rpki-client on console-fra.rpki-client.org