Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/MBx99zfIGmm7d7qgvLHIz8bGS7Q.roa
File:                     MBx99zfIGmm7d7qgvLHIz8bGS7Q.roa (raw, json)
Hash identifier:          spkTxfk33jlXkyQTtE2tZgYR3tebkWNiAwgvWDUEMnE=
Subject key identifier:   30:1C:7D:F7:37:C8:1A:69:BB:77:BA:A0:BC:B1:C8:CF:C6:C6:4B:B4
Certificate issuer:       /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial:       099DDEB6
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/MBx99zfIGmm7d7qgvLHIz8bGS7Q.roa
Signing time:             Thu 09 Jun 2022 13:47:02 +0000
ROA not before:           Thu 09 Jun 2022 13:47:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        91.149.228.0/22 maxlen: 22
                          91.149.244.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161341110 (0x99ddeb6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
        Validity
            Not Before: Jun  9 13:47:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=301c7df737c81a69bb77baa0bcb1c8cfc6c64bb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:98:6d:d6:b3:a6:b7:cd:cf:a1:f8:14:08:b0:
                    af:7c:e2:53:e6:86:24:4c:b9:e5:0c:32:fb:3b:3a:
                    7f:3c:80:48:e3:de:78:7f:8d:de:c3:2f:f9:91:dc:
                    47:ca:4f:8b:71:ce:2a:12:24:94:88:d5:67:55:66:
                    fb:b4:49:81:73:76:a0:67:f1:d2:3f:cb:25:71:7b:
                    32:6b:d5:73:3e:d1:64:92:ca:d8:ab:1f:15:b3:29:
                    d9:94:94:34:81:e7:72:8b:1b:ba:4b:b9:80:05:6a:
                    4e:71:26:c6:ca:10:4b:6b:7c:7a:45:47:3c:fe:a4:
                    d4:25:5b:18:40:b1:49:78:ec:7c:05:01:81:18:65:
                    ae:f7:5b:ca:1e:1b:d1:36:50:e7:5a:76:5c:57:23:
                    2d:5e:67:73:8b:15:9d:7a:6c:34:4f:56:4e:a5:a9:
                    1c:6b:12:73:3a:da:03:1f:20:a6:42:06:b2:26:4e:
                    f8:cd:4f:a4:76:bb:dd:7f:a5:21:6b:1a:35:b6:ce:
                    d7:4c:fb:73:3e:aa:6e:e4:d5:28:66:8e:5e:55:29:
                    dc:31:0b:1b:34:e3:89:e0:7f:77:e3:cc:78:e6:d5:
                    b3:2e:bc:e2:e9:d1:b7:5a:7d:9c:8b:9a:79:cc:7d:
                    3d:95:93:52:ea:ef:69:34:1f:17:0a:17:55:6e:80:
                    02:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:1C:7D:F7:37:C8:1A:69:BB:77:BA:A0:BC:B1:C8:CF:C6:C6:4B:B4
            X509v3 Authority Key Identifier:
                keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/MBx99zfIGmm7d7qgvLHIz8bGS7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.228.0/22
                  91.149.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:9a:c5:59:a2:30:e8:a6:aa:3a:14:cc:68:7a:3b:20:10:cb:
         8b:3c:27:44:b9:6b:a9:07:7a:58:fa:36:ea:f0:4e:31:50:d8:
         09:42:4e:7e:65:4f:de:cf:22:5c:0d:4e:48:c1:b4:31:69:5d:
         31:55:6a:28:ef:89:f2:18:3f:8f:ae:4d:c0:14:ca:fd:25:f2:
         15:b6:ac:65:94:10:d4:bc:2b:07:ff:6e:7b:68:99:df:81:ad:
         4b:3e:62:b2:3a:a0:70:2a:30:52:38:8a:2c:86:ad:d1:99:4d:
         51:6e:25:31:8b:68:d9:65:10:2a:de:4a:7f:82:f6:70:80:6b:
         46:27:5e:c6:aa:a6:aa:2a:60:06:f0:f9:db:b7:4f:0e:9c:6f:
         a9:ba:f3:6e:ed:48:63:fb:4b:68:cb:ad:65:65:cd:6b:14:03:
         04:3d:ab:43:e9:d5:18:ee:44:42:19:33:b3:27:2f:88:bf:8d:
         d0:89:21:99:61:4a:1c:ea:48:96:94:f0:73:99:80:06:fa:37:
         de:ae:a6:c2:a4:d3:1e:03:ef:c2:6c:c2:82:78:d4:d2:c5:f7:
         d9:84:4e:8b:5c:66:b3:49:3e:1c:a0:9f:4d:7c:54:2f:a5:fd:
         7a:a9:f3:4f:f7:93:da:a3:28:96:f8:a9:e3:01:8b:0c:cd:00:
         9a:d3:92:ae
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECZ3etjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njc4NTBlNTcxZjNmMmFjYTJjMWVjMWQ3ZTUwMmQ5YmQxODRjNDVjMB4XDTIyMDYw
OTEzNDcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAxYzdkZjczN2M4
MWE2OWJiNzdiYWEwYmNiMWM4Y2ZjNmM2NGJiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOYbdazprfNz6H4FAiwr3ziU+aGJEy55Qwy+zs6fzyASOPe
eH+N3sMv+ZHcR8pPi3HOKhIklIjVZ1Vm+7RJgXN2oGfx0j/LJXF7MmvVcz7RZJLK
2KsfFbMp2ZSUNIHncosbuku5gAVqTnEmxsoQS2t8ekVHPP6k1CVbGECxSXjsfAUB
gRhlrvdbyh4b0TZQ51p2XFcjLV5nc4sVnXpsNE9WTqWpHGsSczraAx8gpkIGsiZO
+M1PpHa73X+lIWsaNbbO10z7cz6qbuTVKGaOXlUp3DELGzTjieB/d+PMeObVsy68
4unRt1p9nIuaecx9PZWTUurvaTQfFwoXVW6AAg0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQwHH33N8gaabt3uqC8scjPxsZLtDAfBgNVHSMEGDAWgBSmeFDlcfPyrKLB
7B1+UC2b0YTEXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BuaFE1WEh6OHF5aXdld2RmbEF0bTlHRXhGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8x
L01CeDk5emZJR21tN2Q3cWd2TEhJejhiR1M3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8xL3BuaFE1WEh6OHF5
aXdld2RmbEF0bTlHRXhGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAluV5AMEAluV9DANBgkqhkiG9w0B
AQsFAAOCAQEAOZrFWaIw6KaqOhTMaHo7IBDLizwnRLlrqQd6WPo26vBOMVDYCUJO
fmVP3s8iXA1OSMG0MWldMVVqKO+J8hg/j65NwBTK/SXyFbasZZQQ1LwrB/9ue2iZ
34GtSz5isjqgcCowUjiKLIat0ZlNUW4lMYto2WUQKt5Kf4L2cIBrRidexqqmqipg
BvD527dPDpxvqbrzbu1IY/tLaMutZWXNaxQDBD2rQ+nVGO5EQhkzsycviL+N0Ikh
mWFKHOpIlpTwc5mABvo33q6mwqTTHgPvwmzCgnjU0sX32YROi1xms0k+HKCfTXxU
L6X9eqnzT/eT2qMolvip4wGLDM0AmtOSrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:14 2024 by rpki-client on console-ams.rpki-client.org