Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/56fa55-abb4-4cbd-b546-84086295823d/1/oUfHT_Vk9rYBXNLCO47lt_W822s.roa
File:                     oUfHT_Vk9rYBXNLCO47lt_W822s.roa (raw, json)
Hash identifier:          09Wb8G9j/pAaJYEH+rRIgksjCKeVjyX70V2nAKEZojo=
Subject key identifier:   A1:47:C7:4F:F5:64:F6:B6:01:5C:D2:C2:3B:8E:E5:B7:F5:BC:DB:6B
Certificate issuer:       /CN=ed92d209ea7021adf4424834883aabf6d7bfe962
Certificate serial:       04BAED87
Authority key identifier: ED:92:D2:09:EA:70:21:AD:F4:42:48:34:88:3A:AB:F6:D7:BF:E9:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7ZLSCepwIa30Qkg0iDqr9te_6WI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/56fa55-abb4-4cbd-b546-84086295823d/1/oUfHT_Vk9rYBXNLCO47lt_W822s.roa
Signing time:             Sat 01 Jan 2022 07:59:27 +0000
ROA not before:           Sat 01 Jan 2022 07:59:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43833
IP address blocks:        193.177.212.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79359367 (0x4baed87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed92d209ea7021adf4424834883aabf6d7bfe962
        Validity
            Not Before: Jan  1 07:59:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a147c74ff564f6b6015cd2c23b8ee5b7f5bcdb6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:8d:8b:43:8c:ba:7a:43:be:1e:10:cb:73:e4:
                    d4:2c:16:3f:78:32:6d:c0:31:e4:f1:ab:5e:6f:18:
                    01:5b:e3:aa:eb:07:9a:17:5e:d8:77:fa:3c:0e:d7:
                    4b:17:f7:c0:19:b7:24:35:0a:94:f5:eb:63:33:64:
                    42:70:93:d6:e4:b4:37:4a:87:0e:d4:87:ff:38:23:
                    7f:b8:96:c0:02:b3:03:5c:11:42:03:ca:dc:49:a1:
                    57:35:ad:ba:9d:d7:c4:40:3d:6f:70:03:66:ca:4c:
                    6f:12:a4:c7:0a:ad:89:8b:e7:be:2e:2e:c4:07:86:
                    fa:07:37:91:48:03:37:39:42:cb:34:ad:33:f3:46:
                    8f:59:77:e1:1e:ea:25:58:41:c7:c3:dd:0a:f9:f3:
                    10:ad:89:4a:0a:a3:bd:e4:11:cb:b7:37:e3:c0:42:
                    6e:18:d6:09:4d:f2:df:b8:64:32:40:cf:dd:24:05:
                    ed:59:54:1c:49:f0:c5:37:ba:b1:e6:87:53:d0:cb:
                    7e:4a:be:86:31:07:8e:07:09:4b:ed:ea:96:38:ae:
                    1d:26:10:90:ef:d9:e8:cf:5c:93:ae:1c:56:18:5a:
                    90:28:ee:9e:8f:fb:99:5e:1b:0b:cd:41:99:e9:2a:
                    cd:bb:d7:ea:cc:fc:b3:56:ed:3b:d8:79:28:d0:41:
                    c1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:47:C7:4F:F5:64:F6:B6:01:5C:D2:C2:3B:8E:E5:B7:F5:BC:DB:6B
            X509v3 Authority Key Identifier:
                keyid:ED:92:D2:09:EA:70:21:AD:F4:42:48:34:88:3A:AB:F6:D7:BF:E9:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ZLSCepwIa30Qkg0iDqr9te_6WI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/56fa55-abb4-4cbd-b546-84086295823d/1/oUfHT_Vk9rYBXNLCO47lt_W822s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/56fa55-abb4-4cbd-b546-84086295823d/1/7ZLSCepwIa30Qkg0iDqr9te_6WI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.177.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:94:53:30:2e:fa:2b:b5:1b:73:10:70:09:b1:97:7c:bd:2b:
         61:44:78:f6:81:99:96:8c:4d:5f:9f:14:2c:ef:d4:e8:b8:1e:
         4e:41:30:c8:9b:fe:0f:33:7a:d4:35:77:f6:f1:01:02:37:03:
         89:72:25:cd:c2:8b:d5:dc:d1:10:c7:94:ae:e1:da:d1:63:0a:
         2a:46:4e:05:52:89:15:32:96:43:28:b3:3b:59:a9:e0:ad:46:
         7b:93:fa:07:60:fb:b1:0a:db:57:1b:9e:48:30:d0:1e:f4:0f:
         97:f5:a3:e9:55:bd:45:dd:43:b1:50:f7:0e:b4:0d:c9:d1:9c:
         9c:70:a9:88:a9:b4:21:b5:59:82:6e:97:23:56:57:2c:36:31:
         44:1c:aa:d7:7c:c6:fe:5c:4e:ee:82:a1:33:c6:da:8e:ed:15:
         fb:b2:43:42:37:70:d6:32:89:71:f0:c0:ba:a9:5c:49:6c:6e:
         f9:93:74:07:ce:5f:20:4e:13:db:d6:16:7d:e5:80:60:4f:06:
         ff:2a:0f:3f:39:f0:57:e6:2c:22:82:89:73:e8:c5:e8:03:69:
         24:a2:9b:6c:e8:5e:00:ba:8a:a5:7e:ba:63:3b:3a:7e:65:7c:
         0e:d7:42:5e:f9:52:ee:db:d2:e0:a3:d8:0e:ab:bc:95:f9:07:
         6b:b6:4a:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBLrthzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDkyZDIwOWVhNzAyMWFkZjQ0MjQ4MzQ4ODNhYWJmNmQ3YmZlOTYyMB4XDTIyMDEw
MTA3NTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE0N2M3NGZmNTY0
ZjZiNjAxNWNkMmMyM2I4ZWU1YjdmNWJjZGI2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKNi0OMunpDvh4Qy3Pk1CwWP3gybcAx5PGrXm8YAVvjqusH
mhde2Hf6PA7XSxf3wBm3JDUKlPXrYzNkQnCT1uS0N0qHDtSH/zgjf7iWwAKzA1wR
QgPK3EmhVzWtup3XxEA9b3ADZspMbxKkxwqtiYvnvi4uxAeG+gc3kUgDNzlCyzSt
M/NGj1l34R7qJVhBx8PdCvnzEK2JSgqjveQRy7c348BCbhjWCU3y37hkMkDP3SQF
7VlUHEnwxTe6seaHU9DLfkq+hjEHjgcJS+3qljiuHSYQkO/Z6M9ck64cVhhakCju
no/7mV4bC81BmekqzbvX6sz8s1btO9h5KNBBwTECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShR8dP9WT2tgFc0sI7juW39bzbazAfBgNVHSMEGDAWgBTtktIJ6nAhrfRC
SDSIOqv217/pYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdaTFNDZXB3SWEzMFFrZzBpRHFyOXRlXzZXSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvNTZmYTU1LWFiYjQtNGNiZC1iNTQ2LTg0MDg2Mjk1ODIzZC8x
L29VZkhUX1ZrOXJZQlhOTENPNDdsdF9XODIycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
NTZmYTU1LWFiYjQtNGNiZC1iNTQ2LTg0MDg2Mjk1ODIzZC8xLzdaTFNDZXB3SWEz
MFFrZzBpRHFyOXRlXzZXSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsGx1DANBgkqhkiG9w0BAQsFAAOC
AQEAKZRTMC76K7UbcxBwCbGXfL0rYUR49oGZloxNX58ULO/U6LgeTkEwyJv+DzN6
1DV39vEBAjcDiXIlzcKL1dzREMeUruHa0WMKKkZOBVKJFTKWQyizO1mp4K1Ge5P6
B2D7sQrbVxueSDDQHvQPl/Wj6VW9Rd1DsVD3DrQNydGcnHCpiKm0IbVZgm6XI1ZX
LDYxRByq13zG/lxO7oKhM8baju0V+7JDQjdw1jKJcfDAuqlcSWxu+ZN0B85fIE4T
29YWfeWAYE8G/yoPPznwV+YsIoKJc+jF6ANpJKKbbOheALqKpX66Yzs6fmV8DtdC
XvlS7tvS4KPYDqu8lfkHa7ZK7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:43 2024 by rpki-client on console-ams.rpki-client.org