Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f7a017-7fdb-4fc9-88cc-782dd0987ffa/1/V9BaWARthSK0YvIA8bwt-s0HfcQ.roa
File:                     V9BaWARthSK0YvIA8bwt-s0HfcQ.roa (raw, json)
Hash identifier:          kwkWbELMWiSDlq+/IJTkHkFfWu3GXL9Vp2Eilt/RNtk=
Subject key identifier:   57:D0:5A:58:04:6D:85:22:B4:62:F2:00:F1:BC:2D:FA:CD:07:7D:C4
Certificate issuer:       /CN=33c28202b6141670a3ff348cadd60fff7bae6417
Certificate serial:       024479B4
Authority key identifier: 33:C2:82:02:B6:14:16:70:A3:FF:34:8C:AD:D6:0F:FF:7B:AE:64:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M8KCArYUFnCj_zSMrdYP_3uuZBc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/f7a017-7fdb-4fc9-88cc-782dd0987ffa/1/V9BaWARthSK0YvIA8bwt-s0HfcQ.roa
Signing time:             Tue 03 May 2022 14:32:53 +0000
ROA not before:           Tue 03 May 2022 14:32:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        130.255.169.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38042036 (0x24479b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33c28202b6141670a3ff348cadd60fff7bae6417
        Validity
            Not Before: May  3 14:32:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=57d05a58046d8522b462f200f1bc2dfacd077dc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:af:8d:3a:a0:a4:3c:04:cd:eb:84:5c:c2:f5:
                    47:50:a6:71:79:70:02:fc:ed:d8:1a:08:c5:0b:3a:
                    29:80:67:b8:65:e1:f2:e0:f4:58:81:de:a4:1e:6f:
                    2c:db:b1:48:0a:83:90:10:1c:0a:68:15:07:e7:64:
                    69:17:d1:42:fa:57:81:66:37:b2:d6:50:0b:12:7f:
                    b3:ab:ad:fe:d2:ce:c4:56:91:94:18:cd:61:9f:04:
                    80:53:83:22:a8:01:f1:79:23:3e:a3:14:4c:29:93:
                    e4:bf:69:ac:41:cd:7d:8e:e7:f6:38:20:fd:20:1a:
                    ff:ee:3d:89:57:10:2a:9e:66:bf:bd:37:bd:e2:64:
                    da:a6:e7:aa:cd:bf:c3:56:46:cc:9e:b2:06:98:8d:
                    0e:6e:7a:4c:f7:fd:ab:1b:29:de:59:44:13:04:55:
                    27:1c:9f:04:ec:19:46:1d:d3:56:b3:1e:51:00:be:
                    35:34:50:9e:3d:5e:fb:b7:46:fe:e9:cb:58:70:33:
                    92:ce:65:5b:a2:34:f7:ea:89:b6:ae:22:c6:67:91:
                    29:60:eb:db:d7:f0:c9:68:68:aa:07:86:62:34:83:
                    13:16:16:06:c4:f5:f4:74:f8:83:9c:9e:c3:5e:14:
                    6a:69:92:6e:b3:e3:ba:cd:e5:af:23:59:15:a9:29:
                    d9:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:D0:5A:58:04:6D:85:22:B4:62:F2:00:F1:BC:2D:FA:CD:07:7D:C4
            X509v3 Authority Key Identifier:
                keyid:33:C2:82:02:B6:14:16:70:A3:FF:34:8C:AD:D6:0F:FF:7B:AE:64:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8KCArYUFnCj_zSMrdYP_3uuZBc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f7a017-7fdb-4fc9-88cc-782dd0987ffa/1/V9BaWARthSK0YvIA8bwt-s0HfcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f7a017-7fdb-4fc9-88cc-782dd0987ffa/1/M8KCArYUFnCj_zSMrdYP_3uuZBc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.255.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:1c:1f:e9:35:98:eb:89:41:dc:1e:90:b3:fb:dd:56:34:e9:
         09:80:89:da:c4:3a:f3:e4:45:54:9f:54:56:e5:22:38:20:30:
         88:79:55:bd:94:ba:4c:b4:31:e3:3b:28:f7:0c:f5:98:78:eb:
         c1:be:17:42:e2:3c:cd:da:29:66:35:86:89:0b:b4:cd:48:ec:
         3c:da:fe:44:f0:30:49:8a:8f:50:b7:1a:18:1f:4d:7e:1b:80:
         cf:6f:c5:6e:58:16:20:8a:25:0a:1c:2b:c2:db:e0:3d:b9:73:
         19:20:5d:d7:f7:d1:b5:ee:72:41:35:58:a9:df:d3:de:18:0f:
         ac:e7:a2:e7:4b:40:d1:8a:c7:a3:f7:67:22:9d:40:d6:28:6c:
         68:b6:48:62:fe:11:15:8f:5b:dc:7a:7a:60:32:5c:37:9d:00:
         17:99:b0:96:bf:1b:bc:a5:6c:34:b3:97:82:ce:cb:36:f0:ea:
         0d:20:7c:4a:65:b3:41:a9:01:be:e1:cc:25:2e:95:ad:37:02:
         b7:70:69:fc:5d:99:16:84:f2:6f:9e:6c:a0:56:95:f2:3b:23:
         44:5d:e5:44:c8:9f:22:13:d6:06:64:8c:e8:c0:68:63:10:48:
         bd:3c:30:6b:47:29:8f:a0:a6:66:2f:3c:9e:d8:dc:d5:67:12:
         30:e6:ee:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkR5tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2MyODIwMmI2MTQxNjcwYTNmZjM0OGNhZGQ2MGZmZjdiYWU2NDE3MB4XDTIyMDUw
MzE0MzI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTdkMDVhNTgwNDZk
ODUyMmI0NjJmMjAwZjFiYzJkZmFjZDA3N2RjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGvjTqgpDwEzeuEXML1R1CmcXlwAvzt2BoIxQs6KYBnuGXh
8uD0WIHepB5vLNuxSAqDkBAcCmgVB+dkaRfRQvpXgWY3stZQCxJ/s6ut/tLOxFaR
lBjNYZ8EgFODIqgB8XkjPqMUTCmT5L9prEHNfY7n9jgg/SAa/+49iVcQKp5mv703
veJk2qbnqs2/w1ZGzJ6yBpiNDm56TPf9qxsp3llEEwRVJxyfBOwZRh3TVrMeUQC+
NTRQnj1e+7dG/unLWHAzks5lW6I09+qJtq4ixmeRKWDr29fwyWhoqgeGYjSDExYW
BsT19HT4g5yew14UammSbrPjus3lryNZFakp2ckCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRX0FpYBG2FIrRi8gDxvC36zQd9xDAfBgNVHSMEGDAWgBQzwoICthQWcKP/
NIyt1g//e65kFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L004S0NBcllVRm5Dal96U01yZFlQXzN1dVpCYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZjdhMDE3LTdmZGItNGZjOS04OGNjLTc4MmRkMDk4N2ZmYS8x
L1Y5QmFXQVJ0aFNLMFl2SUE4Ynd0LXMwSGZjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZjdhMDE3LTdmZGItNGZjOS04OGNjLTc4MmRkMDk4N2ZmYS8xL004S0NBcllVRm5D
al96U01yZFlQXzN1dVpCYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIL/qTANBgkqhkiG9w0BAQsFAAOC
AQEANRwf6TWY64lB3B6Qs/vdVjTpCYCJ2sQ68+RFVJ9UVuUiOCAwiHlVvZS6TLQx
4zso9wz1mHjrwb4XQuI8zdopZjWGiQu0zUjsPNr+RPAwSYqPULcaGB9NfhuAz2/F
blgWIIolChwrwtvgPblzGSBd1/fRte5yQTVYqd/T3hgPrOei50tA0YrHo/dnIp1A
1ihsaLZIYv4RFY9b3Hp6YDJcN50AF5mwlr8bvKVsNLOXgs7LNvDqDSB8SmWzQakB
vuHMJS6VrTcCt3Bp/F2ZFoTyb55soFaV8jsjRF3lRMifIhPWBmSM6MBoYxBIvTww
a0cpj6CmZi88ntjc1WcSMObu2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org