Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/050e29-b5ee-4c28-901f-79e5f0bc5f90/1/TRJYnBArFWMPmh7lhd6VwBhgg2g.roa
File:                     TRJYnBArFWMPmh7lhd6VwBhgg2g.roa (raw, json)
Hash identifier:          Of1WlNYn7haQvwtLYlhWruislcJXWV4eyqleKDCCHiY=
Subject key identifier:   4D:12:58:9C:10:2B:15:63:0F:9A:1E:E5:85:DE:95:C0:18:60:83:68
Certificate issuer:       /CN=9f5a041af5c8ca45686c1eaac5caa4687624d2d8
Certificate serial:       589F9D
Authority key identifier: 9F:5A:04:1A:F5:C8:CA:45:68:6C:1E:AA:C5:CA:A4:68:76:24:D2:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n1oEGvXIykVobB6qxcqkaHYk0tg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/050e29-b5ee-4c28-901f-79e5f0bc5f90/1/TRJYnBArFWMPmh7lhd6VwBhgg2g.roa
Signing time:             Sat 01 Jan 2022 01:01:41 +0000
ROA not before:           Sat 01 Jan 2022 01:01:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        193.0.62.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5808029 (0x589f9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f5a041af5c8ca45686c1eaac5caa4687624d2d8
        Validity
            Not Before: Jan  1 01:01:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d12589c102b15630f9a1ee585de95c018608368
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5f:df:22:1a:d1:06:90:92:af:fa:a7:41:ff:
                    72:d9:4f:72:88:d2:78:a9:74:bd:a3:ea:60:42:4a:
                    05:2d:b7:68:7b:e3:8e:c1:d7:8e:ce:e1:d4:91:89:
                    89:f5:6c:4f:18:23:be:86:bf:20:b6:cd:c9:e6:36:
                    de:f1:01:a3:b6:e0:69:75:21:7f:5c:8f:59:2e:26:
                    2d:68:4e:30:ca:8a:27:e4:2d:07:04:a8:44:94:f8:
                    09:db:ce:52:58:a8:47:a4:0a:31:60:a8:67:ee:39:
                    6d:fb:44:2b:c8:7d:a5:62:00:1d:da:3b:82:01:57:
                    ad:73:39:f0:af:34:da:46:b7:fa:99:c6:7f:a9:2b:
                    3c:53:89:32:e4:c0:89:a3:d1:e4:36:31:9a:09:93:
                    4d:62:b6:67:21:2d:cf:31:58:b8:b5:5c:0b:12:f0:
                    91:bf:c4:71:25:41:fb:fc:b1:92:5c:b3:6d:f3:e9:
                    27:f0:05:1e:7b:e8:e7:ff:a0:4e:be:31:ba:7f:c5:
                    d6:9e:14:e2:94:d2:43:59:82:29:0c:a0:e5:ad:00:
                    25:ec:4f:86:14:bf:a1:53:6c:e1:91:77:36:0f:2c:
                    a1:10:a6:65:8b:ef:69:10:0f:e0:f6:8d:39:8d:9a:
                    2e:37:6f:89:70:04:a0:8b:b9:bd:6d:cc:c1:39:a1:
                    70:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:12:58:9C:10:2B:15:63:0F:9A:1E:E5:85:DE:95:C0:18:60:83:68
            X509v3 Authority Key Identifier:
                keyid:9F:5A:04:1A:F5:C8:CA:45:68:6C:1E:AA:C5:CA:A4:68:76:24:D2:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1oEGvXIykVobB6qxcqkaHYk0tg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/050e29-b5ee-4c28-901f-79e5f0bc5f90/1/TRJYnBArFWMPmh7lhd6VwBhgg2g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/050e29-b5ee-4c28-901f-79e5f0bc5f90/1/n1oEGvXIykVobB6qxcqkaHYk0tg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:bd:e3:6a:0c:01:d9:1f:52:a4:10:30:af:a0:f7:ae:d4:c9:
         ee:15:0f:33:54:4d:5c:1a:96:33:85:0d:90:33:92:35:8d:df:
         e4:ae:26:be:79:94:74:64:d5:05:36:83:b5:e1:dd:33:93:24:
         f1:5b:83:d3:9c:68:c6:98:2a:1f:1a:44:4d:a0:0c:03:32:59:
         b8:c9:1c:21:f3:cc:7a:76:14:45:e0:f4:49:5f:ac:0c:ca:c6:
         85:94:f8:5f:d5:62:a7:8a:94:a8:70:d2:d5:03:87:89:3b:57:
         59:49:1b:50:10:be:1a:56:55:2c:6f:51:3a:50:87:fc:59:c9:
         cf:98:91:e9:27:ca:92:90:6b:b6:53:ed:52:76:54:61:8f:15:
         ce:30:7e:9a:2e:58:be:5b:47:6c:f4:48:0b:7b:05:d1:41:60:
         ef:2d:21:71:cd:6a:6d:18:60:71:c0:3f:a9:da:75:b8:0a:ac:
         3e:4a:bf:30:f5:e9:af:02:2c:a4:4e:c8:64:49:d2:a9:df:49:
         71:a0:86:6a:03:68:1c:68:87:06:91:ac:e8:73:e1:3f:16:48:
         b7:5c:ce:67:5a:ec:bf:cc:f5:be:ab:b8:46:ad:07:db:6c:0c:
         82:03:91:3a:ab:d8:90:6d:e4:1f:ac:9d:c0:6c:f7:95:06:e4:
         f0:25:bc:53
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDWJ+dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
NWEwNDFhZjVjOGNhNDU2ODZjMWVhYWM1Y2FhNDY4NzYyNGQyZDgwHhcNMjIwMTAx
MDEwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZDEyNTg5YzEwMmIx
NTYzMGY5YTFlZTU4NWRlOTVjMDE4NjA4MzY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnl/fIhrRBpCSr/qnQf9y2U9yiNJ4qXS9o+pgQkoFLbdoe+OO
wdeOzuHUkYmJ9WxPGCO+hr8gts3J5jbe8QGjtuBpdSF/XI9ZLiYtaE4wyoon5C0H
BKhElPgJ285SWKhHpAoxYKhn7jlt+0QryH2lYgAd2juCAVetcznwrzTaRrf6mcZ/
qSs8U4ky5MCJo9HkNjGaCZNNYrZnIS3PMVi4tVwLEvCRv8RxJUH7/LGSXLNt8+kn
8AUee+jn/6BOvjG6f8XWnhTilNJDWYIpDKDlrQAl7E+GFL+hU2zhkXc2DyyhEKZl
i+9pEA/g9o05jZouN2+JcASgi7m9bczBOaFwAwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE0SWJwQKxVjD5oe5YXelcAYYINoMB8GA1UdIwQYMBaAFJ9aBBr1yMpFaGwe
qsXKpGh2JNLYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bjFvRUd2WEl5a1ZvYkI2cXhjcWthSFlrMHRnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85ZC8wNTBlMjktYjVlZS00YzI4LTkwMWYtNzllNWYwYmM1ZjkwLzEv
VFJKWW5CQXJGV01QbWg3bGhkNlZ3QmhnZzJnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8w
NTBlMjktYjVlZS00YzI4LTkwMWYtNzllNWYwYmM1ZjkwLzEvbjFvRUd2WEl5a1Zv
YkI2cXhjcWthSFlrMHRnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQA+MA0GCSqGSIb3DQEBCwUAA4IB
AQA1veNqDAHZH1KkEDCvoPeu1MnuFQ8zVE1cGpYzhQ2QM5I1jd/kria+eZR0ZNUF
NoO14d0zkyTxW4PTnGjGmCofGkRNoAwDMlm4yRwh88x6dhRF4PRJX6wMysaFlPhf
1WKnipSocNLVA4eJO1dZSRtQEL4aVlUsb1E6UIf8WcnPmJHpJ8qSkGu2U+1SdlRh
jxXOMH6aLli+W0ds9EgLewXRQWDvLSFxzWptGGBxwD+p2nW4Cqw+Sr8w9emvAiyk
TshkSdKp30lxoIZqA2gcaIcGkazoc+E/Fki3XM5nWuy/zPW+q7hGrQfbbAyCA5E6
q9iQbeQfrJ3AbPeVBuTwJbxT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org