Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/523d18-ee1b-4e6d-98a7-89c41f2bec16/1/axYWPy5UifH8unKB1_9MYVihpzE.roa
File:                     axYWPy5UifH8unKB1_9MYVihpzE.roa (raw, json)
Hash identifier:          0T5SArEnYLMia4aGRS1FHMlpPhtFzuShKsf58enHAq0=
Subject key identifier:   6B:16:16:3F:2E:54:89:F1:FC:BA:72:81:D7:FF:4C:61:58:A1:A7:31
Certificate issuer:       /CN=57ec2d5e7769897a1d1b8051a336a562d7ae899b
Certificate serial:       01856D7867D1315EEB2C496CFE9AE78CF7E4
Authority key identifier: 57:EC:2D:5E:77:69:89:7A:1D:1B:80:51:A3:36:A5:62:D7:AE:89:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V-wtXndpiXodG4BRozalYteuiZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/523d18-ee1b-4e6d-98a7-89c41f2bec16/1/axYWPy5UifH8unKB1_9MYVihpzE.roa
Signing time:             Sun 01 Jan 2023 13:14:45 +0000
ROA not before:           Sun 01 Jan 2023 13:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50612
IP address blocks:        146.19.27.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:67:d1:31:5e:eb:2c:49:6c:fe:9a:e7:8c:f7:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57ec2d5e7769897a1d1b8051a336a562d7ae899b
        Validity
            Not Before: Jan  1 13:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b16163f2e5489f1fcba7281d7ff4c6158a1a731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:da:ba:23:e7:74:8b:9f:79:a0:7c:58:63:26:
                    4d:78:ae:6b:e9:ad:56:3d:d2:88:e0:44:46:87:9a:
                    ad:2f:84:52:f9:04:0d:f9:bd:89:ef:89:af:2c:02:
                    bb:04:ac:40:6b:f1:f2:7b:c8:01:f7:43:87:e2:f2:
                    cf:b8:2c:e0:4f:eb:8e:2c:1e:98:c8:0b:a3:47:27:
                    7a:e5:58:d6:24:f5:c7:73:25:ce:5a:c6:0a:f9:5c:
                    e3:f4:b7:f4:20:b5:93:00:98:20:45:21:b2:2c:b3:
                    20:68:9f:f0:49:9e:02:27:1b:bd:f0:19:93:23:5c:
                    d0:d6:6a:c7:6b:dd:1b:fd:94:b3:91:c0:90:e7:74:
                    61:3a:8a:99:60:0d:44:d2:6f:61:d4:5a:7d:c1:f6:
                    5e:45:71:43:f8:85:14:70:12:fa:88:71:ae:0b:f4:
                    97:09:4d:c9:bc:6c:9d:4d:f7:b0:31:3f:34:52:66:
                    5f:d9:f3:37:e3:fd:fe:7e:89:c9:9f:b4:41:bd:59:
                    81:f9:68:83:c0:89:1a:e0:11:35:43:dd:eb:ff:71:
                    5c:9d:c7:8c:55:9f:73:8b:94:61:a1:0e:ed:f6:9e:
                    9c:32:da:91:f2:1c:2f:28:56:2d:a4:89:4a:2b:11:
                    aa:e5:e4:c2:79:3e:74:da:5e:28:c6:79:c1:7d:e0:
                    da:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:16:16:3F:2E:54:89:F1:FC:BA:72:81:D7:FF:4C:61:58:A1:A7:31
            X509v3 Authority Key Identifier:
                keyid:57:EC:2D:5E:77:69:89:7A:1D:1B:80:51:A3:36:A5:62:D7:AE:89:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-wtXndpiXodG4BRozalYteuiZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/523d18-ee1b-4e6d-98a7-89c41f2bec16/1/axYWPy5UifH8unKB1_9MYVihpzE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/523d18-ee1b-4e6d-98a7-89c41f2bec16/1/V-wtXndpiXodG4BRozalYteuiZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:a5:8b:be:25:54:c5:1e:cb:85:54:c7:a0:89:e3:94:ff:19:
         d3:a5:99:4a:93:64:fc:49:33:a0:4e:18:1b:f7:b5:ce:5b:2e:
         92:82:30:7c:1f:77:25:5f:3a:37:64:f2:16:3c:01:98:7d:26:
         85:50:32:bf:fd:1d:31:d9:bd:98:9c:61:8b:3f:db:7e:29:31:
         eb:f3:8a:53:91:93:38:3d:59:4f:14:16:97:09:e7:37:f2:5e:
         2b:17:01:52:8d:b6:91:69:af:8f:ad:76:1f:88:9b:0c:c1:c9:
         04:72:3a:c3:4e:32:a3:f7:f5:d9:18:ad:42:a1:77:38:8a:08:
         44:ef:d3:17:3a:31:b6:e2:7f:d8:63:50:d7:42:9b:43:00:1e:
         70:5a:be:a4:b0:e9:42:6e:de:1a:42:f5:07:ed:4a:51:95:95:
         e7:00:90:90:d0:d7:ef:c5:e4:1e:14:4a:fc:13:d8:62:91:4a:
         d3:44:a8:7c:fe:98:49:c3:98:0d:79:61:50:d4:35:fe:61:87:
         06:6d:0e:95:ce:33:f4:f0:97:df:f9:69:70:3e:6f:6a:fc:90:
         3f:8c:29:7a:69:a0:b6:ba:9c:6b:3f:55:ba:ea:7a:32:f8:75:
         8b:52:16:3b:d4:3d:13:06:d6:d6:b8:36:63:7d:9f:6a:32:35:
         71:e0:04:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteGfRMV7rLEls/prnjPfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZWMyZDVlNzc2OTg5N2ExZDFiODA1MWEzMzZhNTYyZDdh
ZTg5OWIwHhcNMjMwMTAxMTMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjE2MTYzZjJlNTQ4OWYxZmNiYTcyODFkN2ZmNGM2MTU4YTFhNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Nq6I+d0i595oHxYYyZNeK5r6a1W
PdKI4ERGh5qtL4RS+QQN+b2J74mvLAK7BKxAa/Hye8gB90OH4vLPuCzgT+uOLB6Y
yAujRyd65VjWJPXHcyXOWsYK+Vzj9Lf0ILWTAJggRSGyLLMgaJ/wSZ4CJxu98BmT
I1zQ1mrHa90b/ZSzkcCQ53RhOoqZYA1E0m9h1Fp9wfZeRXFD+IUUcBL6iHGuC/SX
CU3JvGydTfewMT80UmZf2fM34/3+fonJn7RBvVmB+WiDwIka4BE1Q93r/3FcnceM
VZ9zi5RhoQ7t9p6cMtqR8hwvKFYtpIlKKxGq5eTCeT502l4oxnnBfeDamQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsWFj8uVInx/Lpygdf/TGFYoacxMB8GA1UdIwQY
MBaAFFfsLV53aYl6HRuAUaM2pWLXrombMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi13dFhuZHBpWG9kRzRCUm96YWxZdGV1aVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81MjNkMTgtZWUxYi00ZTZkLTk4YTct
ODljNDFmMmJlYzE2LzEvYXhZV1B5NVVpZkg4dW5LQjFfOU1ZVmlocHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81MjNkMTgtZWUxYi00ZTZkLTk4YTctODljNDFmMmJlYzE2
LzEvVi13dFhuZHBpWG9kRzRCUm96YWxZdGV1aVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMbMA0G
CSqGSIb3DQEBCwUAA4IBAQAApYu+JVTFHsuFVMegieOU/xnTpZlKk2T8STOgThgb
97XOWy6SgjB8H3clXzo3ZPIWPAGYfSaFUDK//R0x2b2YnGGLP9t+KTHr84pTkZM4
PVlPFBaXCec38l4rFwFSjbaRaa+PrXYfiJsMwckEcjrDTjKj9/XZGK1CoXc4ighE
79MXOjG24n/YY1DXQptDAB5wWr6ksOlCbt4aQvUH7UpRlZXnAJCQ0NfvxeQeFEr8
E9hikUrTRKh8/phJw5gNeWFQ1DX+YYcGbQ6VzjP08Jff+WlwPm9q/JA/jCl6aaC2
upxrP1W66noy+HWLUhY71D0TBtbWuDZjfZ9qMjVx4AR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:56 2024 by rpki-client on console-fra.rpki-client.org