Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/71eeb3-4482-43c2-a99d-09349383f222/1/NFgMFmDsdpvwhJ-AlPd_5mKQrqw.roa
File:                     NFgMFmDsdpvwhJ-AlPd_5mKQrqw.roa (raw, json)
Hash identifier:          VWMUiYOg4/fk/iNTKQ2Jxy+6o7pLPnGtZ28N0AE/Cek=
Subject key identifier:   34:58:0C:16:60:EC:76:9B:F0:84:9F:80:94:F7:7F:E6:62:90:AE:AC
Certificate issuer:       /CN=e44f62f836e56a94737c7e030eff36e3b3e052ba
Certificate serial:       018248CE6927BD1F3A9BCFACB22D47DCDA6C
Authority key identifier: E4:4F:62:F8:36:E5:6A:94:73:7C:7E:03:0E:FF:36:E3:B3:E0:52:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5E9i-DblapRzfH4DDv8247PgUro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/71eeb3-4482-43c2-a99d-09349383f222/1/NFgMFmDsdpvwhJ-AlPd_5mKQrqw.roa
Signing time:             Fri 29 Jul 2022 07:14:23 +0000
ROA not before:           Fri 29 Jul 2022 07:14:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        185.226.242.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:48:ce:69:27:bd:1f:3a:9b:cf:ac:b2:2d:47:dc:da:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e44f62f836e56a94737c7e030eff36e3b3e052ba
        Validity
            Not Before: Jul 29 07:14:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=34580c1660ec769bf0849f8094f77fe66290aeac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:dd:dd:0c:e6:08:ce:f1:7f:5d:4a:d7:d7:
                    c6:fd:91:7b:75:a5:84:46:b2:05:34:7f:bc:b1:a5:
                    06:71:fe:77:f1:5b:da:4b:ea:b8:77:86:5e:11:2c:
                    a3:96:bf:b1:ef:51:94:d0:07:ae:93:7e:95:75:7e:
                    de:41:11:4e:f2:4b:19:17:06:ea:49:da:01:92:6b:
                    1f:89:12:89:f5:16:4d:71:aa:86:2e:c2:40:9c:90:
                    6b:15:bd:f9:4f:d7:9c:9a:61:ac:82:fe:e6:2f:74:
                    07:69:66:0a:97:71:1f:35:2d:4d:89:fc:c7:58:5b:
                    cc:85:70:23:62:46:c8:c0:83:a4:11:7f:78:71:21:
                    9e:d3:8d:13:f8:fb:7d:4a:44:f9:77:bf:8e:b5:aa:
                    ab:94:7f:5d:0e:1f:14:c1:d0:46:c7:a4:5b:9f:ed:
                    10:b0:cb:81:88:21:57:09:50:b2:5e:59:c4:5e:89:
                    b4:a4:b8:b8:71:41:99:cd:aa:bd:fa:ce:81:37:9c:
                    d3:8f:92:b3:ec:16:6f:83:8b:c4:86:3f:77:a3:9c:
                    59:bf:7d:90:f1:45:72:06:9e:29:4e:41:cc:bb:85:
                    58:06:d9:f0:34:a9:82:cb:7e:5a:b1:e2:aa:86:82:
                    a2:d8:8d:43:a9:50:43:56:11:0f:d5:25:37:bb:66:
                    1a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:58:0C:16:60:EC:76:9B:F0:84:9F:80:94:F7:7F:E6:62:90:AE:AC
            X509v3 Authority Key Identifier:
                keyid:E4:4F:62:F8:36:E5:6A:94:73:7C:7E:03:0E:FF:36:E3:B3:E0:52:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5E9i-DblapRzfH4DDv8247PgUro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/71eeb3-4482-43c2-a99d-09349383f222/1/NFgMFmDsdpvwhJ-AlPd_5mKQrqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/71eeb3-4482-43c2-a99d-09349383f222/1/5E9i-DblapRzfH4DDv8247PgUro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:48:2e:ba:c8:28:30:20:c0:d7:45:1d:7e:99:da:3d:d6:35:
         b6:bf:b9:5e:f0:6d:58:7b:82:15:c8:54:d9:d3:53:88:bf:e9:
         d3:a6:42:a9:d6:bd:d7:9b:66:0c:ca:52:66:b8:42:ce:58:35:
         93:06:41:33:a9:b1:49:f7:71:d2:a1:67:f5:a3:9d:f2:ad:0d:
         1c:6f:a2:e7:6b:91:dc:47:28:2a:d6:47:06:4d:18:b6:ac:9c:
         a3:cd:00:46:aa:31:c9:45:9c:e8:50:24:e5:64:84:0d:9e:cf:
         13:78:b8:a0:ff:a9:9b:58:8c:24:9c:56:d2:d1:f0:3f:f0:2d:
         b6:7d:c6:fd:7e:b2:ec:49:24:17:82:85:76:8e:b7:5a:33:92:
         ae:c5:e8:9e:0f:71:13:63:95:f3:74:6e:64:04:45:9d:39:a5:
         27:9d:e4:6e:f6:76:23:ff:6b:09:14:09:64:de:7c:cf:4c:41:
         96:2b:66:3d:c2:bd:73:68:09:b5:c5:f2:82:f3:a2:21:16:9b:
         30:81:e0:ba:05:2e:05:d5:7d:9d:2d:68:55:82:90:a6:38:22:
         54:bf:23:ba:46:6b:23:70:07:f9:5e:a2:22:58:15:5f:e6:a5:
         b3:bb:24:e3:bd:02:97:ce:be:27:36:3b:4f:ab:49:ee:13:f0:
         9d:69:37:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJIzmknvR86m8+ssi1H3NpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NGY2MmY4MzZlNTZhOTQ3MzdjN2UwMzBlZmYzNmUzYjNl
MDUyYmEwHhcNMjIwNzI5MDcxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU4MGMxNjYwZWM3NjliZjA4NDlmODA5NGY3N2ZlNjYyOTBhZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxjd3QzmCM7xf11K19fG/ZF7daWE
RrIFNH+8saUGcf538VvaS+q4d4ZeESyjlr+x71GU0Aeuk36VdX7eQRFO8ksZFwbq
SdoBkmsfiRKJ9RZNcaqGLsJAnJBrFb35T9ecmmGsgv7mL3QHaWYKl3EfNS1NifzH
WFvMhXAjYkbIwIOkEX94cSGe040T+Pt9SkT5d7+OtaqrlH9dDh8UwdBGx6Rbn+0Q
sMuBiCFXCVCyXlnEXom0pLi4cUGZzaq9+s6BN5zTj5Kz7BZvg4vEhj93o5xZv32Q
8UVyBp4pTkHMu4VYBtnwNKmCy35aseKqhoKi2I1DqVBDVhEP1SU3u2YaQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRYDBZg7Hab8ISfgJT3f+ZikK6sMB8GA1UdIwQY
MBaAFORPYvg25WqUc3x+Aw7/NuOz4FK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUU5aS1EYmxhcFJ6Zkg0RER2ODI0N1BnVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MWVlYjMtNDQ4Mi00M2MyLWE5OWQt
MDkzNDkzODNmMjIyLzEvTkZnTUZtRHNkcHZ3aEotQWxQZF81bUtRcnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MWVlYjMtNDQ4Mi00M2MyLWE5OWQtMDkzNDkzODNmMjIy
LzEvNUU5aS1EYmxhcFJ6Zkg0RER2ODI0N1BnVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueLyMA0G
CSqGSIb3DQEBCwUAA4IBAQBdSC66yCgwIMDXRR1+mdo91jW2v7le8G1Ye4IVyFTZ
01OIv+nTpkKp1r3Xm2YMylJmuELOWDWTBkEzqbFJ93HSoWf1o53yrQ0cb6Lna5Hc
Rygq1kcGTRi2rJyjzQBGqjHJRZzoUCTlZIQNns8TeLig/6mbWIwknFbS0fA/8C22
fcb9frLsSSQXgoV2jrdaM5KuxeieD3ETY5XzdG5kBEWdOaUnneRu9nYj/2sJFAlk
3nzPTEGWK2Y9wr1zaAm1xfKC86IhFpswgeC6BS4F1X2dLWhVgpCmOCJUvyO6Rmsj
cAf5XqIiWBVf5qWzuyTjvQKXzr4nNjtPq0nuE/CdaTcA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:03 2024 by rpki-client on console-fra.rpki-client.org