Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/49f718-7d54-4d6f-b792-74ec48d91b87/1/idQfh5NugNhMkP8kiAE0uSty1Us.roa
File:                     idQfh5NugNhMkP8kiAE0uSty1Us.roa (raw, json)
Hash identifier:          i/IpCIkLcUSf4ChXY+pdGMp/3WUseHjsK63lmvBAGLQ=
Subject key identifier:   89:D4:1F:87:93:6E:80:D8:4C:90:FF:24:88:01:34:B9:2B:72:D5:4B
Certificate issuer:       /CN=ca54207281f550df30f5f4fc3e09bdcbe2fd22f4
Certificate serial:       018227670672FF6EC9C252550653F0753176
Authority key identifier: CA:54:20:72:81:F5:50:DF:30:F5:F4:FC:3E:09:BD:CB:E2:FD:22:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ylQgcoH1UN8w9fT8Pgm9y-L9IvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/49f718-7d54-4d6f-b792-74ec48d91b87/1/idQfh5NugNhMkP8kiAE0uSty1Us.roa
Signing time:             Fri 22 Jul 2022 19:33:59 +0000
ROA not before:           Fri 22 Jul 2022 19:33:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        193.57.166.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:27:67:06:72:ff:6e:c9:c2:52:55:06:53:f0:75:31:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca54207281f550df30f5f4fc3e09bdcbe2fd22f4
        Validity
            Not Before: Jul 22 19:33:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=89d41f87936e80d84c90ff24880134b92b72d54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:27:25:02:9f:82:fc:9e:48:ee:e3:40:dd:06:
                    b4:0f:00:e9:a9:78:79:f0:8a:3f:3e:a4:b3:be:73:
                    e0:9b:bc:54:1f:b1:bb:e1:77:ef:3e:c1:b7:44:28:
                    a7:02:91:8e:10:94:e8:23:6c:e1:e9:1a:4f:61:b3:
                    e7:04:c3:b6:5e:81:08:a0:38:56:05:45:bb:17:b2:
                    5b:05:d1:54:a5:8f:0b:e7:c3:3e:4c:e0:f9:9a:1d:
                    42:ce:92:6a:92:0a:5a:ad:96:f4:3a:c4:15:cb:8d:
                    e3:a6:9f:6c:26:20:6c:89:11:eb:25:62:30:41:ae:
                    41:14:6b:cd:bf:27:6f:7b:1b:97:0e:b9:53:3f:2c:
                    4d:77:0c:75:3e:66:b9:4a:1e:7d:ec:26:33:40:71:
                    79:53:b4:97:aa:02:c1:f8:9f:31:7d:35:1f:77:2c:
                    1f:d8:86:d5:8f:75:90:e4:d6:ab:a1:ed:91:bf:bb:
                    a5:cc:b4:cd:fc:58:fc:8c:76:2b:d7:87:88:e3:c4:
                    8e:2a:93:fa:7b:ed:a4:1c:6f:bd:01:4d:34:6b:68:
                    6c:f4:f3:9a:9f:02:2b:22:d7:ef:e5:44:8f:8d:c4:
                    45:08:8d:ca:95:a8:d3:a4:b7:dc:c7:25:6c:37:52:
                    c6:fd:b4:49:5a:28:f6:87:86:83:79:78:cc:e5:58:
                    45:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D4:1F:87:93:6E:80:D8:4C:90:FF:24:88:01:34:B9:2B:72:D5:4B
            X509v3 Authority Key Identifier:
                keyid:CA:54:20:72:81:F5:50:DF:30:F5:F4:FC:3E:09:BD:CB:E2:FD:22:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylQgcoH1UN8w9fT8Pgm9y-L9IvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/49f718-7d54-4d6f-b792-74ec48d91b87/1/idQfh5NugNhMkP8kiAE0uSty1Us.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/49f718-7d54-4d6f-b792-74ec48d91b87/1/ylQgcoH1UN8w9fT8Pgm9y-L9IvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:25:3d:95:2e:77:8f:d7:a5:17:f7:82:71:e8:c8:50:31:fb:
         43:32:e7:42:41:20:12:61:ab:91:ee:bd:b3:ec:22:4f:83:46:
         ee:cd:81:0c:9c:d6:2b:29:da:2c:ba:59:82:d6:0b:a0:85:de:
         09:9c:4c:f7:07:e8:5e:40:9c:c7:44:2d:0c:48:56:25:1e:bd:
         64:ce:74:c7:5e:00:87:a9:0d:a3:4b:70:f5:b6:36:33:8d:cc:
         95:95:36:fc:0a:86:74:f8:77:7d:5e:7d:36:aa:fc:36:93:d1:
         14:3e:df:71:56:13:d9:8f:51:8f:2a:86:4c:7a:ff:3f:89:d9:
         19:01:fb:56:77:4d:64:4a:e7:d4:cc:be:12:2a:bd:83:d9:45:
         28:f3:0b:e2:ac:dc:d9:a4:06:ca:15:95:7b:06:a8:93:22:0e:
         aa:55:d1:11:3d:8a:ed:f6:ac:0b:14:71:4b:e2:cc:5d:38:72:
         f9:9d:aa:15:f0:b1:bc:1e:14:d2:0b:34:02:5d:6b:7a:d7:ff:
         a7:75:71:2f:82:bb:bd:f7:cf:e9:17:60:c9:a1:97:fd:3e:6e:
         4a:34:f8:24:71:f4:02:62:c5:4d:85:1c:0b:50:a8:9f:c2:60:
         b9:ef:2f:35:7b:72:b4:f3:7d:b2:44:d9:01:66:fe:11:6e:fe:
         22:ce:a9:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYInZwZy/27JwlJVBlPwdTF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTQyMDcyODFmNTUwZGYzMGY1ZjRmYzNlMDliZGNiZTJm
ZDIyZjQwHhcNMjIwNzIyMTkzMzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ0MWY4NzkzNmU4MGQ4NGM5MGZmMjQ4ODAxMzRiOTJiNzJkNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiclAp+C/J5I7uNA3Qa0DwDpqXh5
8Io/PqSzvnPgm7xUH7G74XfvPsG3RCinApGOEJToI2zh6RpPYbPnBMO2XoEIoDhW
BUW7F7JbBdFUpY8L58M+TOD5mh1CzpJqkgparZb0OsQVy43jpp9sJiBsiRHrJWIw
Qa5BFGvNvydvexuXDrlTPyxNdwx1Pma5Sh597CYzQHF5U7SXqgLB+J8xfTUfdywf
2IbVj3WQ5Naroe2Rv7ulzLTN/Fj8jHYr14eI48SOKpP6e+2kHG+9AU00a2hs9POa
nwIrItfv5USPjcRFCI3KlajTpLfcxyVsN1LG/bRJWij2h4aDeXjM5VhFEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInUH4eTboDYTJD/JIgBNLkrctVLMB8GA1UdIwQY
MBaAFMpUIHKB9VDfMPX0/D4Jvcvi/SL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxRZ2NvSDFVTjh3OWZUOFBnbTl5LUw5SXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80OWY3MTgtN2Q1NC00ZDZmLWI3OTIt
NzRlYzQ4ZDkxYjg3LzEvaWRRZmg1TnVnTmhNa1A4a2lBRTB1U3R5MVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80OWY3MTgtN2Q1NC00ZDZmLWI3OTItNzRlYzQ4ZDkxYjg3
LzEveWxRZ2NvSDFVTjh3OWZUOFBnbTl5LUw5SXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTmmMA0G
CSqGSIb3DQEBCwUAA4IBAQB9JT2VLneP16UX94Jx6MhQMftDMudCQSASYauR7r2z
7CJPg0buzYEMnNYrKdosulmC1gughd4JnEz3B+heQJzHRC0MSFYlHr1kznTHXgCH
qQ2jS3D1tjYzjcyVlTb8CoZ0+Hd9Xn02qvw2k9EUPt9xVhPZj1GPKoZMev8/idkZ
AftWd01kSufUzL4SKr2D2UUo8wvirNzZpAbKFZV7BqiTIg6qVdERPYrt9qwLFHFL
4sxdOHL5naoV8LG8HhTSCzQCXWt61/+ndXEvgru998/pF2DJoZf9Pm5KNPgkcfQC
YsVNhRwLUKifwmC57y81e3K0832yRNkBZv4Rbv4izqlC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:33 2024 by rpki-client on console-ams.rpki-client.org