Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/986115-4153-47f0-bd84-048b3a67a774/1/ZU8NUKcWCA_kA0LxK3uZAslG8_o.roa
File:                     ZU8NUKcWCA_kA0LxK3uZAslG8_o.roa (raw, json)
Hash identifier:          UZ060jcG5I9d3/idwAVJbp6dQdtoZWGIFLd+kM124lk=
Subject key identifier:   65:4F:0D:50:A7:16:08:0F:E4:03:42:F1:2B:7B:99:02:C9:46:F3:FA
Certificate issuer:       /CN=e7b8ff67db276b3635f7ac78521a78f70ec80870
Certificate serial:       035B9937
Authority key identifier: E7:B8:FF:67:DB:27:6B:36:35:F7:AC:78:52:1A:78:F7:0E:C8:08:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/57j_Z9snazY196x4Uhp49w7ICHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/986115-4153-47f0-bd84-048b3a67a774/1/ZU8NUKcWCA_kA0LxK3uZAslG8_o.roa
Signing time:             Sat 01 Jan 2022 02:58:08 +0000
ROA not before:           Sat 01 Jan 2022 02:58:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60557
IP address blocks:        2001:678:cf0::/48 maxlen: 48
                          2001:678:ce8::/48 maxlen: 48
                          2001:678:cec::/48 maxlen: 48
                          2001:678:ce4::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56334647 (0x35b9937)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7b8ff67db276b3635f7ac78521a78f70ec80870
        Validity
            Not Before: Jan  1 02:58:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=654f0d50a716080fe40342f12b7b9902c946f3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:8e:05:9c:cc:8c:65:bd:b5:86:39:e6:42:c0:
                    a8:75:ff:6d:df:4a:1e:c7:78:09:52:f0:4c:d0:b9:
                    16:9c:5f:6f:3f:9e:17:43:7f:d9:8f:fb:0a:62:8b:
                    12:7d:df:53:90:fb:8a:ee:c3:d1:bd:95:99:04:0b:
                    59:64:24:18:e3:44:79:e3:9b:48:76:ed:a0:dd:0e:
                    42:06:39:c6:49:57:73:b1:69:00:4f:05:56:dc:88:
                    12:41:15:20:e3:78:b6:51:82:23:bc:73:c3:8c:9f:
                    40:e9:9a:c2:44:41:45:e2:be:e7:76:cb:aa:19:b7:
                    2d:71:36:78:98:05:4d:62:6c:48:1c:fe:42:21:04:
                    d6:bb:71:22:9e:e9:4f:b5:ec:3e:13:13:16:e3:dc:
                    eb:f0:d3:d7:aa:3b:50:2f:b5:04:81:69:1b:5c:44:
                    83:e5:f2:01:36:28:a2:8f:d5:6b:b2:27:25:60:44:
                    62:3c:50:ae:cf:30:4e:bc:20:ee:66:39:1e:97:88:
                    c2:66:c6:65:47:13:3b:c2:98:4f:66:80:0e:f1:30:
                    f0:42:1d:23:88:62:18:74:6e:4b:d6:c9:34:83:37:
                    cc:49:ab:b4:39:c2:a1:19:7d:3c:d1:7f:2c:e2:ed:
                    73:83:3c:65:9a:af:57:a4:c7:ec:4a:07:25:20:72:
                    f9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:4F:0D:50:A7:16:08:0F:E4:03:42:F1:2B:7B:99:02:C9:46:F3:FA
            X509v3 Authority Key Identifier:
                keyid:E7:B8:FF:67:DB:27:6B:36:35:F7:AC:78:52:1A:78:F7:0E:C8:08:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/57j_Z9snazY196x4Uhp49w7ICHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/986115-4153-47f0-bd84-048b3a67a774/1/ZU8NUKcWCA_kA0LxK3uZAslG8_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/986115-4153-47f0-bd84-048b3a67a774/1/57j_Z9snazY196x4Uhp49w7ICHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:ce4::/48
                  2001:678:ce8::/48
                  2001:678:cec::/48
                  2001:678:cf0::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:0d:31:c5:9e:38:73:21:ce:81:72:57:f0:7a:01:02:1d:f1:
         c8:1f:33:6d:25:a8:49:ae:60:d1:3b:26:11:bf:3c:3c:f4:27:
         1e:01:03:ad:13:98:3a:5e:37:14:a4:2e:87:7a:f1:c9:ce:ea:
         bf:e4:00:41:6f:04:89:20:40:b0:4b:9b:c0:8d:90:0f:d0:75:
         a7:d4:f3:72:dd:c0:ee:d7:bc:8d:02:25:b2:c4:d2:01:a9:cd:
         6f:ef:d5:08:84:17:33:fc:6a:c0:4e:3a:f9:09:0f:89:73:79:
         eb:1d:d5:d1:e7:85:87:aa:d1:94:a4:3c:85:35:08:80:a8:ca:
         e4:b7:43:84:26:fa:c8:53:74:a6:64:6f:a0:1c:3d:44:f3:53:
         9e:f4:69:4c:2d:39:86:99:d5:b3:91:1d:54:3e:87:b4:00:7a:
         89:a7:aa:ba:43:7a:4d:a6:3c:0d:49:21:10:57:60:76:b3:8a:
         14:cb:7c:63:1f:43:3a:9c:9b:92:94:ec:d6:96:2d:42:83:71:
         35:7d:cb:36:e5:a6:a4:ed:c7:7e:95:d9:13:ea:74:86:a2:90:
         3a:3e:fc:29:6b:69:18:f2:b3:9f:a7:34:f4:68:68:2f:63:86:
         cb:4b:96:b7:f8:7f:5d:07:db:df:04:dd:0d:b1:6f:5e:f8:ea:
         f0:80:76:d4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA1uZNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2I4ZmY2N2RiMjc2YjM2MzVmN2FjNzg1MjFhNzhmNzBlYzgwODcwMB4XDTIyMDEw
MTAyNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU0ZjBkNTBhNzE2
MDgwZmU0MDM0MmYxMmI3Yjk5MDJjOTQ2ZjNmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIKOBZzMjGW9tYY55kLAqHX/bd9KHsd4CVLwTNC5Fpxfbz+e
F0N/2Y/7CmKLEn3fU5D7iu7D0b2VmQQLWWQkGONEeeObSHbtoN0OQgY5xklXc7Fp
AE8FVtyIEkEVION4tlGCI7xzw4yfQOmawkRBReK+53bLqhm3LXE2eJgFTWJsSBz+
QiEE1rtxIp7pT7XsPhMTFuPc6/DT16o7UC+1BIFpG1xEg+XyATYooo/Va7InJWBE
YjxQrs8wTrwg7mY5HpeIwmbGZUcTO8KYT2aADvEw8EIdI4hiGHRuS9bJNIM3zEmr
tDnCoRl9PNF/LOLtc4M8ZZqvV6TH7EoHJSBy+ZkCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRlTw1QpxYID+QDQvEre5kCyUbz+jAfBgNVHSMEGDAWgBTnuP9n2ydrNjX3
rHhSGnj3DsgIcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU3al9aOXNuYXpZMTk2eDRVaHA0OXc3SUNIQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvOTg2MTE1LTQxNTMtNDdmMC1iZDg0LTA0OGIzYTY3YTc3NC8x
L1pVOE5VS2NXQ0Ffa0EwTHhLM3VaQXNsRzhfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
OTg2MTE1LTQxNTMtNDdmMC1iZDg0LTA0OGIzYTY3YTc3NC8xLzU3al9aOXNuYXpZ
MTk2eDRVaHA0OXc3SUNIQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHACABBngM5AMHACABBngM6AMHACAB
BngM7AMHACABBngM8DANBgkqhkiG9w0BAQsFAAOCAQEAcA0xxZ44cyHOgXJX8HoB
Ah3xyB8zbSWoSa5g0TsmEb88PPQnHgEDrROYOl43FKQuh3rxyc7qv+QAQW8EiSBA
sEubwI2QD9B1p9Tzct3A7te8jQIlssTSAanNb+/VCIQXM/xqwE46+QkPiXN56x3V
0eeFh6rRlKQ8hTUIgKjK5LdDhCb6yFN0pmRvoBw9RPNTnvRpTC05hpnVs5EdVD6H
tAB6iaequkN6TaY8DUkhEFdgdrOKFMt8Yx9DOpybkpTs1pYtQoNxNX3LNuWmpO3H
fpXZE+p0hqKQOj78KWtpGPKzn6c09GhoL2OGy0uWt/h/XQfb3wTdDbFvXvjq8IB2
1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:30 2024 by rpki-client on console-fra.rpki-client.org