Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/d79f1a-5766-4685-b1ef-3d3b7924a3d1/1/u2lzITjhYug3V6V0geUo-cZApS4.roa
File:                     u2lzITjhYug3V6V0geUo-cZApS4.roa (raw, json)
Hash identifier:          e0Ddia/EFIBu8RrAHZZDp9XrqEvI0fm2C/7wpJyO7TQ=
Subject key identifier:   BB:69:73:21:38:E1:62:E8:37:57:A5:74:81:E5:28:F9:C6:40:A5:2E
Certificate issuer:       /CN=a609c33af20168169031255daee2d83d2662c990
Certificate serial:       018570D4FE66B8B905C00677FFBAE88C5304
Authority key identifier: A6:09:C3:3A:F2:01:68:16:90:31:25:5D:AE:E2:D8:3D:26:62:C9:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgnDOvIBaBaQMSVdruLYPSZiyZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/d79f1a-5766-4685-b1ef-3d3b7924a3d1/1/u2lzITjhYug3V6V0geUo-cZApS4.roa
Signing time:             Mon 02 Jan 2023 04:54:43 +0000
ROA not before:           Mon 02 Jan 2023 04:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50926
IP address blocks:        95.128.152.0/24 maxlen: 24
                          95.128.155.0/24 maxlen: 24
                          95.128.157.0/24 maxlen: 24
                          95.128.154.0/24 maxlen: 24
                          95.128.156.0/24 maxlen: 24
                          95.128.153.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d4:fe:66:b8:b9:05:c0:06:77:ff:ba:e8:8c:53:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609c33af20168169031255daee2d83d2662c990
        Validity
            Not Before: Jan  2 04:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb69732138e162e83757a57481e528f9c640a52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0b:0c:da:20:23:99:61:61:f0:7b:0e:41:8c:
                    75:d3:6b:87:83:c6:2a:9e:23:ad:6c:cb:94:4a:8c:
                    89:df:c1:b4:07:b9:ac:cb:17:ed:2a:bf:f8:63:9c:
                    a8:6f:63:fd:e8:b8:37:c2:5b:10:cc:ee:54:a9:4c:
                    5a:41:0e:a8:35:5c:fb:0d:26:41:99:dc:b8:5f:6d:
                    1e:b8:40:63:d4:45:16:fc:9e:77:56:00:a1:70:4b:
                    0d:40:1a:cc:b4:d3:30:c3:d0:45:88:d7:67:d5:c2:
                    0b:ee:3e:ca:9e:c0:b3:55:77:3e:51:b6:37:15:12:
                    31:f7:f1:6d:54:57:9a:f2:1b:52:06:a4:b9:a8:ac:
                    85:7f:f0:ff:28:66:5a:5e:15:1b:0b:cf:f9:3a:b2:
                    09:c5:ed:61:c5:ba:f1:74:e8:fc:86:7d:2c:a1:37:
                    03:48:c4:0b:c4:7d:f5:88:27:35:e0:18:ca:81:f7:
                    76:96:49:df:ef:b0:8b:e7:35:a0:69:d9:14:67:34:
                    3b:38:ae:94:16:44:f8:89:19:66:84:be:e3:7f:9e:
                    49:76:79:a3:00:9d:7c:19:be:ed:73:01:05:ed:2e:
                    ca:00:2b:92:42:fa:f0:d2:86:87:7c:c3:66:76:17:
                    24:91:7d:5c:56:85:f7:d9:ac:d3:94:8b:5f:dd:26:
                    5b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:69:73:21:38:E1:62:E8:37:57:A5:74:81:E5:28:F9:C6:40:A5:2E
            X509v3 Authority Key Identifier:
                keyid:A6:09:C3:3A:F2:01:68:16:90:31:25:5D:AE:E2:D8:3D:26:62:C9:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgnDOvIBaBaQMSVdruLYPSZiyZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/d79f1a-5766-4685-b1ef-3d3b7924a3d1/1/u2lzITjhYug3V6V0geUo-cZApS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/d79f1a-5766-4685-b1ef-3d3b7924a3d1/1/pgnDOvIBaBaQMSVdruLYPSZiyZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.128.152.0-95.128.157.255

    Signature Algorithm: sha256WithRSAEncryption
         91:51:d4:d3:40:56:d6:c1:57:f9:52:aa:db:03:72:a2:6b:f2:
         79:99:ec:10:13:2e:84:5d:68:72:ce:66:78:ef:fd:93:26:a1:
         0f:e0:78:6e:3b:24:79:9a:b8:b8:91:4e:f2:18:19:9a:ed:75:
         e6:47:e1:51:e0:fa:4c:67:11:85:10:4f:b6:33:ee:53:90:0f:
         41:c4:a0:c1:43:a3:6c:ef:45:f7:b4:d5:4e:8b:4c:ff:ab:da:
         ed:c2:a6:87:e1:2c:a9:61:3b:37:75:2c:31:b7:93:f1:98:85:
         1d:e3:4f:7a:1c:e2:19:f9:1e:9b:16:6b:27:37:15:05:98:ac:
         cf:0c:f4:e5:c1:18:7e:13:7a:e6:b4:a1:31:05:db:77:a6:eb:
         9f:29:1e:51:ba:0a:d6:c2:26:76:54:d1:c1:35:90:7d:72:b5:
         80:70:04:29:8b:bb:80:4a:42:20:d1:c6:76:1b:a7:5f:c4:98:
         2d:d4:76:f9:c7:c8:1c:e5:39:96:b1:31:ae:e9:67:2e:75:8a:
         47:f5:97:2e:93:91:d5:4d:91:65:a3:08:86:14:61:86:e5:e1:
         a0:8d:c6:cb:0e:20:96:26:4d:f4:f4:83:7d:94:5f:86:98:f7:
         47:9a:ef:47:c9:60:09:b1:18:fc:18:f1:fa:67:fc:83:ea:0b:
         8c:70:14:74
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVw1P5muLkFwAZ3/7rojFMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDljMzNhZjIwMTY4MTY5MDMxMjU1ZGFlZTJkODNkMjY2
MmM5OTAwHhcNMjMwMTAyMDQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY5NzMyMTM4ZTE2MmU4Mzc1N2E1NzQ4MWU1MjhmOWM2NDBhNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQsM2iAjmWFh8HsOQYx102uHg8Yq
niOtbMuUSoyJ38G0B7msyxftKr/4Y5yob2P96Lg3wlsQzO5UqUxaQQ6oNVz7DSZB
mdy4X20euEBj1EUW/J53VgChcEsNQBrMtNMww9BFiNdn1cIL7j7KnsCzVXc+UbY3
FRIx9/FtVFea8htSBqS5qKyFf/D/KGZaXhUbC8/5OrIJxe1hxbrxdOj8hn0soTcD
SMQLxH31iCc14BjKgfd2lknf77CL5zWgadkUZzQ7OK6UFkT4iRlmhL7jf55Jdnmj
AJ18Gb7tcwEF7S7KACuSQvrw0oaHfMNmdhckkX1cVoX32azTlItf3SZbJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLtpcyE44WLoN1eldIHlKPnGQKUuMB8GA1UdIwQY
MBaAFKYJwzryAWgWkDElXa7i2D0mYsmQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGduRE92SUJhQmFRTVNWZHJ1TFlQU1ppeVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9kNzlmMWEtNTc2Ni00Njg1LWIxZWYt
M2QzYjc5MjRhM2QxLzEvdTJseklUamhZdWczVjZWMGdlVW8tY1pBcFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9kNzlmMWEtNTc2Ni00Njg1LWIxZWYtM2QzYjc5MjRhM2Qx
LzEvcGduRE92SUJhQmFRTVNWZHJ1TFlQU1ppeVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANfgJgD
BAFfgJwwDQYJKoZIhvcNAQELBQADggEBAJFR1NNAVtbBV/lSqtsDcqJr8nmZ7BAT
LoRdaHLOZnjv/ZMmoQ/geG47JHmauLiRTvIYGZrtdeZH4VHg+kxnEYUQT7Yz7lOQ
D0HEoMFDo2zvRfe01U6LTP+r2u3CpofhLKlhOzd1LDG3k/GYhR3jT3oc4hn5HpsW
ayc3FQWYrM8M9OXBGH4Teua0oTEF23em658pHlG6CtbCJnZU0cE1kH1ytYBwBCmL
u4BKQiDRxnYbp1/EmC3UdvnHyBzlOZaxMa7pZy51ikf1ly6TkdVNkWWjCIYUYYbl
4aCNxssOIJYmTfT0g32UX4aY90ea70fJYAmxGPwY8fpn/IPqC4xwFHQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:41 2024 by rpki-client on console-ams.rpki-client.org