Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/TEPg8XG06ffMo8AvMYzDx36pqUg.roa
File:                     TEPg8XG06ffMo8AvMYzDx36pqUg.roa (raw, json)
Hash identifier:          MKLXrLpOdtZd1xpu0YD4Op034/u5mP1pfP6SS+RgL8s=
Subject key identifier:   4C:43:E0:F1:71:B4:E9:F7:CC:A3:C0:2F:31:8C:C3:C7:7E:A9:A9:48
Certificate issuer:       /CN=a1234bb888ec5734f579747455363171eefb1a43
Certificate serial:       64F1C9
Authority key identifier: A1:23:4B:B8:88:EC:57:34:F5:79:74:74:55:36:31:71:EE:FB:1A:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oSNLuIjsVzT1eXR0VTYxce77GkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/TEPg8XG06ffMo8AvMYzDx36pqUg.roa
Signing time:             Sat 01 Jan 2022 02:55:56 +0000
ROA not before:           Sat 01 Jan 2022 02:55:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        146.19.237.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6615497 (0x64f1c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1234bb888ec5734f579747455363171eefb1a43
        Validity
            Not Before: Jan  1 02:55:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c43e0f171b4e9f7cca3c02f318cc3c77ea9a948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:74:7e:59:b1:73:57:7f:33:92:42:93:81:0d:
                    6d:0d:23:1e:f8:f2:6c:b1:e4:20:8e:bf:f1:6e:42:
                    59:8b:95:2a:30:b2:e5:7c:2d:b4:48:76:b6:be:dc:
                    91:5b:42:7f:9d:f3:f2:bd:df:15:f1:c1:35:92:cf:
                    47:60:81:86:4c:fb:9d:74:75:32:f1:a2:93:e2:72:
                    f3:6e:4f:f1:ad:27:8b:63:c5:e7:c4:c6:1d:13:8e:
                    6e:e7:32:1c:fe:59:af:8d:d7:cc:bc:a1:ff:2d:c8:
                    3b:3d:be:d3:46:5c:00:35:7c:6c:69:6e:1d:a8:d7:
                    f4:5b:9f:90:7b:69:8a:fd:a1:f9:f7:2c:97:dd:54:
                    d2:49:5b:70:ab:2e:32:18:f3:0c:d6:6f:d3:b0:1e:
                    e5:eb:cf:0d:34:a7:39:3b:1b:cf:e7:44:29:21:5f:
                    ce:f1:1a:61:f4:92:e7:02:cb:38:91:b7:02:a9:6c:
                    d0:59:9f:75:3f:fd:46:dc:4f:da:e1:4f:cf:c2:4f:
                    f0:7a:a1:9b:ef:38:17:bf:7d:11:15:21:62:e2:ed:
                    2d:12:ed:dd:e3:da:d8:f1:1c:a4:4e:f7:ae:19:e0:
                    84:23:9b:c7:44:93:28:b7:fc:48:9b:ff:bb:27:68:
                    58:7a:d9:cd:13:f0:a0:6e:7c:a8:9e:6b:b0:08:dd:
                    57:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:43:E0:F1:71:B4:E9:F7:CC:A3:C0:2F:31:8C:C3:C7:7E:A9:A9:48
            X509v3 Authority Key Identifier:
                keyid:A1:23:4B:B8:88:EC:57:34:F5:79:74:74:55:36:31:71:EE:FB:1A:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSNLuIjsVzT1eXR0VTYxce77GkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/TEPg8XG06ffMo8AvMYzDx36pqUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/oSNLuIjsVzT1eXR0VTYxce77GkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:ee:69:b6:20:29:29:98:07:47:7c:0c:5a:23:a3:82:d0:05:
         52:e8:a6:4e:97:41:d3:86:32:d2:a6:86:fc:41:e6:c1:41:f5:
         12:b9:9f:f2:c5:e0:a4:5f:49:18:7d:6a:04:cb:6f:84:53:22:
         4a:ba:35:97:96:b4:8b:29:fc:74:47:db:6b:14:6d:b7:fb:3c:
         ed:ee:ea:88:65:0b:ec:dc:57:ae:58:96:3f:07:47:e5:03:69:
         7f:0d:43:ea:24:f0:ce:ea:59:24:ed:02:c9:29:1d:62:61:96:
         4a:ce:c3:3b:29:32:34:5a:7b:e4:e9:34:c5:85:9a:1d:59:45:
         5d:bc:02:1d:70:bf:89:72:a4:ca:d7:cf:69:50:e2:42:27:a8:
         e6:1d:af:52:b6:e5:82:cb:e6:1b:26:37:2e:b0:d4:a9:16:ec:
         71:07:4e:1c:17:74:75:9e:bb:ae:7e:b2:72:a4:58:a5:34:4b:
         ef:47:84:f8:fe:19:09:e3:11:c4:b4:7b:e7:50:f8:c7:6c:19:
         af:5b:d2:a2:45:28:73:07:86:95:38:fa:82:7c:6b:e8:ab:25:
         cb:57:c4:ca:2b:0c:11:8d:a2:1e:92:41:4f:4a:12:1b:9f:59:
         11:72:fc:66:de:eb:95:2f:d4:b2:be:ef:49:49:c1:c6:85:06:
         6e:d0:b1:f5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDZPHJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEx
MjM0YmI4ODhlYzU3MzRmNTc5NzQ3NDU1MzYzMTcxZWVmYjFhNDMwHhcNMjIwMTAx
MDI1NTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0YzQzZTBmMTcxYjRl
OWY3Y2NhM2MwMmYzMThjYzNjNzdlYTlhOTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm3R+WbFzV38zkkKTgQ1tDSMe+PJsseQgjr/xbkJZi5UqMLLl
fC20SHa2vtyRW0J/nfPyvd8V8cE1ks9HYIGGTPuddHUy8aKT4nLzbk/xrSeLY8Xn
xMYdE45u5zIc/lmvjdfMvKH/Lcg7Pb7TRlwANXxsaW4dqNf0W5+Qe2mK/aH59yyX
3VTSSVtwqy4yGPMM1m/TsB7l688NNKc5OxvP50QpIV/O8Rph9JLnAss4kbcCqWzQ
WZ91P/1G3E/a4U/Pwk/weqGb7zgXv30RFSFi4u0tEu3d49rY8RykTveuGeCEI5vH
RJMot/xIm/+7J2hYetnNE/CgbnyonmuwCN1XuQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFExD4PFxtOn3zKPALzGMw8d+qalIMB8GA1UdIwQYMBaAFKEjS7iI7Fc09Xl0
dFU2MXHu+xpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
b1NOTHVJanNWelQxZVhSMFZUWXhjZTc3R2tNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNi81MDFhZGEtN2MzMC00NTAxLTgxMTEtOWNlYjA3MGM3ZTA1LzEv
VEVQZzhYRzA2ZmZNbzhBdk1ZekR4MzZwcVVnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81
MDFhZGEtN2MzMC00NTAxLTgxMTEtOWNlYjA3MGM3ZTA1LzEvb1NOTHVJanNWelQx
ZVhSMFZUWXhjZTc3R2tNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPtMA0GCSqGSIb3DQEBCwUAA4IB
AQAG7mm2ICkpmAdHfAxaI6OC0AVS6KZOl0HThjLSpob8QebBQfUSuZ/yxeCkX0kY
fWoEy2+EUyJKujWXlrSLKfx0R9trFG23+zzt7uqIZQvs3FeuWJY/B0flA2l/DUPq
JPDO6lkk7QLJKR1iYZZKzsM7KTI0Wnvk6TTFhZodWUVdvAIdcL+JcqTK189pUOJC
J6jmHa9StuWCy+YbJjcusNSpFuxxB04cF3R1nruufrJypFilNEvvR4T4/hkJ4xHE
tHvnUPjHbBmvW9KiRShzB4aVOPqCfGvoqyXLV8TKKwwRjaIekkFPShIbn1kRcvxm
3uuVL9Syvu9JScHGhQZu0LH1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:36 2024 by rpki-client on console-fra.rpki-client.org