Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/s7bl5vlx1pgSflDS8RU219vQfik.roa
File:                     s7bl5vlx1pgSflDS8RU219vQfik.roa (raw, json)
Hash identifier:          9YI8YWP5z4D7uzRlTpJfM0ehS2sZLSTgbUHprIepdMY=
Subject key identifier:   B3:B6:E5:E6:F9:71:D6:98:12:7E:50:D2:F1:15:36:D7:DB:D0:7E:29
Certificate issuer:       /CN=a1234bb888ec5734f579747455363171eefb1a43
Certificate serial:       64EEBD
Authority key identifier: A1:23:4B:B8:88:EC:57:34:F5:79:74:74:55:36:31:71:EE:FB:1A:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oSNLuIjsVzT1eXR0VTYxce77GkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/s7bl5vlx1pgSflDS8RU219vQfik.roa
Signing time:             Sat 01 Jan 2022 02:55:55 +0000
ROA not before:           Sat 01 Jan 2022 02:55:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        146.19.237.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6614717 (0x64eebd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1234bb888ec5734f579747455363171eefb1a43
        Validity
            Not Before: Jan  1 02:55:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3b6e5e6f971d698127e50d2f11536d7dbd07e29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:92:38:83:ef:65:49:8e:1a:cd:97:2b:e3:67:
                    b8:39:c1:97:73:07:b6:b4:5b:6e:9d:e6:71:cf:e6:
                    f4:51:f6:e5:80:59:3b:04:f2:4f:2c:6e:c2:c5:42:
                    ac:5a:c3:03:67:78:d8:6c:6e:96:d7:c4:08:57:df:
                    58:28:50:dc:f2:66:74:b8:5c:81:0c:bc:86:07:90:
                    d3:c8:c4:e8:06:d7:94:08:b7:9b:c1:9d:8d:0d:63:
                    4a:f0:a3:04:d3:43:19:2f:28:8c:b5:19:a5:fb:f2:
                    05:ec:f9:67:a5:54:a5:71:97:1e:ef:dd:9e:2d:cb:
                    69:90:56:88:9d:4d:21:fc:4c:e8:96:fc:dd:bb:fe:
                    eb:55:d7:20:7f:0c:a2:b3:fc:82:15:44:c5:9f:d7:
                    85:1d:68:98:c5:95:8f:e6:44:85:f4:a5:17:ea:76:
                    cf:0d:a7:e4:a1:27:15:f4:d6:6d:1e:6a:7e:1c:56:
                    90:61:59:57:78:ca:36:ca:83:82:75:de:a5:62:a7:
                    cc:11:ed:45:03:30:47:e7:9b:83:e5:a2:dc:4b:32:
                    f7:65:ac:7c:73:07:ba:61:5f:ad:a3:13:45:5b:65:
                    43:36:30:19:d2:cd:6d:67:e5:98:43:9c:67:71:2a:
                    b1:a0:1e:7f:fc:59:b4:ef:04:87:3b:29:f9:39:24:
                    93:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:B6:E5:E6:F9:71:D6:98:12:7E:50:D2:F1:15:36:D7:DB:D0:7E:29
            X509v3 Authority Key Identifier:
                keyid:A1:23:4B:B8:88:EC:57:34:F5:79:74:74:55:36:31:71:EE:FB:1A:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSNLuIjsVzT1eXR0VTYxce77GkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/s7bl5vlx1pgSflDS8RU219vQfik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/501ada-7c30-4501-8111-9ceb070c7e05/1/oSNLuIjsVzT1eXR0VTYxce77GkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:95:18:66:be:e6:4f:53:a9:61:6d:a8:f9:03:32:c5:f5:89:
         55:95:19:57:8a:3c:cf:0c:a0:ca:15:60:0b:cc:de:7b:8d:4a:
         35:5e:a8:22:c1:8f:16:e3:9b:23:14:af:29:a4:1e:4e:c8:68:
         12:e2:43:30:4b:a4:cb:9b:ad:f4:88:5e:61:46:05:0d:8f:fb:
         fa:0f:69:eb:e3:4a:9c:31:3c:27:ea:2a:86:3d:34:c9:0d:d3:
         22:4f:4d:0f:29:cf:ed:19:78:8d:64:78:ac:a8:bc:ae:04:cc:
         59:87:f5:81:36:a3:75:29:28:e1:f3:a3:8b:7c:15:c7:d5:e0:
         a3:82:b7:8d:02:6b:32:c2:ff:cf:c6:3c:18:92:90:bf:e8:8e:
         03:62:8c:5c:b4:3d:62:a2:94:26:15:7a:27:2e:42:5a:46:7a:
         ea:89:08:61:ed:fb:1e:d0:98:70:37:03:ea:db:b2:bc:bc:23:
         58:25:71:7b:ce:3f:20:3f:ad:06:d5:8c:cf:9e:bb:08:3f:2a:
         cb:6d:23:a2:b7:ce:f0:12:fd:01:81:f7:04:95:26:7b:1f:ae:
         ae:b2:2b:b8:ac:5e:49:36:73:98:d7:00:24:10:e2:d8:43:55:
         91:1f:d6:21:85:d0:4f:2e:95:72:78:5f:67:33:ec:7e:db:42:
         4d:25:30:8c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDZO69MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEx
MjM0YmI4ODhlYzU3MzRmNTc5NzQ3NDU1MzYzMTcxZWVmYjFhNDMwHhcNMjIwMTAx
MDI1NTU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiM2I2ZTVlNmY5NzFk
Njk4MTI3ZTUwZDJmMTE1MzZkN2RiZDA3ZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqJI4g+9lSY4azZcr42e4OcGXcwe2tFtuneZxz+b0UfblgFk7
BPJPLG7CxUKsWsMDZ3jYbG6W18QIV99YKFDc8mZ0uFyBDLyGB5DTyMToBteUCLeb
wZ2NDWNK8KME00MZLyiMtRml+/IF7PlnpVSlcZce792eLctpkFaInU0h/Ezolvzd
u/7rVdcgfwyis/yCFUTFn9eFHWiYxZWP5kSF9KUX6nbPDafkoScV9NZtHmp+HFaQ
YVlXeMo2yoOCdd6lYqfMEe1FAzBH55uD5aLcSzL3Zax8cwe6YV+toxNFW2VDNjAZ
0s1tZ+WYQ5xncSqxoB5//Fm07wSHOyn5OSST+wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLO25eb5cdaYEn5Q0vEVNtfb0H4pMB8GA1UdIwQYMBaAFKEjS7iI7Fc09Xl0
dFU2MXHu+xpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
b1NOTHVJanNWelQxZVhSMFZUWXhjZTc3R2tNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNi81MDFhZGEtN2MzMC00NTAxLTgxMTEtOWNlYjA3MGM3ZTA1LzEv
czdibDV2bHgxcGdTZmxEUzhSVTIxOXZRZmlrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81
MDFhZGEtN2MzMC00NTAxLTgxMTEtOWNlYjA3MGM3ZTA1LzEvb1NOTHVJanNWelQx
ZVhSMFZUWXhjZTc3R2tNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPtMA0GCSqGSIb3DQEBCwUAA4IB
AQCIlRhmvuZPU6lhbaj5AzLF9YlVlRlXijzPDKDKFWALzN57jUo1XqgiwY8W45sj
FK8ppB5OyGgS4kMwS6TLm630iF5hRgUNj/v6D2nr40qcMTwn6iqGPTTJDdMiT00P
Kc/tGXiNZHisqLyuBMxZh/WBNqN1KSjh86OLfBXH1eCjgreNAmsywv/PxjwYkpC/
6I4DYoxctD1iopQmFXonLkJaRnrqiQhh7fse0JhwNwPq27K8vCNYJXF7zj8gP60G
1YzPnrsIPyrLbSOit87wEv0BgfcElSZ7H66usiu4rF5JNnOY1wAkEOLYQ1WRH9Yh
hdBPLpVyeF9nM+x+20JNJTCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:47 2024 by rpki-client on console-ams.rpki-client.org