Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/5yaSWFW7i8DqRNzxOv1eUcP2xxk.roa
File:                     5yaSWFW7i8DqRNzxOv1eUcP2xxk.roa (raw, json)
Hash identifier:          UyqNXix5lKP4tkFcoB9EGkkh0HJyHKcCDISxHHsI2lQ=
Subject key identifier:   E7:26:92:58:55:BB:8B:C0:EA:44:DC:F1:3A:FD:5E:51:C3:F6:C7:19
Certificate issuer:       /CN=723cf97094519a75a3238181076057033b11e884
Certificate serial:       01856E78B5F564C7992F7051969908DA7B5A
Authority key identifier: 72:3C:F9:70:94:51:9A:75:A3:23:81:81:07:60:57:03:3B:11:E8:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/5yaSWFW7i8DqRNzxOv1eUcP2xxk.roa
Signing time:             Sun 01 Jan 2023 17:54:42 +0000
ROA not before:           Sun 01 Jan 2023 17:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        185.197.151.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:78:b5:f5:64:c7:99:2f:70:51:96:99:08:da:7b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=723cf97094519a75a3238181076057033b11e884
        Validity
            Not Before: Jan  1 17:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e726925855bb8bc0ea44dcf13afd5e51c3f6c719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3d:82:26:d8:4d:5e:b3:4f:6c:59:3e:73:47:
                    e0:7e:d6:da:08:0f:71:41:62:f5:3c:bf:54:9f:12:
                    ce:db:f5:d7:7f:37:67:b5:e6:f2:67:5a:36:99:4f:
                    35:77:21:87:24:57:4b:f9:31:6a:71:82:a7:2e:e4:
                    4a:1b:66:95:ae:b0:ea:69:1f:af:36:bf:d7:e1:94:
                    58:1d:11:59:c6:77:44:a2:74:6e:9f:36:fc:13:e8:
                    58:79:2e:79:27:f3:74:b1:06:89:7e:f7:13:c8:01:
                    f4:98:63:6e:23:47:66:53:1f:96:fa:e6:65:eb:1b:
                    93:db:86:5e:6d:c1:01:1f:3a:26:1a:65:be:d9:72:
                    2d:d4:b5:f2:8b:d1:1d:25:37:32:75:ee:f7:c3:18:
                    f8:04:e1:3f:6d:59:5a:68:12:49:4f:4a:17:1d:28:
                    c2:e8:3a:4e:73:e0:50:1e:18:2a:b3:b4:ec:0c:f5:
                    02:0f:14:a9:07:04:23:94:57:e9:f7:ff:88:83:98:
                    9f:dc:63:ca:f9:b0:59:bb:c3:b1:a0:8d:d7:9d:aa:
                    05:81:89:c4:a0:31:b7:55:d4:bb:18:3e:f5:09:5b:
                    9e:40:9d:b4:af:3e:7a:ee:c5:90:32:c9:c4:81:f9:
                    ca:52:90:d7:d6:93:9f:22:8a:5a:bd:8a:50:85:1d:
                    02:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:26:92:58:55:BB:8B:C0:EA:44:DC:F1:3A:FD:5E:51:C3:F6:C7:19
            X509v3 Authority Key Identifier:
                keyid:72:3C:F9:70:94:51:9A:75:A3:23:81:81:07:60:57:03:3B:11:E8:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/5yaSWFW7i8DqRNzxOv1eUcP2xxk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:c3:8b:30:7c:e6:b6:3f:bb:a7:fb:98:91:69:a1:b2:e7:34:
         8f:76:88:2e:09:61:2b:58:b7:74:11:9c:d5:89:2d:74:e3:90:
         ae:b2:d5:2e:9d:b8:dc:73:b1:33:ec:6b:57:24:d7:96:10:d8:
         14:ef:c4:d8:01:c9:82:68:f4:cf:00:c3:95:bf:28:ea:25:8e:
         a0:4a:6b:cd:a9:e0:52:58:01:61:42:48:71:1b:54:3f:22:d8:
         1e:55:40:f9:09:af:80:55:4a:9b:50:02:5f:ac:74:3a:ef:8a:
         3a:c0:72:bb:6d:e9:49:88:92:59:ed:c1:9a:6c:ef:09:84:61:
         5d:53:94:ad:e3:b9:5e:1a:9c:3a:42:8c:6e:2b:52:55:ed:f2:
         eb:2a:dc:e8:be:d4:22:06:93:37:db:a6:e2:e9:b6:0e:bf:31:
         4c:9b:8c:5d:fe:07:99:73:36:f4:80:a9:96:82:49:55:4c:df:
         5c:57:63:0e:44:b1:fe:fc:92:7c:03:77:41:db:58:32:cf:6f:
         25:67:e2:eb:ff:97:0e:b6:2f:22:1f:27:df:27:ab:e4:bb:cc:
         6d:28:50:d5:23:c4:08:c5:0f:1f:ea:fb:af:c4:71:e1:a5:e1:
         30:37:59:ae:5c:c1:d2:9e:ff:fb:fa:44:36:70:87:4a:9f:b5:
         02:c7:74:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueLX1ZMeZL3BRlpkI2ntaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyM2NmOTcwOTQ1MTlhNzVhMzIzODE4MTA3NjA1NzAzM2Ix
MWU4ODQwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI2OTI1ODU1YmI4YmMwZWE0NGRjZjEzYWZkNWU1MWMzZjZjNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j2CJthNXrNPbFk+c0fgftbaCA9x
QWL1PL9UnxLO2/XXfzdntebyZ1o2mU81dyGHJFdL+TFqcYKnLuRKG2aVrrDqaR+v
Nr/X4ZRYHRFZxndEonRunzb8E+hYeS55J/N0sQaJfvcTyAH0mGNuI0dmUx+W+uZl
6xuT24ZebcEBHzomGmW+2XIt1LXyi9EdJTcyde73wxj4BOE/bVlaaBJJT0oXHSjC
6DpOc+BQHhgqs7TsDPUCDxSpBwQjlFfp9/+Ig5if3GPK+bBZu8OxoI3XnaoFgYnE
oDG3VdS7GD71CVueQJ20rz567sWQMsnEgfnKUpDX1pOfIopavYpQhR0C8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcmklhVu4vA6kTc8Tr9XlHD9scZMB8GA1UdIwQY
MBaAFHI8+XCUUZp1oyOBgQdgVwM7EeiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2p6NWNKUlJtbldqSTRHQkIyQlhBenNSNklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yNzliYmMtNTg0MC00YTIwLWJmN2Qt
MWM5YTMyNTIzMjQ0LzEvNXlhU1dGVzdpOERxUk56eE92MWVVY1AyeHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8yNzliYmMtNTg0MC00YTIwLWJmN2QtMWM5YTMyNTIzMjQ0
LzEvY2p6NWNKUlJtbldqSTRHQkIyQlhBenNSNklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucWXMA0G
CSqGSIb3DQEBCwUAA4IBAQCsw4swfOa2P7un+5iRaaGy5zSPdoguCWErWLd0EZzV
iS1045CustUunbjcc7Ez7GtXJNeWENgU78TYAcmCaPTPAMOVvyjqJY6gSmvNqeBS
WAFhQkhxG1Q/ItgeVUD5Ca+AVUqbUAJfrHQ674o6wHK7belJiJJZ7cGabO8JhGFd
U5St47leGpw6QoxuK1JV7fLrKtzovtQiBpM326bi6bYOvzFMm4xd/geZczb0gKmW
gklVTN9cV2MORLH+/JJ8A3dB21gyz28lZ+Lr/5cOti8iHyffJ6vku8xtKFDVI8QI
xQ8f6vuvxHHhpeEwN1muXMHSnv/7+kQ2cIdKn7UCx3TT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org