Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/wQL3MB5YFsnQ66hxXqZd--miW_s.roa
File:                     wQL3MB5YFsnQ66hxXqZd--miW_s.roa (raw, json)
Hash identifier:          6DWLPsgMr/QknsrGxoCAyAUCIerZd34izgBcxD0tIYY=
Subject key identifier:   C1:02:F7:30:1E:58:16:C9:D0:EB:A8:71:5E:A6:5D:FB:E9:A2:5B:FB
Certificate issuer:       /CN=723cf97094519a75a3238181076057033b11e884
Certificate serial:       01856E78B70047B64DF8270732567C480E36
Authority key identifier: 72:3C:F9:70:94:51:9A:75:A3:23:81:81:07:60:57:03:3B:11:E8:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/wQL3MB5YFsnQ66hxXqZd--miW_s.roa
Signing time:             Sun 01 Jan 2023 17:54:42 +0000
ROA not before:           Sun 01 Jan 2023 17:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:9480::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:78:b7:00:47:b6:4d:f8:27:07:32:56:7c:48:0e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=723cf97094519a75a3238181076057033b11e884
        Validity
            Not Before: Jan  1 17:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c102f7301e5816c9d0eba8715ea65dfbe9a25bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:be:fd:07:ea:c4:40:e6:fd:25:03:94:ea:3f:
                    11:b6:76:e2:f6:ec:e9:ff:ce:d9:97:3b:4d:59:df:
                    b9:53:d8:2b:f7:60:9b:05:73:84:1f:62:54:e3:24:
                    6b:51:15:1b:b1:b1:23:fa:79:07:b5:2e:2f:b9:58:
                    22:c2:96:58:75:48:27:02:18:a3:ed:98:f5:3f:47:
                    5f:2f:b4:36:f3:e8:c1:b3:c5:96:10:ff:5c:6b:d6:
                    65:14:fa:c1:8f:7b:ef:ff:b0:a6:ee:0a:3e:89:04:
                    6b:78:66:15:07:48:a0:cc:f8:eb:c2:1b:7f:ef:5b:
                    90:9a:1d:54:87:05:eb:e6:aa:2c:78:8b:b4:ab:6b:
                    49:81:2d:ff:cf:5b:ba:01:ad:39:73:fe:08:5d:29:
                    75:52:82:3c:e7:31:1c:df:d5:dd:fa:5e:bd:f3:f9:
                    36:35:70:09:d6:20:b9:ec:dc:21:ba:11:6a:e1:c6:
                    79:4d:b3:45:5d:da:20:23:4e:c8:4a:aa:90:cb:f9:
                    2d:89:10:64:67:66:f1:9d:7d:94:9d:5a:45:db:dc:
                    d4:cb:b9:aa:b1:38:1c:68:c8:23:e7:cb:2d:8e:d3:
                    c1:2c:d1:86:c8:f5:4d:a5:40:67:45:57:e9:38:41:
                    e6:92:e0:3a:b1:28:d9:1a:60:99:26:ec:d2:c4:49:
                    7b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:02:F7:30:1E:58:16:C9:D0:EB:A8:71:5E:A6:5D:FB:E9:A2:5B:FB
            X509v3 Authority Key Identifier:
                keyid:72:3C:F9:70:94:51:9A:75:A3:23:81:81:07:60:57:03:3B:11:E8:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/wQL3MB5YFsnQ66hxXqZd--miW_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/279bbc-5840-4a20-bf7d-1c9a32523244/1/cjz5cJRRmnWjI4GBB2BXAzsR6IQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:9480::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:de:04:fc:13:7f:3d:80:97:23:4d:50:98:3a:de:4c:80:4e:
         9f:78:0e:94:ab:59:c4:69:4b:16:ef:70:3b:2d:d3:51:bd:df:
         5a:bc:aa:73:8b:83:6f:52:e5:96:85:d5:cf:22:d9:74:ed:73:
         b6:b5:75:11:a4:3f:03:31:21:ab:93:18:b9:5e:09:a8:04:d4:
         b2:36:d4:18:fb:20:f4:df:dd:e1:fe:ea:6b:02:b5:19:1a:94:
         c3:1b:e5:71:3c:d1:dc:22:f4:94:23:e3:85:30:88:1c:60:aa:
         cf:5f:c3:26:dd:2b:6f:cb:0e:06:a9:24:68:66:8f:be:3f:4c:
         1b:34:02:1f:23:4f:62:4c:8b:56:9e:54:b8:e5:9e:d0:7c:3b:
         18:9d:fd:a8:3f:2c:0f:71:0f:cf:53:a7:4d:b9:b0:1d:6b:dd:
         01:ba:31:14:92:74:de:5a:3d:b5:20:da:2c:28:f5:30:10:92:
         f2:56:a4:05:b9:fc:c3:82:71:85:27:57:b4:16:e4:81:b3:0a:
         bf:c4:9d:e6:ad:a6:5a:d2:f3:f2:fd:0f:8c:9d:47:c6:5b:e2:
         c8:71:e7:86:cf:90:b3:32:8f:d9:d1:aa:20:10:7f:3b:b7:e4:
         08:18:4c:8f:1d:08:30:7e:1b:a4:48:c2:93:f7:b0:89:bc:8f:
         42:15:ec:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVueLcAR7ZN+CcHMlZ8SA42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyM2NmOTcwOTQ1MTlhNzVhMzIzODE4MTA3NjA1NzAzM2Ix
MWU4ODQwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTAyZjczMDFlNTgxNmM5ZDBlYmE4NzE1ZWE2NWRmYmU5YTI1YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu779B+rEQOb9JQOU6j8Rtnbi9uzp
/87ZlztNWd+5U9gr92CbBXOEH2JU4yRrURUbsbEj+nkHtS4vuVgiwpZYdUgnAhij
7Zj1P0dfL7Q28+jBs8WWEP9ca9ZlFPrBj3vv/7Cm7go+iQRreGYVB0igzPjrwht/
71uQmh1UhwXr5qoseIu0q2tJgS3/z1u6Aa05c/4IXSl1UoI85zEc39Xd+l698/k2
NXAJ1iC57NwhuhFq4cZ5TbNFXdogI07ISqqQy/ktiRBkZ2bxnX2UnVpF29zUy7mq
sTgcaMgj58stjtPBLNGGyPVNpUBnRVfpOEHmkuA6sSjZGmCZJuzSxEl7VQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMEC9zAeWBbJ0OuocV6mXfvpolv7MB8GA1UdIwQY
MBaAFHI8+XCUUZp1oyOBgQdgVwM7EeiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2p6NWNKUlJtbldqSTRHQkIyQlhBenNSNklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yNzliYmMtNTg0MC00YTIwLWJmN2Qt
MWM5YTMyNTIzMjQ0LzEvd1FMM01CNVlGc25RNjZoeFhxWmQtLW1pV19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8yNzliYmMtNTg0MC00YTIwLWJmN2QtMWM5YTMyNTIzMjQ0
LzEvY2p6NWNKUlJtbldqSTRHQkIyQlhBenNSNklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGUgDAN
BgkqhkiG9w0BAQsFAAOCAQEAg94E/BN/PYCXI01QmDreTIBOn3gOlKtZxGlLFu9w
Oy3TUb3fWryqc4uDb1LlloXVzyLZdO1ztrV1EaQ/AzEhq5MYuV4JqATUsjbUGPsg
9N/d4f7qawK1GRqUwxvlcTzR3CL0lCPjhTCIHGCqz1/DJt0rb8sOBqkkaGaPvj9M
GzQCHyNPYkyLVp5UuOWe0Hw7GJ39qD8sD3EPz1OnTbmwHWvdAboxFJJ03lo9tSDa
LCj1MBCS8lakBbn8w4JxhSdXtBbkgbMKv8Sd5q2mWtLz8v0PjJ1HxlviyHHnhs+Q
szKP2dGqIBB/O7fkCBhMjx0IMH4bpEjCk/ewibyPQhXs6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:19 2024 by rpki-client on console-ams.rpki-client.org