Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/6EYLY7c3mQktjWHgNpqATMnVqQQ.roa
File:                     6EYLY7c3mQktjWHgNpqATMnVqQQ.roa (raw, json)
Hash identifier:          q/cL2zeBEPH7wMyn8ofQPF8XAVty+uOgQGKsxGnfl/A=
Subject key identifier:   E8:46:0B:63:B7:37:99:09:2D:8D:61:E0:36:9A:80:4C:C9:D5:A9:04
Certificate issuer:       /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial:       0189D5D1B7EFC1D1CFD5D1C0032E9F25DFE2
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/6EYLY7c3mQktjWHgNpqATMnVqQQ.roa
Signing time:             Tue 08 Aug 2023 15:43:58 +0000
ROA not before:           Tue 08 Aug 2023 15:43:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49532
IP address blocks:        45.156.220.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d5:d1:b7:ef:c1:d1:cf:d5:d1:c0:03:2e:9f:25:df:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
        Validity
            Not Before: Aug  8 15:43:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8460b63b73799092d8d61e0369a804cc9d5a904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e2:b8:9d:57:d0:1c:b1:2f:c1:84:6a:a8:80:
                    6a:fa:d5:01:58:a1:3e:ee:d5:7b:f6:67:57:a3:bc:
                    27:26:65:10:74:ec:e9:a6:04:00:2d:66:c5:5d:ae:
                    9a:8a:3c:49:4e:ee:bd:f1:ec:c8:09:64:33:95:ef:
                    05:dc:d9:7e:85:99:0f:af:27:ba:9f:39:9f:3f:51:
                    46:85:5b:a1:3c:36:eb:e5:d8:e3:37:1d:a1:4b:8d:
                    0f:9e:a1:af:c7:4a:28:09:55:52:b0:9a:90:49:d4:
                    35:b8:fc:ef:b5:7e:bd:e9:f6:14:9d:65:a0:0f:9a:
                    31:35:11:19:b2:ba:83:ba:e2:5b:0d:6e:b8:ca:99:
                    72:3e:48:df:52:56:92:eb:23:ab:77:64:c7:a4:d9:
                    7b:bd:de:2b:67:19:7e:da:55:33:4e:b0:da:be:cd:
                    00:ce:03:c6:ff:82:6b:88:fe:93:57:87:21:cf:e5:
                    aa:6e:72:57:b5:99:86:46:23:d2:14:ae:2a:10:6b:
                    fd:94:83:4b:b9:33:ab:61:3e:91:ce:ca:82:08:d6:
                    e2:97:7d:a5:0e:ee:bb:61:b7:94:5e:b1:d3:43:8c:
                    b5:8c:8d:6c:d2:09:96:13:55:00:e1:83:80:33:f3:
                    21:8d:09:77:dc:5d:e6:aa:d1:31:0b:7a:f7:63:fa:
                    9f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:46:0B:63:B7:37:99:09:2D:8D:61:E0:36:9A:80:4C:C9:D5:A9:04
            X509v3 Authority Key Identifier:
                keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/6EYLY7c3mQktjWHgNpqATMnVqQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:f1:cc:03:d3:bc:0e:79:e0:d9:64:86:6d:07:b0:60:fa:de:
         d2:9a:3a:fa:5b:b9:ed:67:31:ea:a5:8f:66:42:c3:c7:55:eb:
         aa:df:6e:91:f2:af:81:f6:f2:75:1e:49:5f:73:8b:0c:5d:87:
         4c:9d:1f:8a:d1:a6:53:01:2c:c7:61:0d:48:ce:e4:d5:d6:4f:
         6e:75:dd:87:ef:64:21:92:4c:f7:ac:5d:e8:a0:17:91:d7:12:
         ca:b8:f1:88:48:73:aa:f4:9a:5d:0d:4a:14:32:90:f7:99:8d:
         cd:0c:7f:38:fc:85:e3:78:3a:68:cd:bd:86:91:76:90:55:5f:
         e2:13:e0:39:55:67:ee:2b:8a:64:02:47:de:71:41:ab:f9:80:
         68:25:e1:36:d9:1b:63:74:75:b8:9e:b4:eb:ad:fb:f8:2a:ea:
         d6:ac:72:e0:bd:e4:bc:29:84:57:a8:c8:02:64:80:0a:d4:bc:
         d6:32:bd:92:d2:74:4a:9f:9a:a8:6a:64:22:ea:8b:d4:dd:b6:
         5f:70:10:a7:4d:5f:0c:1c:a6:a0:fa:0c:4a:ee:35:c4:45:dd:
         b8:08:af:7b:6a:72:48:ad:31:ac:a0:13:8c:88:40:55:e3:be:
         4a:b2:b0:ef:89:0d:29:5c:a7:45:f8:58:29:3a:c5:29:93:f9:
         17:a7:9f:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnV0bfvwdHP1dHAAy6fJd/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwODA4MTU0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQ2MGI2M2I3Mzc5OTA5MmQ4ZDYxZTAzNjlhODA0Y2M5ZDVhOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOK4nVfQHLEvwYRqqIBq+tUBWKE+
7tV79mdXo7wnJmUQdOzppgQALWbFXa6aijxJTu698ezICWQzle8F3Nl+hZkPrye6
nzmfP1FGhVuhPDbr5djjNx2hS40PnqGvx0ooCVVSsJqQSdQ1uPzvtX696fYUnWWg
D5oxNREZsrqDuuJbDW64yplyPkjfUlaS6yOrd2THpNl7vd4rZxl+2lUzTrDavs0A
zgPG/4JriP6TV4chz+WqbnJXtZmGRiPSFK4qEGv9lINLuTOrYT6RzsqCCNbil32l
Du67YbeUXrHTQ4y1jI1s0gmWE1UA4YOAM/MhjQl33F3mqtExC3r3Y/qfPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOhGC2O3N5kJLY1h4DaagEzJ1akEMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvNkVZTFk3YzNtUWt0aldIZ05wcUFUTW5WcVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZzcMA0G
CSqGSIb3DQEBCwUAA4IBAQCA8cwD07wOeeDZZIZtB7Bg+t7Smjr6W7ntZzHqpY9m
QsPHVeuq326R8q+B9vJ1Hklfc4sMXYdMnR+K0aZTASzHYQ1IzuTV1k9udd2H72Qh
kkz3rF3ooBeR1xLKuPGISHOq9JpdDUoUMpD3mY3NDH84/IXjeDpozb2GkXaQVV/i
E+A5VWfuK4pkAkfecUGr+YBoJeE22RtjdHW4nrTrrfv4KurWrHLgveS8KYRXqMgC
ZIAK1LzWMr2S0nRKn5qoamQi6ovU3bZfcBCnTV8MHKag+gxK7jXERd24CK97anJI
rTGsoBOMiEBV475KsrDviQ0pXKdF+FgpOsUpk/kXp59G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org