Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/tsuuNnLzuUzjLpBi4OaLMOkMTNE.roa
File:                     tsuuNnLzuUzjLpBi4OaLMOkMTNE.roa (raw, json)
Hash identifier:          aeSWKS/lxIJRARjJgyNKP7yxLU4MciVeV1O5N8LzICk=
Subject key identifier:   B6:CB:AE:36:72:F3:B9:4C:E3:2E:90:62:E0:E6:8B:30:E9:0C:4C:D1
Certificate issuer:       /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial:       018743BC1ABD1F8F4D7AA1546119F6A90B7D
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/tsuuNnLzuUzjLpBi4OaLMOkMTNE.roa
Signing time:             Sun 02 Apr 2023 20:50:13 +0000
ROA not before:           Sun 02 Apr 2023 20:50:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53667
IP address blocks:        2a07:d941::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:43:bc:1a:bd:1f:8f:4d:7a:a1:54:61:19:f6:a9:0b:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
        Validity
            Not Before: Apr  2 20:50:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6cbae3672f3b94ce32e9062e0e68b30e90c4cd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d4:dc:1a:0c:50:75:38:ea:c9:21:33:30:40:
                    03:e9:f4:11:dd:d1:68:60:25:b1:e1:e9:7f:da:e0:
                    29:19:e6:4f:e8:e9:ee:82:94:80:4e:03:42:68:19:
                    eb:29:fe:c8:12:ee:12:dc:c9:62:39:3c:91:a1:db:
                    d5:3e:4e:06:ca:19:62:b0:fc:7a:f1:37:9c:c2:44:
                    eb:32:90:ac:b9:fd:0d:39:76:b3:96:b2:93:c8:04:
                    22:df:23:64:8d:01:67:3d:35:99:b9:d4:07:cc:e6:
                    49:83:0f:43:30:2d:43:46:b8:c1:49:73:a7:72:9a:
                    4b:a3:03:c9:90:7c:e2:1d:66:9b:a1:93:b8:bf:e1:
                    e8:1c:72:1d:47:ff:92:c2:09:52:d9:2e:f9:f8:4d:
                    f0:fa:69:a8:d4:02:df:78:94:3c:9a:7b:ef:69:b8:
                    21:02:29:34:20:2d:ea:00:84:b5:99:d5:77:17:f1:
                    42:60:3a:c3:98:9d:ce:08:14:42:33:fa:a3:3d:d3:
                    ab:2d:40:a8:14:f9:49:f7:76:92:77:8b:ab:82:d4:
                    bd:3e:38:7b:9c:b7:31:7c:ec:0d:77:b6:99:2a:f3:
                    ae:c1:37:46:04:c9:80:57:9d:81:aa:70:a4:dc:ae:
                    71:cf:28:cc:df:a4:76:aa:c0:d4:f8:77:c4:c8:a4:
                    37:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:CB:AE:36:72:F3:B9:4C:E3:2E:90:62:E0:E6:8B:30:E9:0C:4C:D1
            X509v3 Authority Key Identifier:
                keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/tsuuNnLzuUzjLpBi4OaLMOkMTNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:d941::/32

    Signature Algorithm: sha256WithRSAEncryption
         ab:ca:35:27:71:a2:57:d7:86:9b:98:5c:53:64:ae:0d:d8:4f:
         78:75:fe:b4:08:d0:ac:f3:d6:94:8c:6e:4e:14:0d:83:94:49:
         c0:02:74:ad:0a:71:96:89:e8:67:1f:95:0f:76:6d:ae:f7:e2:
         8d:5a:9f:b2:08:f2:a9:3b:93:a5:9e:bd:aa:79:32:82:d6:5d:
         79:e4:cb:f0:d0:84:dc:de:51:80:84:99:80:94:34:27:b3:3d:
         48:4f:08:3d:2f:62:df:d8:37:20:a2:f9:72:6b:e1:13:df:3f:
         a3:ee:7e:2e:ae:33:d8:1a:80:77:f7:b8:2c:32:6b:d4:78:92:
         e9:93:8e:48:42:a4:b6:09:3f:45:b4:93:8b:41:22:73:53:b6:
         b4:55:0c:28:42:a0:2c:99:8c:73:e5:ae:a2:7f:e3:c3:2b:22:
         ca:21:0f:a4:a0:62:3b:e4:79:fc:aa:7e:74:b5:a6:16:fc:ce:
         26:79:7e:46:e8:2a:27:f4:47:e5:fd:0f:2c:c9:0d:30:06:e9:
         97:4e:3b:d7:e3:00:bb:84:e1:2d:3f:bd:85:e5:46:91:3e:8b:
         6d:75:7b:65:1a:94:75:13:a9:10:a1:8b:92:ed:ae:23:20:fc:
         89:8c:c9:8c:1e:6b:71:3e:7e:0c:93:59:0b:ef:62:ec:1d:8c:
         40:f0:49:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdDvBq9H49NeqFUYRn2qQt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDRjZGNkYzExNTljMzFlZWRiMjRjYzdhYzhiMjYyYjc1
NjIyN2MwHhcNMjMwNDAyMjA1MDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmNiYWUzNjcyZjNiOTRjZTMyZTkwNjJlMGU2OGIzMGU5MGM0Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tTcGgxQdTjqySEzMEAD6fQR3dFo
YCWx4el/2uApGeZP6OnugpSATgNCaBnrKf7IEu4S3MliOTyRodvVPk4GyhlisPx6
8TecwkTrMpCsuf0NOXazlrKTyAQi3yNkjQFnPTWZudQHzOZJgw9DMC1DRrjBSXOn
cppLowPJkHziHWaboZO4v+HoHHIdR/+SwglS2S75+E3w+mmo1ALfeJQ8mnvvabgh
Aik0IC3qAIS1mdV3F/FCYDrDmJ3OCBRCM/qjPdOrLUCoFPlJ93aSd4urgtS9Pjh7
nLcxfOwNd7aZKvOuwTdGBMmAV52BqnCk3K5xzyjM36R2qsDU+HfEyKQ3cwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLbLrjZy87lM4y6QYuDmizDpDEzRMB8GA1UdIwQY
MBaAFJoEzc3BFZwx7tskzHrIsmK3ViJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMt
NDRjMTY2MDE0NjEyLzEvdHN1dU5uTHp1VXpqTHBCaTRPYUxNT2tNVE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMtNDRjMTY2MDE0NjEy
LzEvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfZQTAN
BgkqhkiG9w0BAQsFAAOCAQEAq8o1J3GiV9eGm5hcU2SuDdhPeHX+tAjQrPPWlIxu
ThQNg5RJwAJ0rQpxlonoZx+VD3ZtrvfijVqfsgjyqTuTpZ69qnkygtZdeeTL8NCE
3N5RgISZgJQ0J7M9SE8IPS9i39g3IKL5cmvhE98/o+5+Lq4z2BqAd/e4LDJr1HiS
6ZOOSEKktgk/RbSTi0Eic1O2tFUMKEKgLJmMc+Wuon/jwysiyiEPpKBiO+R5/Kp+
dLWmFvzOJnl+RugqJ/RH5f0PLMkNMAbpl0471+MAu4ThLT+9heVGkT6LbXV7ZRqU
dROpEKGLku2uIyD8iYzJjB5rcT5+DJNZC+9i7B2MQPBJJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org