Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/zThAS1GNgJJd_L2EO4ip6P-j49g.roa
File:                     zThAS1GNgJJd_L2EO4ip6P-j49g.roa (raw, json)
Hash identifier:          fgy0XrH+PJDooKbCWT3Fvr1MoBuv9c4f1fqkJV24JBI=
Subject key identifier:   CD:38:40:4B:51:8D:80:92:5D:FC:BD:84:3B:88:A9:E8:FF:A3:E3:D8
Certificate issuer:       /CN=0bf275af698a207079d9b7d7fcf32815a3f6192d
Certificate serial:       01856D5CEB322E07F57ED19DE68E0E75EB4E
Authority key identifier: 0B:F2:75:AF:69:8A:20:70:79:D9:B7:D7:FC:F3:28:15:A3:F6:19:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_J1r2mKIHB52bfX_PMoFaP2GS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/zThAS1GNgJJd_L2EO4ip6P-j49g.roa
Signing time:             Sun 01 Jan 2023 12:44:44 +0000
ROA not before:           Sun 01 Jan 2023 12:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        5.1.40.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5c:eb:32:2e:07:f5:7e:d1:9d:e6:8e:0e:75:eb:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf275af698a207079d9b7d7fcf32815a3f6192d
        Validity
            Not Before: Jan  1 12:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd38404b518d80925dfcbd843b88a9e8ffa3e3d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:42:0c:0f:45:43:5a:7c:44:2a:c0:0f:0c:ab:
                    45:e1:91:4c:b5:e5:16:96:6c:b2:54:1f:4d:8e:56:
                    41:92:a9:a9:d4:44:78:40:43:6a:a8:47:5e:4f:5f:
                    42:4c:75:3d:19:f0:f7:6d:5f:ea:8e:a5:b9:b0:13:
                    c4:41:e5:e3:54:a8:fa:e8:b2:ed:2a:6e:e7:55:b0:
                    5c:89:c6:1c:ae:78:ef:c6:da:de:17:6a:58:9d:63:
                    91:f5:26:0a:d5:00:58:81:70:3f:6b:23:cf:f7:54:
                    37:43:6c:84:c1:2c:cd:62:08:8c:90:a5:74:7a:21:
                    71:e3:1c:39:8c:9b:f4:7e:29:91:0f:f4:51:0f:14:
                    ba:52:54:d5:ed:6e:1b:f5:77:fd:67:7d:77:b7:30:
                    09:ed:59:45:79:0e:49:f0:d2:6f:b1:6c:72:74:8b:
                    93:f1:54:1c:66:fb:b3:12:13:e5:31:1d:9d:0f:c3:
                    1d:ba:6a:f7:f0:55:15:de:29:a5:3f:0d:c3:95:79:
                    57:f9:f0:01:62:92:76:ab:52:a4:61:e1:e7:da:48:
                    bf:ef:b8:7a:f8:00:79:8e:e0:e6:e0:78:d4:59:5e:
                    a1:a8:04:4b:db:a6:53:88:06:8a:9e:21:5f:4c:ce:
                    4c:f5:b4:0f:c5:5f:b0:64:17:fe:78:8d:fa:1c:a1:
                    94:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:38:40:4B:51:8D:80:92:5D:FC:BD:84:3B:88:A9:E8:FF:A3:E3:D8
            X509v3 Authority Key Identifier:
                keyid:0B:F2:75:AF:69:8A:20:70:79:D9:B7:D7:FC:F3:28:15:A3:F6:19:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_J1r2mKIHB52bfX_PMoFaP2GS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/zThAS1GNgJJd_L2EO4ip6P-j49g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/C_J1r2mKIHB52bfX_PMoFaP2GS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.1.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:dc:54:ed:65:88:58:e0:60:f5:43:97:9c:4d:ce:c8:4e:c0:
         11:d9:e3:40:da:92:9d:5f:0a:9c:b4:33:66:02:06:9a:4f:3b:
         11:94:c0:66:9e:8d:c3:f9:e3:03:e0:44:54:23:92:62:b2:42:
         8e:91:e9:24:95:84:b1:1a:c2:64:c2:1e:70:3d:0d:97:a3:9d:
         41:00:a7:30:dd:dc:1a:e2:fd:cd:37:46:01:c4:45:fb:97:47:
         5f:b4:af:ac:c1:97:89:07:58:24:88:75:65:24:b1:4a:42:69:
         01:46:d2:d4:18:2f:f1:51:59:53:18:c6:af:62:ce:e5:23:db:
         7a:e3:f3:52:62:d6:04:91:d0:83:ce:d7:c0:fe:de:1f:4f:aa:
         9b:43:71:db:67:d7:7a:c0:50:c0:ff:a5:73:0a:8c:2f:ee:d9:
         88:ef:e5:4e:0b:8e:13:6a:80:3a:43:21:13:5a:95:3b:70:e8:
         6b:59:16:41:55:38:f4:82:f1:38:7d:fc:5a:b8:78:68:89:12:
         b1:5a:50:b5:cb:9c:ce:4b:41:8b:76:1f:d1:bb:fc:d9:e7:0c:
         00:95:58:41:40:30:e9:61:f9:7a:a5:09:0c:34:99:e8:80:aa:
         87:7c:5e:1f:ad:eb:5f:d5:37:c7:da:f0:b0:ae:0a:c6:e1:0a:
         3b:75:b5:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXOsyLgf1ftGd5o4OdetOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjI3NWFmNjk4YTIwNzA3OWQ5YjdkN2ZjZjMyODE1YTNm
NjE5MmQwHhcNMjMwMTAxMTI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDM4NDA0YjUxOGQ4MDkyNWRmY2JkODQzYjg4YTllOGZmYTNlM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0IMD0VDWnxEKsAPDKtF4ZFMteUW
lmyyVB9NjlZBkqmp1ER4QENqqEdeT19CTHU9GfD3bV/qjqW5sBPEQeXjVKj66LLt
Km7nVbBcicYcrnjvxtreF2pYnWOR9SYK1QBYgXA/ayPP91Q3Q2yEwSzNYgiMkKV0
eiFx4xw5jJv0fimRD/RRDxS6UlTV7W4b9Xf9Z313tzAJ7VlFeQ5J8NJvsWxydIuT
8VQcZvuzEhPlMR2dD8Mdumr38FUV3imlPw3DlXlX+fABYpJ2q1KkYeHn2ki/77h6
+AB5juDm4HjUWV6hqARL26ZTiAaKniFfTM5M9bQPxV+wZBf+eI36HKGUswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM04QEtRjYCSXfy9hDuIqej/o+PYMB8GA1UdIwQY
MBaAFAvyda9piiBwedm31/zzKBWj9hktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19KMXIybUtJSEI1MmJmWF9QTW9GYVAyR1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84YzBjODItMTk1OS00MWFhLWE4Mjct
MDZlODY0ZGZlMjUzLzEvelRoQVMxR05nSkpkX0wyRU80aXA2UC1qNDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84YzBjODItMTk1OS00MWFhLWE4MjctMDZlODY0ZGZlMjUz
LzEvQ19KMXIybUtJSEI1MmJmWF9QTW9GYVAyR1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQEoMA0G
CSqGSIb3DQEBCwUAA4IBAQAO3FTtZYhY4GD1Q5ecTc7ITsAR2eNA2pKdXwqctDNm
AgaaTzsRlMBmno3D+eMD4ERUI5JiskKOkekklYSxGsJkwh5wPQ2Xo51BAKcw3dwa
4v3NN0YBxEX7l0dftK+swZeJB1gkiHVlJLFKQmkBRtLUGC/xUVlTGMavYs7lI9t6
4/NSYtYEkdCDztfA/t4fT6qbQ3HbZ9d6wFDA/6VzCowv7tmI7+VOC44TaoA6QyET
WpU7cOhrWRZBVTj0gvE4ffxauHhoiRKxWlC1y5zOS0GLdh/Ru/zZ5wwAlVhBQDDp
Yfl6pQkMNJnogKqHfF4fretf1TfH2vCwrgrG4Qo7dbVM
-----END CERTIFICATE-----
Generated at Fri Nov 10 16:59:58 2023 by rpki-client on console-fra.rpki-client.org