Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/48abfc-dc94-482e-b5d1-cef9afdaf3c3/1/o9iiU3wPcAXQ-BoRPXJMc2I5NTo.roa
File:                     o9iiU3wPcAXQ-BoRPXJMc2I5NTo.roa (raw, json)
Hash identifier:          nR8Z+Qv+pArZPIOwOoqWt7X9e5El8Z4tTWfSetr5PKk=
Subject key identifier:   A3:D8:A2:53:7C:0F:70:05:D0:F8:1A:11:3D:72:4C:73:62:39:35:3A
Certificate issuer:       /CN=586b35b86d7c326c90ececb2294647e223bd2858
Certificate serial:       625FF4
Authority key identifier: 58:6B:35:B8:6D:7C:32:6C:90:EC:EC:B2:29:46:47:E2:23:BD:28:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WGs1uG18MmyQ7OyyKUZH4iO9KFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/48abfc-dc94-482e-b5d1-cef9afdaf3c3/1/o9iiU3wPcAXQ-BoRPXJMc2I5NTo.roa
Signing time:             Sat 01 Jan 2022 03:02:43 +0000
ROA not before:           Sat 01 Jan 2022 03:02:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202790
IP address blocks:        212.18.121.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6447092 (0x625ff4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=586b35b86d7c326c90ececb2294647e223bd2858
        Validity
            Not Before: Jan  1 03:02:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3d8a2537c0f7005d0f81a113d724c736239353a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6d:ed:82:5f:25:54:f9:03:de:27:a6:45:4b:
                    57:c9:15:be:db:57:8e:9c:c2:cd:f6:79:df:ba:fc:
                    e6:e9:07:37:a1:b4:93:6e:15:c6:12:3f:69:0e:aa:
                    06:ac:b8:32:58:20:83:c7:bb:fa:13:57:25:53:aa:
                    43:d2:f8:d3:7c:47:9e:04:16:15:96:1f:00:4f:25:
                    46:0c:18:e5:1b:1b:15:47:40:67:80:e0:c4:a0:94:
                    a0:70:fb:52:f3:c2:8d:a0:4d:39:1a:b9:ed:61:9c:
                    bc:39:49:d3:a6:9f:0a:cf:b8:1d:e8:38:0d:ff:de:
                    9f:d0:24:5d:98:b3:9f:d6:d2:ea:af:74:da:52:12:
                    5c:ad:64:0e:00:13:51:f3:59:9c:82:06:b4:59:52:
                    aa:87:bc:84:2b:e0:7d:e9:fb:74:e7:23:59:95:21:
                    d5:93:14:04:4c:e2:72:48:af:1d:98:8f:d9:68:3a:
                    97:3c:9e:98:58:81:6f:b7:e6:22:ea:86:ce:f2:00:
                    91:3d:17:44:dd:1a:a0:69:2a:fa:bc:53:c6:6f:c6:
                    4b:d2:99:12:cf:38:29:37:99:17:c3:e3:1c:1c:0c:
                    a7:54:af:b9:0d:28:03:da:63:09:4c:88:09:b6:ac:
                    7c:66:b4:7b:e2:99:59:76:cf:95:ad:f5:0f:68:07:
                    ef:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D8:A2:53:7C:0F:70:05:D0:F8:1A:11:3D:72:4C:73:62:39:35:3A
            X509v3 Authority Key Identifier:
                keyid:58:6B:35:B8:6D:7C:32:6C:90:EC:EC:B2:29:46:47:E2:23:BD:28:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGs1uG18MmyQ7OyyKUZH4iO9KFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/48abfc-dc94-482e-b5d1-cef9afdaf3c3/1/o9iiU3wPcAXQ-BoRPXJMc2I5NTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/48abfc-dc94-482e-b5d1-cef9afdaf3c3/1/WGs1uG18MmyQ7OyyKUZH4iO9KFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:38:2a:98:bf:71:88:c1:17:8d:a5:d7:3c:47:f9:6b:88:15:
         75:db:6b:fc:80:29:28:bf:4e:37:00:91:28:c7:48:c0:27:20:
         e8:34:19:da:bd:3a:0a:86:f7:e5:62:fc:0b:df:90:dd:d6:90:
         d9:76:82:f6:d5:82:63:73:fa:e8:7f:ef:91:cc:1e:2f:ec:da:
         19:93:e1:18:78:59:d0:ce:7e:09:9a:9d:0e:ac:f0:42:da:d8:
         78:8f:20:92:3e:7a:02:1d:96:64:c4:40:d0:1b:b3:aa:0a:6f:
         3d:0a:16:cb:a5:29:95:5c:e0:6f:14:2a:0d:b8:06:06:18:89:
         6e:78:1c:30:2f:cd:75:dd:1b:10:b7:5c:4c:7b:5b:11:96:dc:
         d5:c7:bd:24:58:92:09:98:80:e9:81:48:12:4a:8b:9f:d3:1b:
         d5:8f:8a:e8:74:b2:62:17:6c:dd:4e:f1:52:50:47:14:20:ee:
         b3:17:79:1c:48:8f:1e:f4:7a:bb:e6:a9:da:ba:ad:35:0a:4a:
         09:c0:9f:9e:6d:06:c9:ec:33:a3:3f:c7:65:51:d8:c5:4f:96:
         a4:3f:be:06:18:61:83:61:d1:15:67:71:20:df:49:3c:52:6d:
         d6:ec:e6:ce:da:0e:b3:6c:44:f2:5e:9a:09:0d:23:fd:50:24:
         e0:45:58:23
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDYl/0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU4
NmIzNWI4NmQ3YzMyNmM5MGVjZWNiMjI5NDY0N2UyMjNiZDI4NTgwHhcNMjIwMTAx
MDMwMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhM2Q4YTI1MzdjMGY3
MDA1ZDBmODFhMTEzZDcyNGM3MzYyMzkzNTNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv23tgl8lVPkD3iemRUtXyRW+21eOnMLN9nnfuvzm6Qc3obST
bhXGEj9pDqoGrLgyWCCDx7v6E1clU6pD0vjTfEeeBBYVlh8ATyVGDBjlGxsVR0Bn
gODEoJSgcPtS88KNoE05GrntYZy8OUnTpp8Kz7gd6DgN/96f0CRdmLOf1tLqr3Ta
UhJcrWQOABNR81mcgga0WVKqh7yEK+B96ft05yNZlSHVkxQETOJySK8dmI/ZaDqX
PJ6YWIFvt+Yi6obO8gCRPRdE3RqgaSr6vFPGb8ZL0pkSzzgpN5kXw+McHAynVK+5
DSgD2mMJTIgJtqx8ZrR74plZds+VrfUPaAfvKQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKPYolN8D3AF0PgaET1yTHNiOTU6MB8GA1UdIwQYMBaAFFhrNbhtfDJskOzs
silGR+IjvShYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
V0dzMXVHMThNbXlRN095eUtVWkg0aU85S0ZnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNS80OGFiZmMtZGM5NC00ODJlLWI1ZDEtY2VmOWFmZGFmM2MzLzEv
bzlpaVUzd1BjQVhRLUJvUlBYSk1jMkk1TlRvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS80
OGFiZmMtZGM5NC00ODJlLWI1ZDEtY2VmOWFmZGFmM2MzLzEvV0dzMXVHMThNbXlR
N095eUtVWkg0aU85S0ZnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJ5MA0GCSqGSIb3DQEBCwUAA4IB
AQCrOCqYv3GIwReNpdc8R/lriBV122v8gCkov043AJEox0jAJyDoNBnavToKhvfl
YvwL35Dd1pDZdoL21YJjc/rof++RzB4v7NoZk+EYeFnQzn4Jmp0OrPBC2th4jyCS
PnoCHZZkxEDQG7OqCm89ChbLpSmVXOBvFCoNuAYGGIlueBwwL8113RsQt1xMe1sR
ltzVx70kWJIJmIDpgUgSSouf0xvVj4rodLJiF2zdTvFSUEcUIO6zF3kcSI8e9Hq7
5qnauq01CkoJwJ+ebQbJ7DOjP8dlUdjFT5akP74GGGGDYdEVZ3Eg30k8Um3W7ObO
2g6zbETyXpoJDSP9UCTgRVgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:47 2024 by rpki-client on console-ams.rpki-client.org