Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/310bec-44c2-4a5b-8bc7-c9e551449a4f/1/pav6PD5_VrY3JJPeNxpnBTusRxM.roa
File:                     pav6PD5_VrY3JJPeNxpnBTusRxM.roa (raw, json)
Hash identifier:          bCWLpeUlIx+Rapa5etT/WQLd2SBYdcKyl1CjyJHQ6NU=
Subject key identifier:   A5:AB:FA:3C:3E:7F:56:B6:37:24:93:DE:37:1A:67:05:3B:AC:47:13
Certificate issuer:       /CN=290fe0b85cd3b7c539ab13e4eaea5f237c815549
Certificate serial:       755338
Authority key identifier: 29:0F:E0:B8:5C:D3:B7:C5:39:AB:13:E4:EA:EA:5F:23:7C:81:55:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQ_guFzTt8U5qxPk6upfI3yBVUk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/310bec-44c2-4a5b-8bc7-c9e551449a4f/1/pav6PD5_VrY3JJPeNxpnBTusRxM.roa
Signing time:             Sat 01 Jan 2022 00:51:38 +0000
ROA not before:           Sat 01 Jan 2022 00:51:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        212.52.10.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7689016 (0x755338)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=290fe0b85cd3b7c539ab13e4eaea5f237c815549
        Validity
            Not Before: Jan  1 00:51:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5abfa3c3e7f56b6372493de371a67053bac4713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:98:fe:7a:28:a8:05:21:cf:28:66:b1:27:07:
                    89:6a:22:f0:c7:1b:c0:0a:6e:d7:52:c5:48:96:00:
                    bc:1e:9b:2e:0d:5b:c8:10:bc:a7:77:aa:e0:d8:24:
                    ee:db:0a:76:a1:cd:b6:7a:04:20:9a:90:13:21:7e:
                    bf:99:ab:ce:b6:26:a2:c4:df:94:5d:04:b2:cd:9b:
                    ee:2c:1e:29:16:ae:a9:8a:c5:2c:38:07:3b:a8:a7:
                    02:0b:14:b1:b1:50:5e:80:f7:b3:19:46:f2:94:f5:
                    79:af:c1:1e:dc:77:37:e2:aa:cc:b4:2d:52:11:64:
                    cb:a2:27:c0:7f:ea:f6:22:46:08:78:62:bd:79:7c:
                    73:eb:95:bd:b0:95:b6:c3:2e:56:ca:4f:c6:75:97:
                    0c:d0:7d:71:a9:fd:1f:d7:16:eb:c7:10:4a:c0:0f:
                    a9:9e:08:49:ce:da:ef:02:58:70:09:62:05:dc:c8:
                    ed:6d:58:a8:78:ba:74:51:fa:70:3b:51:18:63:ce:
                    a0:97:bf:3b:65:b3:03:89:03:bc:84:04:a2:62:f3:
                    50:42:58:53:b5:eb:b4:d7:9f:e3:cf:64:6e:1f:d6:
                    eb:0f:a2:28:62:9c:d0:37:99:fc:fe:2f:6e:f0:13:
                    ba:41:10:78:88:8d:fa:fa:13:21:b3:68:a1:80:e5:
                    9e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:AB:FA:3C:3E:7F:56:B6:37:24:93:DE:37:1A:67:05:3B:AC:47:13
            X509v3 Authority Key Identifier:
                keyid:29:0F:E0:B8:5C:D3:B7:C5:39:AB:13:E4:EA:EA:5F:23:7C:81:55:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQ_guFzTt8U5qxPk6upfI3yBVUk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/310bec-44c2-4a5b-8bc7-c9e551449a4f/1/pav6PD5_VrY3JJPeNxpnBTusRxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/310bec-44c2-4a5b-8bc7-c9e551449a4f/1/KQ_guFzTt8U5qxPk6upfI3yBVUk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.52.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:00:97:ab:eb:41:c4:b2:5b:46:9f:0c:e0:42:23:9a:94:d5:
         be:a0:9a:d4:85:76:48:e4:b0:bb:79:da:a4:9c:b8:35:84:0d:
         eb:d7:5b:a4:24:73:13:d7:f4:cc:c9:ed:ef:6c:ae:90:8b:14:
         87:d1:16:0b:fa:8a:f4:03:12:1d:e7:e8:4d:b5:c9:42:32:e5:
         c7:1d:52:60:e4:2d:15:c4:9b:da:11:09:c0:7d:47:5a:8e:be:
         46:10:ec:2b:28:56:f6:63:02:c9:77:60:7b:00:d7:93:51:ec:
         e1:8b:ca:c8:22:ea:9f:2b:90:aa:f5:5c:05:9d:17:8d:85:d6:
         ff:6c:21:48:ce:ca:23:36:d5:b9:27:99:66:72:ad:d7:2e:5e:
         bd:69:12:fa:6f:d7:90:19:74:98:c8:8a:c1:86:ae:80:04:c8:
         0e:35:b3:36:74:3b:74:17:53:64:90:d3:36:6c:20:73:97:18:
         63:82:9f:90:b6:04:96:42:85:af:a4:9a:de:47:86:53:72:41:
         5c:cb:91:a9:a0:b9:64:1f:31:1a:82:2d:88:bf:0d:3a:61:49:
         96:b1:71:c5:48:b5:c4:e3:a2:10:f6:7c:13:0f:d2:e3:51:27:
         8d:a2:75:6e:39:22:78:55:ce:d7:a2:a9:92:a1:ad:0f:a8:a3:
         68:12:db:82
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDdVM4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
MGZlMGI4NWNkM2I3YzUzOWFiMTNlNGVhZWE1ZjIzN2M4MTU1NDkwHhcNMjIwMTAx
MDA1MTM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNWFiZmEzYzNlN2Y1
NmI2MzcyNDkzZGUzNzFhNjcwNTNiYWM0NzEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAspj+eiioBSHPKGaxJweJaiLwxxvACm7XUsVIlgC8HpsuDVvI
ELynd6rg2CTu2wp2oc22egQgmpATIX6/mavOtiaixN+UXQSyzZvuLB4pFq6pisUs
OAc7qKcCCxSxsVBegPezGUbylPV5r8Ee3Hc34qrMtC1SEWTLoifAf+r2IkYIeGK9
eXxz65W9sJW2wy5Wyk/GdZcM0H1xqf0f1xbrxxBKwA+pnghJztrvAlhwCWIF3Mjt
bVioeLp0UfpwO1EYY86gl787ZbMDiQO8hASiYvNQQlhTteu015/jz2RuH9brD6Io
YpzQN5n8/i9u8BO6QRB4iI36+hMhs2ihgOWemQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKWr+jw+f1a2NyST3jcaZwU7rEcTMB8GA1UdIwQYMBaAFCkP4Lhc07fFOasT
5OrqXyN8gVVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S1FfZ3VGelR0OFU1cXhQazZ1cGZJM3lCVlVrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNi8zMTBiZWMtNDRjMi00YTViLThiYzctYzllNTUxNDQ5YTRmLzEv
cGF2NlBENV9WclkzSkpQZU54cG5CVHVzUnhNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8z
MTBiZWMtNDRjMi00YTViLThiYzctYzllNTUxNDQ5YTRmLzEvS1FfZ3VGelR0OFU1
cXhQazZ1cGZJM3lCVlVrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQKMA0GCSqGSIb3DQEBCwUAA4IB
AQCSAJer60HEsltGnwzgQiOalNW+oJrUhXZI5LC7edqknLg1hA3r11ukJHMT1/TM
ye3vbK6QixSH0RYL+or0AxId5+hNtclCMuXHHVJg5C0VxJvaEQnAfUdajr5GEOwr
KFb2YwLJd2B7ANeTUezhi8rIIuqfK5Cq9VwFnReNhdb/bCFIzsojNtW5J5lmcq3X
Ll69aRL6b9eQGXSYyIrBhq6ABMgONbM2dDt0F1NkkNM2bCBzlxhjgp+QtgSWQoWv
pJreR4ZTckFcy5GpoLlkHzEagi2Ivw06YUmWsXHFSLXE46IQ9nwTD9LjUSeNonVu
OSJ4Vc7XoqmSoa0PqKNoEtuC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:54 2024 by rpki-client on console-fra.rpki-client.org