Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/CzvgZ14mna4xtnBboD7cL3JyxXA.roa
File:                     CzvgZ14mna4xtnBboD7cL3JyxXA.roa (raw, json)
Hash identifier:          NGYi9fbWVgcFCN5TITMQD/CV2H/cM3gJvB89HMJTNww=
Subject key identifier:   0B:3B:E0:67:5E:26:9D:AE:31:B6:70:5B:A0:3E:DC:2F:72:72:C5:70
Certificate issuer:       /CN=de7e14321f86a46d88f11771ab7818c6bba8c881
Certificate serial:       01856BC10B037916ED3E3ABA0D0119410E07
Authority key identifier: DE:7E:14:32:1F:86:A4:6D:88:F1:17:71:AB:78:18:C6:BB:A8:C8:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3n4UMh-GpG2I8Rdxq3gYxruoyIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/CzvgZ14mna4xtnBboD7cL3JyxXA.roa
Signing time:             Sun 01 Jan 2023 05:14:51 +0000
ROA not before:           Sun 01 Jan 2023 05:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57373
IP address blocks:        94.143.228.0/24 maxlen: 24
                          2a12:a580::/29 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:0b:03:79:16:ed:3e:3a:ba:0d:01:19:41:0e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de7e14321f86a46d88f11771ab7818c6bba8c881
        Validity
            Not Before: Jan  1 05:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b3be0675e269dae31b6705ba03edc2f7272c570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2c:4c:68:94:56:ce:51:d4:9b:75:e0:ab:18:
                    aa:da:d9:6d:20:4b:27:61:8a:14:3f:cd:26:9d:42:
                    1c:2f:e8:82:1b:36:32:ac:b8:04:2f:b2:99:1f:07:
                    59:8f:da:92:df:1c:3a:3b:1f:8b:01:02:8c:d2:b3:
                    aa:ff:68:e0:f6:7e:67:a1:9a:2d:da:9c:f5:19:d0:
                    c3:cf:78:09:59:ba:1f:4e:3d:23:14:74:01:9a:55:
                    83:1c:22:64:fe:31:bb:13:eb:11:02:6b:e1:53:20:
                    b3:be:1a:bb:36:6e:4f:c0:d4:40:98:1f:50:c6:98:
                    2b:ec:7c:f9:3c:0b:e4:37:51:ea:18:43:3a:1d:16:
                    6f:c4:d3:e3:03:8f:47:a6:f1:ad:e3:86:fb:85:d6:
                    2e:83:6a:bb:33:4e:cd:8e:ce:19:8f:bb:7e:8c:0c:
                    7d:08:8b:0e:03:63:7b:70:25:38:d7:7b:56:b3:9b:
                    4b:c2:60:a7:c4:e9:25:c0:d3:a6:51:a3:b7:56:14:
                    24:c9:70:6d:67:5c:a0:ad:35:4c:12:3d:a3:c6:c7:
                    d9:9b:5b:3d:11:3d:65:3a:07:96:93:70:e6:d1:e4:
                    d3:57:10:5e:d1:83:ed:5d:04:49:89:28:25:d1:ef:
                    84:dc:64:71:50:69:6e:e0:58:49:0e:ec:9f:f4:ed:
                    c0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:3B:E0:67:5E:26:9D:AE:31:B6:70:5B:A0:3E:DC:2F:72:72:C5:70
            X509v3 Authority Key Identifier:
                keyid:DE:7E:14:32:1F:86:A4:6D:88:F1:17:71:AB:78:18:C6:BB:A8:C8:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3n4UMh-GpG2I8Rdxq3gYxruoyIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/CzvgZ14mna4xtnBboD7cL3JyxXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/3n4UMh-GpG2I8Rdxq3gYxruoyIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.228.0/24
                IPv6:
                  2a12:a580::/29

    Signature Algorithm: sha256WithRSAEncryption
         4e:dc:13:bd:36:e1:32:f6:cf:74:24:75:ab:ad:cf:90:7f:8e:
         74:0d:8b:11:8d:f2:c9:3d:cd:5c:d3:78:b5:13:e0:62:00:9b:
         6c:5f:d9:61:f0:e1:ff:15:5a:20:8a:3f:2e:e3:0f:44:35:14:
         d1:e8:a1:4f:cb:32:29:d5:a8:c6:f3:ae:08:09:da:c4:57:04:
         af:a9:ba:39:65:b4:c2:9e:b0:38:64:4a:6d:91:7c:20:32:e8:
         58:52:62:08:01:b5:42:5c:50:94:cc:fc:9a:f3:03:ff:74:ab:
         96:84:3b:34:98:44:07:73:87:7c:41:b6:91:ad:bf:9f:72:c1:
         97:26:61:44:44:9a:c5:d1:72:68:14:09:ae:b9:68:61:4e:86:
         5e:69:e0:77:2f:b8:6f:51:c0:84:6d:6b:28:d1:4a:4d:8e:dd:
         ac:2a:fc:9e:62:b3:da:bf:88:0a:e6:e9:a4:26:d0:ea:68:70:
         6c:0e:33:ec:05:8f:04:fd:02:f5:c3:0a:1b:8c:fa:2b:2d:ac:
         cd:be:cb:0a:61:d1:8f:f6:9d:06:af:d4:eb:6f:bc:66:1b:37:
         cc:7c:4e:83:61:2d:fe:12:eb:30:25:e7:41:88:14:78:48:ab:
         47:b5:31:ec:4b:49:79:c4:4d:2e:04:51:c4:2b:36:b1:97:02:
         78:a8:22:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrwQsDeRbtPjq6DQEZQQ4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2UxNDMyMWY4NmE0NmQ4OGYxMTc3MWFiNzgxOGM2YmJh
OGM4ODEwHhcNMjMwMTAxMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNiZTA2NzVlMjY5ZGFlMzFiNjcwNWJhMDNlZGMyZjcyNzJjNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCxMaJRWzlHUm3Xgqxiq2tltIEsn
YYoUP80mnUIcL+iCGzYyrLgEL7KZHwdZj9qS3xw6Ox+LAQKM0rOq/2jg9n5noZot
2pz1GdDDz3gJWbofTj0jFHQBmlWDHCJk/jG7E+sRAmvhUyCzvhq7Nm5PwNRAmB9Q
xpgr7Hz5PAvkN1HqGEM6HRZvxNPjA49HpvGt44b7hdYug2q7M07Njs4Zj7t+jAx9
CIsOA2N7cCU413tWs5tLwmCnxOklwNOmUaO3VhQkyXBtZ1ygrTVMEj2jxsfZm1s9
ET1lOgeWk3Dm0eTTVxBe0YPtXQRJiSgl0e+E3GRxUGlu4FhJDuyf9O3A/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAs74GdeJp2uMbZwW6A+3C9ycsVwMB8GA1UdIwQY
MBaAFN5+FDIfhqRtiPEXcat4GMa7qMiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM240VU1oLUdwRzJJOFJkeHEzZ1l4cnVveUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jNWExOWItMTIyMS00YWVkLWEwMjYt
NjA0MzRhMmZiZTA0LzEvQ3p2Z1oxNG1uYTR4dG5CYm9EN2NMM0p5eFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jNWExOWItMTIyMS00YWVkLWEwMjYtNjA0MzRhMmZiZTA0
LzEvM240VU1oLUdwRzJJOFJkeHEzZ1l4cnVveUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXo/kMA0E
AgACMAcDBQMqEqWAMA0GCSqGSIb3DQEBCwUAA4IBAQBO3BO9NuEy9s90JHWrrc+Q
f450DYsRjfLJPc1c03i1E+BiAJtsX9lh8OH/FVogij8u4w9ENRTR6KFPyzIp1ajG
864ICdrEVwSvqbo5ZbTCnrA4ZEptkXwgMuhYUmIIAbVCXFCUzPya8wP/dKuWhDs0
mEQHc4d8QbaRrb+fcsGXJmFERJrF0XJoFAmuuWhhToZeaeB3L7hvUcCEbWso0UpN
jt2sKvyeYrPav4gK5umkJtDqaHBsDjPsBY8E/QL1wwobjPorLazNvssKYdGP9p0G
r9Trb7xmGzfMfE6DYS3+EuswJedBiBR4SKtHtTHsS0l5xE0uBFHEKzaxlwJ4qCLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:03 2024 by rpki-client on console-ams.rpki-client.org