Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c8ee7a-6a84-4533-b7ce-d2b8dd5da3aa/1/dJ6lw5K39qWwhEx5U65MiSsn86U.roa
File:                     dJ6lw5K39qWwhEx5U65MiSsn86U.roa (raw, json)
Hash identifier:          Ky4ebJbI/OLUaxBxGSdIXrVmXGeuA+8qlJkCjeJzBNc=
Subject key identifier:   74:9E:A5:C3:92:B7:F6:A5:B0:84:4C:79:53:AE:4C:89:2B:27:F3:A5
Certificate issuer:       /CN=e5c2b0b5c300af8c2f7ba22f7ad7954919078b35
Certificate serial:       02C17569
Authority key identifier: E5:C2:B0:B5:C3:00:AF:8C:2F:7B:A2:2F:7A:D7:95:49:19:07:8B:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cKwtcMAr4wve6IveteVSRkHizU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/c8ee7a-6a84-4533-b7ce-d2b8dd5da3aa/1/dJ6lw5K39qWwhEx5U65MiSsn86U.roa
Signing time:             Mon 04 Apr 2022 07:18:42 +0000
ROA not before:           Mon 04 Apr 2022 07:18:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        2.56.232.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46232937 (0x2c17569)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c2b0b5c300af8c2f7ba22f7ad7954919078b35
        Validity
            Not Before: Apr  4 07:18:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=749ea5c392b7f6a5b0844c7953ae4c892b27f3a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:95:b0:e4:a5:de:d8:2a:ac:5c:95:4e:2c:87:
                    12:40:5f:0d:a9:f9:91:0a:37:d8:15:cb:a7:25:fc:
                    8c:cb:43:ec:e8:ac:49:fc:45:78:14:e5:66:b5:a2:
                    73:fd:1b:22:fb:18:78:2c:b9:a8:c9:5d:a7:81:64:
                    79:2d:87:4a:e0:65:ce:d2:f3:a5:fa:21:7b:2a:02:
                    c6:cd:6f:ab:06:32:16:91:2e:ce:dd:0c:c6:02:63:
                    92:93:43:27:87:4c:ff:80:9f:93:b9:86:96:21:2a:
                    3a:13:ca:9b:2d:cc:de:9e:29:c3:c3:f9:91:17:94:
                    ab:51:d0:54:01:96:9f:77:12:de:52:6b:08:8a:57:
                    29:c0:a9:41:f5:5e:67:66:48:39:4f:6b:e8:d5:b9:
                    46:0b:ad:8d:f3:6e:37:da:cf:54:9b:68:84:af:74:
                    18:22:0c:7b:80:9d:af:1d:21:4f:d3:8c:89:92:5f:
                    f1:b5:25:ad:8d:0b:68:d6:fe:99:20:72:4d:ef:a0:
                    22:48:52:0c:9f:8d:7b:61:3d:17:50:d6:b5:b4:ac:
                    6f:e9:21:c3:53:0b:ce:98:fb:aa:c2:78:ea:69:11:
                    a5:59:84:37:69:d4:50:b0:09:b8:29:22:1f:08:9c:
                    db:47:34:79:ab:19:42:e0:b4:57:c0:97:91:dd:43:
                    0b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9E:A5:C3:92:B7:F6:A5:B0:84:4C:79:53:AE:4C:89:2B:27:F3:A5
            X509v3 Authority Key Identifier:
                keyid:E5:C2:B0:B5:C3:00:AF:8C:2F:7B:A2:2F:7A:D7:95:49:19:07:8B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cKwtcMAr4wve6IveteVSRkHizU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c8ee7a-6a84-4533-b7ce-d2b8dd5da3aa/1/dJ6lw5K39qWwhEx5U65MiSsn86U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c8ee7a-6a84-4533-b7ce-d2b8dd5da3aa/1/5cKwtcMAr4wve6IveteVSRkHizU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:36:8b:1b:f1:1c:b3:dc:2c:b1:03:e2:06:e3:7a:f4:08:19:
         9e:c6:a1:6e:b4:45:64:ed:6d:59:fa:ca:c2:8a:bd:7c:7b:a5:
         c9:3b:05:5c:b2:0b:aa:e7:3b:f3:90:13:98:d9:b7:6a:da:a8:
         11:e5:70:3c:2c:4a:72:bc:d6:b9:28:2f:dd:af:b6:69:2e:f2:
         cc:d5:53:1e:ed:4d:43:ac:03:45:fe:95:f9:d6:f9:3e:c1:81:
         7d:1c:3f:e9:da:d2:54:3c:54:0f:cc:4d:f5:fb:47:8f:51:85:
         b1:b4:43:39:9f:26:23:5e:4a:a8:ce:66:07:50:3f:5e:de:e4:
         d4:87:62:5c:1f:62:8b:df:07:14:ca:60:10:40:52:78:4a:9b:
         7e:a0:49:16:ed:2b:ca:3b:8e:80:a3:a3:5c:27:17:3a:2d:0a:
         38:8e:dd:9a:fb:b3:ee:5d:18:32:cf:8a:72:b7:1c:93:55:34:
         e1:02:68:e4:3d:de:a4:55:d2:87:9d:4f:50:65:b0:5e:9e:db:
         be:28:fd:24:a2:5f:8a:41:25:4c:78:e7:36:ea:dd:84:2f:27:
         5d:80:72:ef:c6:59:40:0d:99:c1:37:7d:c9:74:e4:da:65:14:
         82:ff:83:d2:87:78:04:3e:76:f6:d1:54:25:ca:10:61:da:8d:
         c2:44:00:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsF1aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWMyYjBiNWMzMDBhZjhjMmY3YmEyMmY3YWQ3OTU0OTE5MDc4YjM1MB4XDTIyMDQw
NDA3MTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ5ZWE1YzM5MmI3
ZjZhNWIwODQ0Yzc5NTNhZTRjODkyYjI3ZjNhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeVsOSl3tgqrFyVTiyHEkBfDan5kQo32BXLpyX8jMtD7Ois
SfxFeBTlZrWic/0bIvsYeCy5qMldp4FkeS2HSuBlztLzpfoheyoCxs1vqwYyFpEu
zt0MxgJjkpNDJ4dM/4Cfk7mGliEqOhPKmy3M3p4pw8P5kReUq1HQVAGWn3cS3lJr
CIpXKcCpQfVeZ2ZIOU9r6NW5RgutjfNuN9rPVJtohK90GCIMe4Cdrx0hT9OMiZJf
8bUlrY0LaNb+mSByTe+gIkhSDJ+Ne2E9F1DWtbSsb+khw1MLzpj7qsJ46mkRpVmE
N2nUULAJuCkiHwic20c0easZQuC0V8CXkd1DC30CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0nqXDkrf2pbCETHlTrkyJKyfzpTAfBgNVHSMEGDAWgBTlwrC1wwCvjC97
oi9615VJGQeLNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVjS3d0Y01BcjR3dmU2SXZldGVWU1JrSGl6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYzhlZTdhLTZhODQtNDUzMy1iN2NlLWQyYjhkZDVkYTNhYS8x
L2RKNmx3NUszOXFXd2hFeDVVNjVNaVNzbjg2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YzhlZTdhLTZhODQtNDUzMy1iN2NlLWQyYjhkZDVkYTNhYS8xLzVjS3d0Y01BcjR3
dmU2SXZldGVWU1JrSGl6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI46DANBgkqhkiG9w0BAQsFAAOC
AQEAhjaLG/Ecs9wssQPiBuN69AgZnsahbrRFZO1tWfrKwoq9fHulyTsFXLILquc7
85ATmNm3atqoEeVwPCxKcrzWuSgv3a+2aS7yzNVTHu1NQ6wDRf6V+db5PsGBfRw/
6drSVDxUD8xN9ftHj1GFsbRDOZ8mI15KqM5mB1A/Xt7k1IdiXB9ii98HFMpgEEBS
eEqbfqBJFu0ryjuOgKOjXCcXOi0KOI7dmvuz7l0YMs+Kcrcck1U04QJo5D3epFXS
h51PUGWwXp7bvij9JKJfikElTHjnNurdhC8nXYBy78ZZQA2ZwTd9yXTk2mUUgv+D
0od4BD529tFUJcoQYdqNwkQAcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:04 2024 by rpki-client on console-ams.rpki-client.org