Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c5383c-d0c4-4c19-90cb-35e14f73425c/1/HgYeOi9-rlgGM41fwnnNj7cARmU.roa
File:                     HgYeOi9-rlgGM41fwnnNj7cARmU.roa (raw, json)
Hash identifier:          rctshyQI/pVuYC5ShHXkkfuzQgdT0+NA/aIC81nYnHQ=
Subject key identifier:   1E:06:1E:3A:2F:7E:AE:58:06:33:8D:5F:C2:79:CD:8F:B7:00:46:65
Certificate issuer:       /CN=8e1b91d483609626138371c6550a1fcd0c057e12
Certificate serial:       6ABE6C
Authority key identifier: 8E:1B:91:D4:83:60:96:26:13:83:71:C6:55:0A:1F:CD:0C:05:7E:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jhuR1INgliYTg3HGVQofzQwFfhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/c5383c-d0c4-4c19-90cb-35e14f73425c/1/HgYeOi9-rlgGM41fwnnNj7cARmU.roa
Signing time:             Sat 01 Jan 2022 01:58:32 +0000
ROA not before:           Sat 01 Jan 2022 01:58:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        146.19.151.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6995564 (0x6abe6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e1b91d483609626138371c6550a1fcd0c057e12
        Validity
            Not Before: Jan  1 01:58:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e061e3a2f7eae5806338d5fc279cd8fb7004665
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:26:e2:07:c5:e8:d6:7b:5f:3f:95:9f:d5:92:
                    cf:6c:d9:d5:93:af:94:e8:16:0d:27:f2:66:58:df:
                    36:82:90:11:8a:51:e1:7a:67:bd:5a:a8:6f:c1:31:
                    cd:c1:8e:00:e5:22:3f:0f:67:40:d6:e6:64:b4:a4:
                    07:46:a4:3f:76:03:96:53:d7:90:91:4a:c0:9f:df:
                    19:02:84:32:a8:32:2a:be:8b:51:54:11:19:c2:92:
                    27:79:7a:ba:2f:d4:3f:6d:dc:ff:46:f6:26:81:2c:
                    3b:af:84:c3:39:1d:83:6f:b9:66:9a:40:7b:0c:81:
                    0e:38:84:29:0b:96:a5:84:f6:5e:ca:15:80:08:13:
                    8e:6a:05:70:1e:af:2b:45:62:fd:1a:b8:fe:d5:85:
                    c2:ca:55:40:ac:2a:57:3f:f7:68:2f:41:6c:e0:45:
                    32:eb:01:81:c7:da:af:00:12:ff:46:f9:05:c0:bf:
                    0b:15:25:6c:33:64:a4:3a:0a:87:97:76:79:db:d4:
                    46:fb:a5:1a:97:a7:33:61:ec:66:91:17:e2:bd:5e:
                    bb:d4:d4:70:da:a9:14:35:01:1c:0a:b1:e3:68:4d:
                    67:7a:0e:b0:1f:0f:5b:94:f4:33:c6:fb:a1:1b:9a:
                    e7:29:fb:e2:4e:6e:c4:bc:e5:99:38:82:8e:3e:32:
                    9d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:06:1E:3A:2F:7E:AE:58:06:33:8D:5F:C2:79:CD:8F:B7:00:46:65
            X509v3 Authority Key Identifier:
                keyid:8E:1B:91:D4:83:60:96:26:13:83:71:C6:55:0A:1F:CD:0C:05:7E:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhuR1INgliYTg3HGVQofzQwFfhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c5383c-d0c4-4c19-90cb-35e14f73425c/1/HgYeOi9-rlgGM41fwnnNj7cARmU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c5383c-d0c4-4c19-90cb-35e14f73425c/1/jhuR1INgliYTg3HGVQofzQwFfhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:c3:67:66:fd:d4:2e:59:62:4d:fd:8c:8e:ed:8b:da:1e:f2:
         a2:72:47:d7:61:5e:72:32:3a:9c:e7:a8:d7:3e:cb:bf:95:68:
         f6:0d:c6:33:ce:b4:9d:25:63:71:a0:4d:e2:a6:57:aa:10:5b:
         a4:e8:e2:42:71:3c:84:73:19:80:40:79:8b:06:e3:42:7f:d4:
         b3:c2:ed:c2:88:97:52:d3:6a:ab:df:dc:cf:ea:0a:0c:81:90:
         ac:9c:ff:ad:47:76:de:a3:cb:a0:d7:cf:2e:05:88:78:cf:d3:
         4b:13:59:c9:d3:5f:03:5b:8a:b8:f4:05:85:08:04:64:dc:ad:
         23:a2:13:93:67:b4:1f:5f:cf:2d:b7:e3:1a:52:dc:e1:27:a1:
         66:71:e8:2c:c3:66:3c:8d:43:22:9a:b5:68:16:2c:bf:5a:e6:
         04:d1:64:42:62:34:12:4b:66:ba:b3:e5:ee:e5:01:39:b6:af:
         40:bb:25:af:47:54:07:73:7e:f6:3e:cf:f1:eb:c3:e7:d8:9e:
         9d:9f:d9:fd:19:51:37:0a:8f:40:db:a5:24:38:8a:0e:c3:aa:
         4a:18:d4:98:df:01:8a:47:e5:18:e3:08:7c:53:92:e1:fe:fe:
         ae:75:d6:90:a8:ca:f8:3a:34:0c:c9:0f:40:ba:af:0f:74:ad:
         f1:cb:2a:85
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDar5sMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhl
MWI5MWQ0ODM2MDk2MjYxMzgzNzFjNjU1MGExZmNkMGMwNTdlMTIwHhcNMjIwMTAx
MDE1ODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZTA2MWUzYTJmN2Vh
ZTU4MDYzMzhkNWZjMjc5Y2Q4ZmI3MDA0NjY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5ibiB8Xo1ntfP5Wf1ZLPbNnVk6+U6BYNJ/JmWN82gpARilHh
eme9WqhvwTHNwY4A5SI/D2dA1uZktKQHRqQ/dgOWU9eQkUrAn98ZAoQyqDIqvotR
VBEZwpIneXq6L9Q/bdz/RvYmgSw7r4TDOR2Db7lmmkB7DIEOOIQpC5alhPZeyhWA
CBOOagVwHq8rRWL9Grj+1YXCylVArCpXP/doL0Fs4EUy6wGBx9qvABL/RvkFwL8L
FSVsM2SkOgqHl3Z529RG+6Ual6czYexmkRfivV671NRw2qkUNQEcCrHjaE1neg6w
Hw9blPQzxvuhG5rnKfviTm7EvOWZOIKOPjKdIQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFB4GHjovfq5YBjONX8J5zY+3AEZlMB8GA1UdIwQYMBaAFI4bkdSDYJYmE4Nx
xlUKH80MBX4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
amh1UjFJTmdsaVlUZzNIR1ZRb2Z6UXdGZmhJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iOC9jNTM4M2MtZDBjNC00YzE5LTkwY2ItMzVlMTRmNzM0MjVjLzEv
SGdZZU9pOS1ybGdHTTQxZndubk5qN2NBUm1VLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9j
NTM4M2MtZDBjNC00YzE5LTkwY2ItMzVlMTRmNzM0MjVjLzEvamh1UjFJTmdsaVlU
ZzNIR1ZRb2Z6UXdGZmhJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOXMA0GCSqGSIb3DQEBCwUAA4IB
AQAJw2dm/dQuWWJN/YyO7YvaHvKickfXYV5yMjqc56jXPsu/lWj2DcYzzrSdJWNx
oE3ipleqEFuk6OJCcTyEcxmAQHmLBuNCf9Szwu3CiJdS02qr39zP6goMgZCsnP+t
R3beo8ug188uBYh4z9NLE1nJ018DW4q49AWFCARk3K0johOTZ7QfX88tt+MaUtzh
J6Fmcegsw2Y8jUMimrVoFiy/WuYE0WRCYjQSS2a6s+Xu5QE5tq9AuyWvR1QHc372
Ps/x68Pn2J6dn9n9GVE3Co9A26UkOIoOw6pKGNSY3wGKR+UY4wh8U5Lh/v6uddaQ
qMr4OjQMyQ9Auq8PdK3xyyqF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org