Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/RlzY3Ws9LZ2WDyOS2gikLC7fp6g.roa
File:                     RlzY3Ws9LZ2WDyOS2gikLC7fp6g.roa (raw, json)
Hash identifier:          aziYWJ7jrHWcDYvx9gQCF5t2mEqJSx50N0ak0j6CIU0=
Subject key identifier:   46:5C:D8:DD:6B:3D:2D:9D:96:0F:23:92:DA:08:A4:2C:2E:DF:A7:A8
Certificate issuer:       /CN=52f55e7a7e70b1018f03c4278d348b4bdcc142b1
Certificate serial:       018655518B56266B9A021373A65ACA04B8F1
Authority key identifier: 52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UvVeen5wsQGPA8QnjTSLS9zBQrE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/RlzY3Ws9LZ2WDyOS2gikLC7fp6g.roa
Signing time:             Wed 15 Feb 2023 13:44:12 +0000
ROA not before:           Wed 15 Feb 2023 13:44:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     135752
IP address blocks:        217.119.131.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:55:51:8b:56:26:6b:9a:02:13:73:a6:5a:ca:04:b8:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52f55e7a7e70b1018f03c4278d348b4bdcc142b1
        Validity
            Not Before: Feb 15 13:44:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=465cd8dd6b3d2d9d960f2392da08a42c2edfa7a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fb:dc:c9:ea:cb:33:9c:a1:86:d5:58:59:12:
                    74:a9:87:58:18:78:1b:41:c0:95:dd:c9:df:63:8e:
                    02:5c:63:05:f6:37:54:5b:1b:09:8e:e8:11:5e:6a:
                    5c:2f:b1:b8:d3:b6:74:ea:0a:1c:78:c2:65:2f:48:
                    cc:ee:3d:88:8d:34:ba:65:bf:46:de:27:47:61:67:
                    05:18:b1:4d:f1:9a:ed:b4:09:43:7c:98:93:0f:8f:
                    f0:b2:0b:3c:78:66:02:f6:64:1d:54:e4:d9:10:7e:
                    94:0a:45:94:04:ff:74:b1:62:ac:c2:54:28:b2:b2:
                    2e:11:59:2c:4a:7c:3d:a9:76:de:1c:4c:93:71:f7:
                    34:58:b4:23:c7:38:dd:ca:07:53:6b:56:19:80:59:
                    41:ef:37:fc:47:23:da:27:2c:5a:db:4e:0f:62:c2:
                    a4:71:bd:60:d5:8b:ef:e1:a0:91:9f:0c:26:65:be:
                    75:b0:97:f0:46:3d:0e:42:63:d3:01:c8:65:81:1e:
                    50:c5:e6:9b:70:36:a3:eb:4e:a3:50:41:86:0a:eb:
                    19:d3:c7:93:16:e0:2c:3d:65:09:57:6e:62:25:24:
                    ca:26:8f:c4:35:5b:fc:13:9b:72:71:74:fa:e1:1d:
                    68:34:4a:63:8f:db:f2:c1:97:a0:95:8d:32:f3:b3:
                    92:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:5C:D8:DD:6B:3D:2D:9D:96:0F:23:92:DA:08:A4:2C:2E:DF:A7:A8
            X509v3 Authority Key Identifier:
                keyid:52:F5:5E:7A:7E:70:B1:01:8F:03:C4:27:8D:34:8B:4B:DC:C1:42:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvVeen5wsQGPA8QnjTSLS9zBQrE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/RlzY3Ws9LZ2WDyOS2gikLC7fp6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/4e20a3-eb59-4392-bdfb-9a5f8ec64c70/1/UvVeen5wsQGPA8QnjTSLS9zBQrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.119.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:14:ff:77:21:6c:0f:60:f5:21:b7:6f:51:8f:35:65:df:35:
         49:f0:19:f9:77:e5:9f:7f:90:df:ec:c2:61:31:2a:ee:9d:b4:
         06:17:98:d9:d6:a5:3c:b4:bb:eb:e5:f8:c9:2e:9b:32:07:05:
         26:4c:00:0b:9f:2c:e7:d4:3c:b8:85:5b:31:59:b1:58:02:6a:
         e9:1c:e3:e5:cc:47:d7:30:6f:c6:17:74:6c:52:67:c5:e2:0a:
         c8:1b:91:a9:72:78:f5:b9:44:7c:71:e4:58:32:bb:14:be:f6:
         db:de:1c:07:fd:09:22:4a:22:21:34:0f:97:bf:db:83:9a:91:
         23:b2:21:da:12:6b:87:3b:c3:48:39:79:59:89:b1:3b:b8:8d:
         1a:0f:39:a9:1c:f1:a9:1b:7c:7a:4e:09:0f:02:57:79:96:79:
         74:37:92:39:65:d3:52:f0:3a:4b:4a:62:84:05:71:49:28:07:
         f9:52:9a:7b:e1:e5:fe:d8:49:95:fa:a5:e5:8b:b4:57:0c:60:
         ff:a6:9d:59:20:29:b8:e3:8a:b1:ea:c3:89:f5:62:2b:90:19:
         9b:3e:48:c8:19:72:0b:82:16:d8:1e:1c:9b:f4:58:c0:de:aa:
         ab:ee:82:ba:ae:1c:06:64:cf:28:ea:20:fc:54:ad:16:d2:92:
         1e:46:eb:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZVUYtWJmuaAhNzplrKBLjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZjU1ZTdhN2U3MGIxMDE4ZjAzYzQyNzhkMzQ4YjRiZGNj
MTQyYjEwHhcNMjMwMjE1MTM0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVjZDhkZDZiM2QyZDlkOTYwZjIzOTJkYTA4YTQyYzJlZGZhN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvvcyerLM5yhhtVYWRJ0qYdYGHgb
QcCV3cnfY44CXGMF9jdUWxsJjugRXmpcL7G407Z06goceMJlL0jM7j2IjTS6Zb9G
3idHYWcFGLFN8ZrttAlDfJiTD4/wsgs8eGYC9mQdVOTZEH6UCkWUBP90sWKswlQo
srIuEVksSnw9qXbeHEyTcfc0WLQjxzjdygdTa1YZgFlB7zf8RyPaJyxa204PYsKk
cb1g1Yvv4aCRnwwmZb51sJfwRj0OQmPTAchlgR5QxeabcDaj606jUEGGCusZ08eT
FuAsPWUJV25iJSTKJo/ENVv8E5tycXT64R1oNEpjj9vywZeglY0y87OSPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEZc2N1rPS2dlg8jktoIpCwu36eoMB8GA1UdIwQY
MBaAFFL1Xnp+cLEBjwPEJ400i0vcwUKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXZWZWVuNXdzUUdQQThRbmpUU0xTOXpCUXJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS80ZTIwYTMtZWI1OS00MzkyLWJkZmIt
OWE1ZjhlYzY0YzcwLzEvUmx6WTNXczlMWjJXRHlPUzJnaWtMQzdmcDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS80ZTIwYTMtZWI1OS00MzkyLWJkZmItOWE1ZjhlYzY0Yzcw
LzEvVXZWZWVuNXdzUUdQQThRbmpUU0xTOXpCUXJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XeDMA0G
CSqGSIb3DQEBCwUAA4IBAQDLFP93IWwPYPUht29RjzVl3zVJ8Bn5d+Wff5Df7MJh
MSrunbQGF5jZ1qU8tLvr5fjJLpsyBwUmTAALnyzn1Dy4hVsxWbFYAmrpHOPlzEfX
MG/GF3RsUmfF4grIG5Gpcnj1uUR8ceRYMrsUvvbb3hwH/QkiSiIhNA+Xv9uDmpEj
siHaEmuHO8NIOXlZibE7uI0aDzmpHPGpG3x6TgkPAld5lnl0N5I5ZdNS8DpLSmKE
BXFJKAf5Upp74eX+2EmV+qXli7RXDGD/pp1ZICm444qx6sOJ9WIrkBmbPkjIGXIL
ghbYHhyb9FjA3qqr7oK6rhwGZM8o6iD8VK0W0pIeRutR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:45 2024 by rpki-client on console-ams.rpki-client.org