Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/40b689-3658-4f63-8921-be18563ca50e/1/ItywJ6NPPCVILKe-n8MxcS8XsF0.roa
File:                     ItywJ6NPPCVILKe-n8MxcS8XsF0.roa (raw, json)
Hash identifier:          dyEwQz2cRk6+Ze1GNdC8ftSUuOPFksz6D4+p0LMmqG4=
Subject key identifier:   22:DC:B0:27:A3:4F:3C:25:48:2C:A7:BE:9F:C3:31:71:2F:17:B0:5D
Certificate issuer:       /CN=f45d87c133103f3ceaeb87e3a29e8e51da7b961f
Certificate serial:       018572A7EAFCA6B992964BE7C80EB3BEDBDE
Authority key identifier: F4:5D:87:C1:33:10:3F:3C:EA:EB:87:E3:A2:9E:8E:51:DA:7B:96:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9F2HwTMQPzzq64fjop6OUdp7lh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/40b689-3658-4f63-8921-be18563ca50e/1/ItywJ6NPPCVILKe-n8MxcS8XsF0.roa
Signing time:             Mon 02 Jan 2023 13:24:45 +0000
ROA not before:           Mon 02 Jan 2023 13:24:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a0e:a780::/29 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a7:ea:fc:a6:b9:92:96:4b:e7:c8:0e:b3:be:db:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f45d87c133103f3ceaeb87e3a29e8e51da7b961f
        Validity
            Not Before: Jan  2 13:24:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22dcb027a34f3c25482ca7be9fc331712f17b05d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:20:e7:46:78:87:7f:20:da:9b:b8:76:5e:97:
                    94:a4:a0:28:d8:38:d6:a8:e7:da:ac:ef:ec:0f:94:
                    ef:30:9c:f6:3e:a8:42:4c:81:90:9e:62:ce:c4:b9:
                    e2:08:34:e3:f9:f0:a7:30:ea:50:ee:2c:1b:56:a1:
                    88:8a:6b:9e:99:da:b5:2e:50:7f:e0:95:60:f4:77:
                    6d:4c:fb:f8:4d:00:52:e4:20:ba:44:0b:cc:26:2e:
                    0f:bc:32:d7:61:83:2b:4b:90:a9:de:78:51:1f:cf:
                    ce:c7:a6:e3:4a:7e:58:3c:9e:6b:28:ed:13:7d:97:
                    d5:1e:3a:e4:82:02:a2:80:a2:29:c9:57:6c:c5:d8:
                    fa:f2:92:14:c4:60:42:fa:ee:24:ab:64:fb:bb:23:
                    ad:13:22:13:4b:08:78:88:db:3d:2c:bd:5f:4c:12:
                    f3:7b:4c:88:2c:7a:f4:2e:bd:60:d9:7b:0f:8b:b9:
                    a0:2d:17:e8:b8:da:a0:15:38:b2:ce:64:31:42:7b:
                    83:75:01:27:21:09:7b:d7:bb:03:8b:d2:f6:a5:e2:
                    4a:c8:fa:8e:e3:0b:14:5b:da:b0:29:67:ac:ba:1c:
                    dc:34:1d:46:57:bc:1e:56:a2:57:bc:aa:fd:f6:78:
                    d7:66:1e:bb:8b:11:44:7a:fb:4c:91:5e:c2:98:94:
                    dc:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:DC:B0:27:A3:4F:3C:25:48:2C:A7:BE:9F:C3:31:71:2F:17:B0:5D
            X509v3 Authority Key Identifier:
                keyid:F4:5D:87:C1:33:10:3F:3C:EA:EB:87:E3:A2:9E:8E:51:DA:7B:96:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9F2HwTMQPzzq64fjop6OUdp7lh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/40b689-3658-4f63-8921-be18563ca50e/1/ItywJ6NPPCVILKe-n8MxcS8XsF0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/40b689-3658-4f63-8921-be18563ca50e/1/9F2HwTMQPzzq64fjop6OUdp7lh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:a780::/29

    Signature Algorithm: sha256WithRSAEncryption
         84:06:e0:54:fb:fc:78:20:52:14:07:23:04:e2:0d:a0:bf:f3:
         1e:e3:ba:bc:d6:35:1d:0f:1f:15:1a:0b:59:b7:ca:a8:f0:7b:
         7d:d3:9a:d6:4c:d0:31:6f:02:a0:b5:3d:1c:cd:80:98:2d:10:
         4c:54:5e:9a:31:b8:68:8c:69:f0:98:e4:df:92:b8:ec:b4:e3:
         4f:87:02:ad:80:80:27:d3:ed:d0:2e:a7:04:0d:ce:49:49:21:
         64:a0:02:36:46:de:f3:ee:ba:32:7e:24:62:65:70:f7:96:66:
         f3:c6:cb:c0:6d:1a:37:24:c0:38:96:f5:a0:bd:78:fb:ef:ae:
         53:1b:ed:d4:e6:bc:10:83:8b:11:69:e0:c7:24:f8:2a:a1:55:
         8d:e5:85:8c:15:25:fb:5b:ed:6f:eb:33:05:25:83:6a:70:ad:
         4d:8c:31:ea:c6:56:e3:a0:aa:e6:af:89:06:5c:4e:e2:72:df:
         36:5e:4c:1d:f3:a7:c4:71:64:4f:1a:e6:52:b7:d3:ed:93:14:
         76:e5:c6:06:b9:5a:60:28:2b:a5:77:b8:59:cd:f5:d6:6a:d6:
         9a:c4:02:cc:fe:a7:3c:3d:b8:a6:9d:93:de:0c:82:e8:f4:2c:
         73:eb:97:cf:e7:a7:e4:dc:3c:0a:09:4e:11:1d:a9:53:42:e1:
         85:cf:47:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyp+r8prmSlkvnyA6zvtveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NWQ4N2MxMzMxMDNmM2NlYWViODdlM2EyOWU4ZTUxZGE3
Yjk2MWYwHhcNMjMwMTAyMTMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmRjYjAyN2EzNGYzYzI1NDgyY2E3YmU5ZmMzMzE3MTJmMTdiMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSDnRniHfyDam7h2XpeUpKAo2DjW
qOfarO/sD5TvMJz2PqhCTIGQnmLOxLniCDTj+fCnMOpQ7iwbVqGIimuemdq1LlB/
4JVg9HdtTPv4TQBS5CC6RAvMJi4PvDLXYYMrS5Cp3nhRH8/Ox6bjSn5YPJ5rKO0T
fZfVHjrkggKigKIpyVdsxdj68pIUxGBC+u4kq2T7uyOtEyITSwh4iNs9LL1fTBLz
e0yILHr0Lr1g2XsPi7mgLRfouNqgFTiyzmQxQnuDdQEnIQl717sDi9L2peJKyPqO
4wsUW9qwKWesuhzcNB1GV7weVqJXvKr99njXZh67ixFEevtMkV7CmJTc3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCLcsCejTzwlSCynvp/DMXEvF7BdMB8GA1UdIwQY
MBaAFPRdh8EzED886uuH46KejlHae5YfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUYySHdUTVFQenpxNjRmam9wNk9VZHA3bGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC80MGI2ODktMzY1OC00ZjYzLTg5MjEt
YmUxODU2M2NhNTBlLzEvSXR5d0o2TlBQQ1ZJTEtlLW44TXhjUzhYc0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC80MGI2ODktMzY1OC00ZjYzLTg5MjEtYmUxODU2M2NhNTBl
LzEvOUYySHdUTVFQenpxNjRmam9wNk9VZHA3bGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6ngDAN
BgkqhkiG9w0BAQsFAAOCAQEAhAbgVPv8eCBSFAcjBOINoL/zHuO6vNY1HQ8fFRoL
WbfKqPB7fdOa1kzQMW8CoLU9HM2AmC0QTFRemjG4aIxp8Jjk35K47LTjT4cCrYCA
J9Pt0C6nBA3OSUkhZKACNkbe8+66Mn4kYmVw95Zm88bLwG0aNyTAOJb1oL14+++u
Uxvt1Oa8EIOLEWngxyT4KqFVjeWFjBUl+1vtb+szBSWDanCtTYwx6sZW46Cq5q+J
BlxO4nLfNl5MHfOnxHFkTxrmUrfT7ZMUduXGBrlaYCgrpXe4Wc311mrWmsQCzP6n
PD24pp2T3gyC6PQsc+uXz+en5Nw8CglOER2pU0Lhhc9HfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:22 2024 by rpki-client on console-ams.rpki-client.org