Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/3ca17b-fad9-4904-81ea-c0859dd0929f/1/RNEwqoK-m-fHoY3hlqLFdvQBktI.roa
File:                     RNEwqoK-m-fHoY3hlqLFdvQBktI.roa (raw, json)
Hash identifier:          LvL4d9tQjTjtixEDcTdwwo4O2IFbdy4UcMFrRm5BRXY=
Subject key identifier:   44:D1:30:AA:82:BE:9B:E7:C7:A1:8D:E1:96:A2:C5:76:F4:01:92:D2
Certificate issuer:       /CN=a4d73b8edf57ee172769734a35e6b098cae12ffb
Certificate serial:       018529D078DC67268B16E367EC4C36DDA748
Authority key identifier: A4:D7:3B:8E:DF:57:EE:17:27:69:73:4A:35:E6:B0:98:CA:E1:2F:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNc7jt9X7hcnaXNKNeawmMrhL_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/3ca17b-fad9-4904-81ea-c0859dd0929f/1/RNEwqoK-m-fHoY3hlqLFdvQBktI.roa
Signing time:             Mon 19 Dec 2022 09:56:46 +0000
ROA not before:           Mon 19 Dec 2022 09:56:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29119
IP address blocks:        178.212.72.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:29:d0:78:dc:67:26:8b:16:e3:67:ec:4c:36:dd:a7:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d73b8edf57ee172769734a35e6b098cae12ffb
        Validity
            Not Before: Dec 19 09:56:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44d130aa82be9be7c7a18de196a2c576f40192d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:25:1e:5d:b2:5b:8c:93:0a:ad:e8:7b:33:2c:
                    4f:a9:01:96:12:ef:7e:be:22:97:c9:56:c8:35:b0:
                    7a:06:d6:c9:f4:17:7a:f8:99:84:54:44:b0:1a:dc:
                    e6:eb:30:1c:f9:90:f2:78:d9:7f:d4:aa:a4:f2:bb:
                    03:01:d7:1b:30:0d:c4:46:21:59:98:b6:6e:45:71:
                    8a:68:3f:5b:5d:2c:0e:7a:fd:f1:03:01:52:e8:84:
                    49:26:d9:71:e1:55:0c:19:f8:a7:1d:87:e5:73:55:
                    6a:b1:7b:ac:39:33:c6:e9:a7:dc:a4:db:5c:fe:95:
                    e9:c9:18:5f:44:02:1f:12:d1:a0:f7:14:bc:82:84:
                    ca:7d:d4:be:a5:4c:cc:4f:d0:91:70:91:2a:f5:93:
                    89:c4:95:12:9b:c5:b2:43:6f:c2:8a:f1:f9:9f:81:
                    7e:11:14:13:9d:7e:73:1c:88:26:b2:70:75:fe:77:
                    a8:c5:3f:84:5e:e2:73:e8:1c:a6:74:4a:ec:04:7a:
                    b3:85:69:5f:71:af:1c:51:31:ba:28:b4:8d:bc:94:
                    1b:32:25:f1:37:a8:8d:a9:1c:99:97:45:03:eb:ae:
                    44:15:f1:d7:87:9f:67:20:2c:8e:19:2b:1a:55:03:
                    3f:cd:7a:e3:5f:cf:85:53:1f:69:86:ba:c2:3f:ef:
                    e8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D1:30:AA:82:BE:9B:E7:C7:A1:8D:E1:96:A2:C5:76:F4:01:92:D2
            X509v3 Authority Key Identifier:
                keyid:A4:D7:3B:8E:DF:57:EE:17:27:69:73:4A:35:E6:B0:98:CA:E1:2F:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNc7jt9X7hcnaXNKNeawmMrhL_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/3ca17b-fad9-4904-81ea-c0859dd0929f/1/RNEwqoK-m-fHoY3hlqLFdvQBktI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/3ca17b-fad9-4904-81ea-c0859dd0929f/1/pNc7jt9X7hcnaXNKNeawmMrhL_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.212.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:aa:3e:b3:95:c1:43:d8:30:89:95:bb:65:9e:f6:23:83:48:
         a8:b6:6a:a8:8c:10:dd:6e:ab:97:03:62:44:e1:b3:09:75:81:
         18:41:dc:7d:d0:8e:d7:d4:2a:8b:7d:8c:8e:63:ab:e5:7f:79:
         4d:68:cb:53:d4:85:ed:8a:77:4c:86:46:90:ce:49:46:d5:26:
         a3:de:af:ca:63:a2:34:6a:e9:86:af:51:23:27:79:d6:c3:b7:
         66:f3:a7:a6:60:a1:1c:a2:30:66:fc:b4:38:6b:1a:ff:d2:9c:
         53:a7:87:ee:4a:e8:b6:ec:3a:74:3b:de:1d:38:72:79:28:07:
         58:8d:16:ec:7d:f8:ec:63:26:84:b0:65:d2:be:71:2b:ca:04:
         d0:3d:42:1b:98:6a:32:01:d0:6b:6b:14:ac:bf:60:ff:df:04:
         42:8e:99:58:bb:a7:ad:cb:32:0c:39:27:ab:ba:2d:78:4d:e5:
         07:c1:dc:c1:27:24:86:e7:83:f5:8d:43:e1:4d:2f:1b:27:ad:
         b8:9b:08:55:99:c3:37:15:16:27:7c:b4:b5:90:86:db:3a:14:
         ca:a2:8a:6c:09:45:6a:f8:06:69:d0:27:79:7d:a1:ee:b2:ea:
         a8:5e:c9:f6:7d:f4:7a:f1:15:e6:38:a5:2b:c8:a8:f6:0a:9c:
         da:0a:29:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUp0HjcZyaLFuNn7Ew23adIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDczYjhlZGY1N2VlMTcyNzY5NzM0YTM1ZTZiMDk4Y2Fl
MTJmZmIwHhcNMjIxMjE5MDk1NjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQxMzBhYTgyYmU5YmU3YzdhMThkZTE5NmEyYzU3NmY0MDE5MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUeXbJbjJMKreh7MyxPqQGWEu9+
viKXyVbINbB6BtbJ9Bd6+JmEVESwGtzm6zAc+ZDyeNl/1Kqk8rsDAdcbMA3ERiFZ
mLZuRXGKaD9bXSwOev3xAwFS6IRJJtlx4VUMGfinHYflc1VqsXusOTPG6afcpNtc
/pXpyRhfRAIfEtGg9xS8goTKfdS+pUzMT9CRcJEq9ZOJxJUSm8WyQ2/CivH5n4F+
ERQTnX5zHIgmsnB1/neoxT+EXuJz6BymdErsBHqzhWlfca8cUTG6KLSNvJQbMiXx
N6iNqRyZl0UD665EFfHXh59nICyOGSsaVQM/zXrjX8+FUx9phrrCP+/oqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETRMKqCvpvnx6GN4ZaixXb0AZLSMB8GA1UdIwQY
MBaAFKTXO47fV+4XJ2lzSjXmsJjK4S/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5jN2p0OVg3aGNuYVhOS05lYXdtTXJoTF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zY2ExN2ItZmFkOS00OTA0LTgxZWEt
YzA4NTlkZDA5MjlmLzEvUk5Fd3FvSy1tLWZIb1kzaGxxTEZkdlFCa3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zY2ExN2ItZmFkOS00OTA0LTgxZWEtYzA4NTlkZDA5Mjlm
LzEvcE5jN2p0OVg3aGNuYVhOS05lYXdtTXJoTF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstRIMA0G
CSqGSIb3DQEBCwUAA4IBAQBPqj6zlcFD2DCJlbtlnvYjg0iotmqojBDdbquXA2JE
4bMJdYEYQdx90I7X1CqLfYyOY6vlf3lNaMtT1IXtindMhkaQzklG1Saj3q/KY6I0
aumGr1EjJ3nWw7dm86emYKEcojBm/LQ4axr/0pxTp4fuSui27Dp0O94dOHJ5KAdY
jRbsffjsYyaEsGXSvnErygTQPUIbmGoyAdBraxSsv2D/3wRCjplYu6etyzIMOSer
ui14TeUHwdzBJySG54P1jUPhTS8bJ624mwhVmcM3FRYnfLS1kIbbOhTKoopsCUVq
+AZp0Cd5faHusuqoXsn2ffR68RXmOKUryKj2CpzaCimb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:46 2024 by rpki-client on console-ams.rpki-client.org