Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/sMSVbBa59X0UOYfQMWKNBLeyzrU.roa
File:                     sMSVbBa59X0UOYfQMWKNBLeyzrU.roa (raw, json)
Hash identifier:          cgc6V768cjWjHvSWtCScRPrdQTMB0Z3U1Ft58OLCyA8=
Subject key identifier:   B0:C4:95:6C:16:B9:F5:7D:14:39:87:D0:31:62:8D:04:B7:B2:CE:B5
Certificate issuer:       /CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
Certificate serial:       01856F0B6E9F4C23EF336585CDAD2EE589CD
Authority key identifier: 4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/sMSVbBa59X0UOYfQMWKNBLeyzrU.roa
Signing time:             Sun 01 Jan 2023 20:34:58 +0000
ROA not before:           Sun 01 Jan 2023 20:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42335
IP address blocks:        45.95.54.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:6e:9f:4c:23:ef:33:65:85:cd:ad:2e:e5:89:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a7209f8b7ed4fa9bfb278880c29f98d6a96b63c
        Validity
            Not Before: Jan  1 20:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0c4956c16b9f57d143987d031628d04b7b2ceb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:3a:5f:49:a8:18:e2:38:a6:a4:55:1a:0a:1f:
                    f2:59:14:8a:d6:e9:f7:7e:2e:22:5f:4a:18:3e:a5:
                    2f:fc:d3:5c:c2:21:57:01:51:c8:98:1e:dc:f1:ea:
                    14:e3:5c:af:30:ce:e7:fb:f1:1d:b6:82:2d:30:91:
                    3c:a7:23:4a:de:b1:0d:7a:40:a5:e9:0c:17:7f:95:
                    0a:a6:8f:f6:ea:60:38:36:1a:f8:b8:e4:65:9a:a2:
                    df:6b:63:d4:78:7c:a4:f2:eb:66:d0:42:71:9a:5a:
                    21:52:aa:76:10:26:3e:b2:cb:67:e6:22:35:a9:08:
                    70:2d:fc:99:46:a0:39:a2:7c:4e:49:be:97:71:88:
                    06:d8:9c:24:a7:11:b7:51:e3:74:4e:b4:7a:fe:8c:
                    79:e3:2a:9d:98:ce:e1:ac:bd:14:62:40:70:8f:a8:
                    e0:0d:d7:bc:6b:43:75:f1:02:7b:89:dd:3e:67:f4:
                    a6:98:a6:68:41:67:f0:4c:24:32:e7:14:20:25:ea:
                    e7:20:7b:18:aa:31:32:8f:03:24:f0:f5:e4:5b:4b:
                    7d:8c:b0:7d:09:95:98:c5:44:59:c7:21:64:85:f1:
                    73:80:0f:1a:d0:4a:25:97:d7:8d:e9:7e:5c:c8:b0:
                    d4:22:77:b2:27:86:d4:80:17:ae:1d:3f:e4:1d:9f:
                    20:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C4:95:6C:16:B9:F5:7D:14:39:87:D0:31:62:8D:04:B7:B2:CE:B5
            X509v3 Authority Key Identifier:
                keyid:4A:72:09:F8:B7:ED:4F:A9:BF:B2:78:88:0C:29:F9:8D:6A:96:B6:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnIJ-LftT6m_sniIDCn5jWqWtjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/sMSVbBa59X0UOYfQMWKNBLeyzrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/46d595-9b69-48bd-bd01-c240c9afd149/1/SnIJ-LftT6m_sniIDCn5jWqWtjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:30:fa:30:d1:1f:0b:16:ba:10:6a:d4:ee:7b:5b:97:8c:33:
         c3:54:5b:e6:b6:17:10:c0:6e:71:5a:c4:9f:e0:72:ef:20:83:
         99:6a:9a:ca:56:72:b6:21:70:4a:95:2a:17:29:2c:63:28:78:
         30:8b:fa:17:38:b0:bc:0c:14:d8:36:2d:16:6e:e5:26:b8:bf:
         72:44:cd:c9:ec:cd:d7:40:aa:14:28:e4:2c:47:1b:35:b7:e9:
         19:4b:ea:1b:12:70:8d:a0:2b:e1:40:22:ae:35:cd:ff:22:32:
         ed:01:6b:41:13:3c:d8:f1:bb:13:fe:3b:63:bd:21:ed:f3:aa:
         30:1d:b1:cd:4b:ec:c8:c2:ed:4b:b7:68:e7:75:ee:29:a7:6e:
         39:19:b6:10:57:96:59:f0:ac:74:4a:68:4e:c5:33:96:f0:2c:
         f5:a6:c5:91:a4:ed:e0:0c:fa:7b:1d:f6:48:08:d8:92:c5:bb:
         e3:2f:fa:b2:fb:a3:ac:7c:ae:4f:72:95:09:b0:34:ac:57:ff:
         7b:0a:c8:4e:84:d6:94:4f:00:5a:54:76:ff:29:93:89:bf:e7:
         f7:40:85:31:af:a1:78:d2:17:df:23:2f:56:83:97:4f:00:7b:
         83:ec:3c:e3:ca:c9:9d:63:83:dd:de:ce:45:d9:ca:2f:31:46:
         c2:24:62:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC26fTCPvM2WFza0u5YnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzIwOWY4YjdlZDRmYTliZmIyNzg4ODBjMjlmOThkNmE5
NmI2M2MwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM0OTU2YzE2YjlmNTdkMTQzOTg3ZDAzMTYyOGQwNGI3YjJjZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijpfSagY4jimpFUaCh/yWRSK1un3
fi4iX0oYPqUv/NNcwiFXAVHImB7c8eoU41yvMM7n+/EdtoItMJE8pyNK3rENekCl
6QwXf5UKpo/26mA4Nhr4uORlmqLfa2PUeHyk8utm0EJxmlohUqp2ECY+sstn5iI1
qQhwLfyZRqA5onxOSb6XcYgG2JwkpxG3UeN0TrR6/ox54yqdmM7hrL0UYkBwj6jg
Dde8a0N18QJ7id0+Z/SmmKZoQWfwTCQy5xQgJernIHsYqjEyjwMk8PXkW0t9jLB9
CZWYxURZxyFkhfFzgA8a0Eoll9eN6X5cyLDUIneyJ4bUgBeuHT/kHZ8ghQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDElWwWufV9FDmH0DFijQS3ss61MB8GA1UdIwQY
MBaAFEpyCfi37U+pv7J4iAwp+Y1qlrY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25JSi1MZnRUNm1fc25pSURDbjVqV3FXdGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NmQ1OTUtOWI2OS00OGJkLWJkMDEt
YzI0MGM5YWZkMTQ5LzEvc01TVmJCYTU5WDBVT1lmUU1XS05CTGV5enJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80NmQ1OTUtOWI2OS00OGJkLWJkMDEtYzI0MGM5YWZkMTQ5
LzEvU25JSi1MZnRUNm1fc25pSURDbjVqV3FXdGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV82MA0G
CSqGSIb3DQEBCwUAA4IBAQCBMPow0R8LFroQatTue1uXjDPDVFvmthcQwG5xWsSf
4HLvIIOZaprKVnK2IXBKlSoXKSxjKHgwi/oXOLC8DBTYNi0WbuUmuL9yRM3J7M3X
QKoUKOQsRxs1t+kZS+obEnCNoCvhQCKuNc3/IjLtAWtBEzzY8bsT/jtjvSHt86ow
HbHNS+zIwu1Lt2jnde4pp245GbYQV5ZZ8Kx0SmhOxTOW8Cz1psWRpO3gDPp7HfZI
CNiSxbvjL/qy+6OsfK5PcpUJsDSsV/97CshOhNaUTwBaVHb/KZOJv+f3QIUxr6F4
0hffIy9Wg5dPAHuD7DzjysmdY4Pd3s5F2covMUbCJGJ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org