Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1e7aa3-6add-4f3e-a615-945b267ba502/1/XdkzG9-fFEsJcWvlMHz3qL68UYQ.roa
File:                     XdkzG9-fFEsJcWvlMHz3qL68UYQ.roa (raw, json)
Hash identifier:          NqJeWgwvK0fUCl/UgNVeyEfYN8Sr63HiA0pZJY7SnrE=
Subject key identifier:   5D:D9:33:1B:DF:9F:14:4B:09:71:6B:E5:30:7C:F7:A8:BE:BC:51:84
Certificate issuer:       /CN=5fb30f54909eff6d2dbe190b77ccd78bead1e9dd
Certificate serial:       BAFF98
Authority key identifier: 5F:B3:0F:54:90:9E:FF:6D:2D:BE:19:0B:77:CC:D7:8B:EA:D1:E9:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7MPVJCe_20tvhkLd8zXi-rR6d0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/1e7aa3-6add-4f3e-a615-945b267ba502/1/XdkzG9-fFEsJcWvlMHz3qL68UYQ.roa
Signing time:             Sat 01 Jan 2022 06:57:27 +0000
ROA not before:           Sat 01 Jan 2022 06:57:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        217.119.142.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12255128 (0xbaff98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb30f54909eff6d2dbe190b77ccd78bead1e9dd
        Validity
            Not Before: Jan  1 06:57:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5dd9331bdf9f144b09716be5307cf7a8bebc5184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e6:a5:97:16:87:27:61:e2:71:4f:05:1b:ea:
                    0c:7d:76:ec:a4:aa:50:c3:1b:40:f0:f7:bf:b9:05:
                    ba:1c:5a:ba:fd:db:a7:69:07:58:d6:45:0b:6f:a1:
                    f2:e6:cf:e2:de:1c:49:ea:3c:bc:95:7b:bc:75:31:
                    d4:23:31:a4:54:6a:33:4d:b2:73:ff:f9:ba:ee:bd:
                    f4:70:40:ae:21:01:ce:e9:68:fc:0f:c7:e0:19:a1:
                    07:a7:f6:4e:d7:e3:50:d8:b7:8f:7b:46:02:03:57:
                    b8:40:dc:02:e3:d2:c5:c7:21:93:35:ca:b5:eb:14:
                    f8:11:ec:e4:58:b0:99:5d:43:9d:d2:0e:d1:b4:d2:
                    4a:0e:1c:eb:21:ce:ef:26:0e:9d:70:65:6d:a3:e7:
                    eb:7c:c7:30:ac:8c:68:8c:0c:64:6c:11:ae:d8:81:
                    8f:62:47:92:73:1b:33:66:06:41:f4:22:70:12:e5:
                    f3:bb:5d:05:2e:03:32:98:09:f6:5d:f0:b1:ad:c3:
                    8c:6e:65:7a:cb:c3:a6:82:9f:f9:fa:d1:ee:73:6d:
                    aa:fd:72:74:1b:ab:4f:88:32:27:81:5f:4d:e7:da:
                    8d:75:73:8a:62:7f:d7:ee:c4:e1:8d:7f:be:11:d8:
                    11:62:8b:6c:0e:bd:26:a6:35:ec:4e:6c:76:60:6f:
                    34:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D9:33:1B:DF:9F:14:4B:09:71:6B:E5:30:7C:F7:A8:BE:BC:51:84
            X509v3 Authority Key Identifier:
                keyid:5F:B3:0F:54:90:9E:FF:6D:2D:BE:19:0B:77:CC:D7:8B:EA:D1:E9:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7MPVJCe_20tvhkLd8zXi-rR6d0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1e7aa3-6add-4f3e-a615-945b267ba502/1/XdkzG9-fFEsJcWvlMHz3qL68UYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1e7aa3-6add-4f3e-a615-945b267ba502/1/X7MPVJCe_20tvhkLd8zXi-rR6d0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.119.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:a2:15:b2:5c:a6:11:ab:bb:36:81:28:71:68:3d:09:f4:06:
         bc:ea:cd:bb:63:e3:92:ba:a9:0d:32:77:c5:df:a0:dc:5f:3b:
         1b:9a:5e:85:86:6c:69:13:43:61:fe:b0:0d:f4:1e:e6:5c:97:
         5c:fd:db:8c:f8:be:47:a7:9b:3e:a0:fb:d4:79:f3:20:ae:78:
         a5:fc:a8:96:19:44:5b:d7:d1:99:6f:6b:63:9a:ed:b8:d5:f4:
         86:52:36:bd:55:59:1f:71:a5:5a:09:e0:e6:9d:96:fa:50:a5:
         63:c5:ff:35:5b:61:47:7d:79:2f:95:97:f2:34:6b:93:01:73:
         62:5c:73:98:38:35:fa:e9:00:f5:9c:59:29:b2:d7:d7:e5:d9:
         65:e1:95:a6:13:af:e8:f6:b1:5d:2c:fd:88:f0:4f:c0:ab:f3:
         1d:d3:20:fd:40:4b:72:c8:4e:8c:7d:cc:e0:cc:f6:2d:b2:a4:
         1c:cb:d1:23:af:be:de:be:19:26:3a:1e:1b:12:2c:95:09:76:
         ed:f7:1a:b0:0d:4a:21:49:d1:fb:ae:76:49:47:11:f0:e9:a7:
         06:3d:57:91:6f:42:36:d4:9f:a5:22:a6:28:8b:8a:e2:3d:06:
         b4:95:67:a4:8a:22:c1:d9:f6:99:1a:98:b4:82:be:01:06:d5:
         a8:13:6d:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALr/mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZmIzMGY1NDkwOWVmZjZkMmRiZTE5MGI3N2NjZDc4YmVhZDFlOWRkMB4XDTIyMDEw
MTA2NTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRkOTMzMWJkZjlm
MTQ0YjA5NzE2YmU1MzA3Y2Y3YThiZWJjNTE4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLmpZcWhydh4nFPBRvqDH127KSqUMMbQPD3v7kFuhxauv3b
p2kHWNZFC2+h8ubP4t4cSeo8vJV7vHUx1CMxpFRqM02yc//5uu699HBAriEBzulo
/A/H4BmhB6f2TtfjUNi3j3tGAgNXuEDcAuPSxcchkzXKtesU+BHs5FiwmV1DndIO
0bTSSg4c6yHO7yYOnXBlbaPn63zHMKyMaIwMZGwRrtiBj2JHknMbM2YGQfQicBLl
87tdBS4DMpgJ9l3wsa3DjG5lesvDpoKf+frR7nNtqv1ydBurT4gyJ4FfTefajXVz
imJ/1+7E4Y1/vhHYEWKLbA69JqY17E5sdmBvNAMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRd2TMb358USwlxa+UwfPeovrxRhDAfBgNVHSMEGDAWgBRfsw9UkJ7/bS2+
GQt3zNeL6tHp3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1g3TVBWSkNlXzIwdHZoa0xkOHpYaS1yUjZkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMWU3YWEzLTZhZGQtNGYzZS1hNjE1LTk0NWIyNjdiYTUwMi8x
L1hka3pHOS1mRkVzSmNXdmxNSHozcUw2OFVZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MWU3YWEzLTZhZGQtNGYzZS1hNjE1LTk0NWIyNjdiYTUwMi8xL1g3TVBWSkNlXzIw
dHZoa0xkOHpYaS1yUjZkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANl3jjANBgkqhkiG9w0BAQsFAAOC
AQEAVqIVslymEau7NoEocWg9CfQGvOrNu2PjkrqpDTJ3xd+g3F87G5pehYZsaRND
Yf6wDfQe5lyXXP3bjPi+R6ebPqD71HnzIK54pfyolhlEW9fRmW9rY5rtuNX0hlI2
vVVZH3GlWgng5p2W+lClY8X/NVthR315L5WX8jRrkwFzYlxzmDg1+ukA9ZxZKbLX
1+XZZeGVphOv6PaxXSz9iPBPwKvzHdMg/UBLcshOjH3M4Mz2LbKkHMvRI6++3r4Z
JjoeGxIslQl27fcasA1KIUnR+652SUcR8OmnBj1XkW9CNtSfpSKmKIuK4j0GtJVn
pIoiwdn2mRqYtIK+AQbVqBNt5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:26 2024 by rpki-client on console-ams.rpki-client.org