Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/8q8vINCYgtZHW85PFhPe4mryU6E.roa
File:                     8q8vINCYgtZHW85PFhPe4mryU6E.roa (raw, json)
Hash identifier:          DRinxswRiGFy4xISkHDoqAQjtOFdcWthddR5G2/kTZU=
Subject key identifier:   F2:AF:2F:20:D0:98:82:D6:47:5B:CE:4F:16:13:DE:E2:6A:F2:53:A1
Certificate issuer:       /CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
Certificate serial:       018570950FFAFDB12E378C10B29DE0E088C9
Authority key identifier: D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/8q8vINCYgtZHW85PFhPe4mryU6E.roa
Signing time:             Mon 02 Jan 2023 03:44:55 +0000
ROA not before:           Mon 02 Jan 2023 03:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56762
IP address blocks:        2001:67c:81c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:95:0f:fa:fd:b1:2e:37:8c:10:b2:9d:e0:e0:88:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
        Validity
            Not Before: Jan  2 03:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2af2f20d09882d6475bce4f1613dee26af253a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c8:3a:cf:c3:ff:44:34:fc:b1:fe:dd:ed:22:
                    05:8a:73:62:0c:36:2f:86:84:43:27:8e:49:1b:ab:
                    d5:9c:34:9e:21:e4:5a:6b:0b:df:80:4c:38:81:c1:
                    28:97:ff:9e:9f:df:24:f9:dd:e4:b5:c7:e6:86:b1:
                    8d:6b:ed:e8:8b:bb:b8:12:4b:ab:a2:7e:a1:97:c6:
                    bf:9e:c2:01:23:23:a3:3d:86:41:62:48:54:0c:90:
                    c7:26:f2:c2:28:76:48:67:d3:9a:ca:bd:23:3e:3d:
                    2b:fe:44:fc:cf:73:07:af:c5:36:b7:77:b7:49:5f:
                    b4:ca:68:11:89:5b:96:74:db:1d:52:c4:62:4f:23:
                    ec:a5:b1:c9:9d:97:6f:ef:1f:a6:cb:e9:6f:d6:f3:
                    ec:c8:1f:23:06:eb:32:b2:07:ae:21:88:21:72:e0:
                    2d:86:56:d9:7a:4e:f5:79:4b:d3:dc:25:75:5b:1b:
                    05:4f:ff:59:f5:32:8c:69:b6:89:7a:b2:3e:75:1a:
                    61:53:a0:c3:85:28:77:5d:75:65:50:13:fa:61:4e:
                    2e:0c:64:10:25:38:8e:11:5b:d2:15:74:7f:31:3b:
                    ef:84:45:8b:39:a9:ee:15:38:72:29:4e:9e:22:e8:
                    54:7c:c9:75:63:f5:6c:d6:de:fc:56:f4:ce:78:a4:
                    29:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:AF:2F:20:D0:98:82:D6:47:5B:CE:4F:16:13:DE:E2:6A:F2:53:A1
            X509v3 Authority Key Identifier:
                keyid:D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/8q8vINCYgtZHW85PFhPe4mryU6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/10deyw9oClbSD1gbvc5SHPt-tG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:81c::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:17:88:53:40:c1:23:ad:3c:1b:7f:48:87:75:2c:19:03:e6:
         c3:3c:22:2b:d4:f6:96:db:81:e1:17:0f:c4:75:05:f7:1f:1e:
         ea:d2:55:a7:bc:03:01:ae:ad:39:dd:af:c3:65:3f:f4:6c:64:
         e0:d6:51:e4:2b:96:d0:15:25:84:c3:fd:16:36:70:95:38:a0:
         87:c4:91:7e:04:ff:cd:fd:81:17:1b:61:5a:c8:15:72:55:fc:
         f8:f0:25:8c:a6:1c:a2:f6:bf:43:5e:76:9b:4e:f4:e7:34:91:
         7d:ee:9c:e6:ec:fe:c6:ed:ff:03:9f:0e:b3:5d:28:95:b6:19:
         57:b1:57:91:2c:24:4f:5b:94:9a:1d:3d:d3:21:17:b9:70:a0:
         80:6d:af:d7:27:5d:91:9f:80:12:dd:fc:5f:9b:9b:86:a4:fe:
         bf:16:83:d5:da:4f:3f:58:33:28:99:1d:0c:e6:a6:2f:16:53:
         74:4e:2b:be:73:ca:25:0b:71:b6:d1:30:9b:1a:49:bc:96:22:
         00:8f:f9:8c:b7:32:a6:af:e6:65:bf:63:d3:73:0b:00:da:91:
         06:a2:f0:d9:02:f0:fd:f3:26:fe:bf:8f:09:f3:10:46:ce:fb:
         f5:76:d0:05:68:d3:b0:d8:ad:e1:3b:ba:0f:60:df:23:76:09:
         25:bb:ca:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwlQ/6/bEuN4wQsp3g4IjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDc1ZWNiMGY2ODBhNTZkMjBmNTgxYmJkY2U1MjFjZmI3
ZWI0NmQwHhcNMjMwMTAyMDM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFmMmYyMGQwOTg4MmQ2NDc1YmNlNGYxNjEzZGVlMjZhZjI1M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcg6z8P/RDT8sf7d7SIFinNiDDYv
hoRDJ45JG6vVnDSeIeRaawvfgEw4gcEol/+en98k+d3ktcfmhrGNa+3oi7u4Ekur
on6hl8a/nsIBIyOjPYZBYkhUDJDHJvLCKHZIZ9Oayr0jPj0r/kT8z3MHr8U2t3e3
SV+0ymgRiVuWdNsdUsRiTyPspbHJnZdv7x+my+lv1vPsyB8jBusysgeuIYghcuAt
hlbZek71eUvT3CV1WxsFT/9Z9TKMabaJerI+dRphU6DDhSh3XXVlUBP6YU4uDGQQ
JTiOEVvSFXR/MTvvhEWLOanuFThyKU6eIuhUfMl1Y/Vs1t78VvTOeKQpbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPKvLyDQmILWR1vOTxYT3uJq8lOhMB8GA1UdIwQY
MBaAFNdHXssPaApW0g9YG73OUhz7frRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEt
YmJmMmUzNzQzOGQ1LzEvOHE4dklOQ1lndFpIVzg1UEZoUGU0bXJ5VTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEtYmJmMmUzNzQzOGQ1
LzEvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgc
MA0GCSqGSIb3DQEBCwUAA4IBAQBbF4hTQMEjrTwbf0iHdSwZA+bDPCIr1PaW24Hh
Fw/EdQX3Hx7q0lWnvAMBrq053a/DZT/0bGTg1lHkK5bQFSWEw/0WNnCVOKCHxJF+
BP/N/YEXG2FayBVyVfz48CWMphyi9r9DXnabTvTnNJF97pzm7P7G7f8Dnw6zXSiV
thlXsVeRLCRPW5SaHT3TIRe5cKCAba/XJ12Rn4AS3fxfm5uGpP6/FoPV2k8/WDMo
mR0M5qYvFlN0Tiu+c8olC3G20TCbGkm8liIAj/mMtzKmr+Zlv2PTcwsA2pEGovDZ
AvD98yb+v48J8xBGzvv1dtAFaNOw2K3hO7oPYN8jdgklu8oP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:40 2024 by rpki-client on console-ams.rpki-client.org