Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa
File:                     0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa (raw, json)
Hash identifier:          lq7CiIc5aPQgnwh3zsqHYTZ3PO9YHHlD8OV9E7AF4xA=
Subject key identifier:   D1:CB:FA:A6:7A:2A:11:A2:F1:F9:73:97:11:D3:62:0F:62:B5:C8:5F
Certificate issuer:       /CN=77c51066d4f53dae10e69674dced3f032dd72efd
Certificate serial:       013875AE
Authority key identifier: 77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa
Signing time:             Sat 01 Jan 2022 11:02:08 +0000
ROA not before:           Sat 01 Jan 2022 11:02:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.138.166.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20477358 (0x13875ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77c51066d4f53dae10e69674dced3f032dd72efd
        Validity
            Not Before: Jan  1 11:02:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1cbfaa67a2a11a2f1f9739711d3620f62b5c85f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:35:a4:f1:72:15:5e:e8:ba:70:22:38:90:39:
                    6c:a2:a1:49:4a:6b:f9:bc:fa:dd:00:35:41:af:40:
                    46:d7:cd:dc:ea:68:69:05:79:f9:08:f9:74:da:9e:
                    b3:6b:16:86:6e:aa:07:ba:dd:e2:dc:04:7e:d0:eb:
                    cb:9b:f9:07:22:f2:e7:23:d5:43:3b:54:be:4f:ad:
                    3e:4e:43:b2:31:a2:13:b4:f7:39:d7:c4:1a:8c:9a:
                    82:f9:08:8c:d7:56:4a:c4:33:98:99:c3:3d:c5:93:
                    d8:46:46:b9:74:fb:50:c9:9c:40:c1:1e:df:28:db:
                    15:4e:f2:f2:b6:23:eb:09:92:33:f7:44:c6:63:54:
                    f3:7e:0d:a1:1d:db:27:35:ca:96:63:6e:1f:4a:0a:
                    52:46:c4:33:f1:43:37:ae:90:0d:25:cb:1a:cb:a7:
                    d3:ca:45:0f:19:a2:39:a7:3e:01:6f:cf:32:c5:0c:
                    db:be:45:ba:e5:9c:98:ad:c6:ca:30:62:03:40:c7:
                    f2:7b:0f:3e:bd:9f:3e:61:b1:cb:64:ca:4c:04:5b:
                    2e:78:f5:fa:7a:76:48:3b:9b:35:e2:ad:33:60:b2:
                    dc:8c:42:71:57:ef:80:06:c0:96:85:de:b1:bc:2f:
                    c2:f8:e2:ab:78:4f:65:4f:83:ea:c3:6a:5d:54:78:
                    8b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:CB:FA:A6:7A:2A:11:A2:F1:F9:73:97:11:D3:62:0F:62:B5:C8:5F
            X509v3 Authority Key Identifier:
                keyid:77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/0cv6pnoqEaLx-XOXEdNiD2K1yF8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.138.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:cd:ae:6c:4c:d5:cf:93:ae:99:73:71:71:eb:d7:c7:7d:01:
         e9:03:aa:2d:81:76:b3:67:91:2f:ca:80:18:d6:57:4b:ec:bf:
         a9:29:c7:0f:50:b4:2e:17:ae:24:85:7d:ff:2c:11:bc:c1:08:
         ea:a1:2a:b1:bd:97:08:41:30:cd:b2:de:a0:9e:2e:4b:da:0d:
         87:1f:64:ad:55:f1:60:f5:07:2f:c9:33:5b:66:74:c1:97:76:
         6b:2f:f8:13:4f:8d:5a:4e:3f:fe:ab:4f:4f:f0:2c:62:69:80:
         88:35:53:41:2b:fc:13:20:60:08:48:30:b0:46:fd:72:85:c9:
         b6:6b:fe:04:c7:27:ec:37:a4:32:a3:15:de:7d:b8:80:32:29:
         20:07:e3:d6:28:65:ed:7d:a7:8f:c9:00:4c:6f:30:5c:55:f1:
         4e:7f:6e:ed:be:50:21:4a:cb:02:60:a9:3f:29:b3:88:f4:6c:
         a2:57:59:39:6b:44:ef:97:d3:6d:72:9a:70:b2:aa:05:f5:fe:
         f6:e8:43:96:87:82:1d:c3:7a:40:e2:28:af:a5:53:9d:20:ed:
         66:b1:a3:b2:c9:90:06:04:4e:a7:8c:aa:ee:fc:6b:43:5d:80:
         69:b0:ce:3b:e9:7f:43:50:c2:63:32:ee:ce:65:02:fd:38:90:
         61:ce:2b:6e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATh1rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2M1MTA2NmQ0ZjUzZGFlMTBlNjk2NzRkY2VkM2YwMzJkZDcyZWZkMB4XDTIyMDEw
MTExMDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFjYmZhYTY3YTJh
MTFhMmYxZjk3Mzk3MTFkMzYyMGY2MmI1Yzg1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL41pPFyFV7ounAiOJA5bKKhSUpr+bz63QA1Qa9ARtfN3Opo
aQV5+Qj5dNqes2sWhm6qB7rd4twEftDry5v5ByLy5yPVQztUvk+tPk5DsjGiE7T3
OdfEGoyagvkIjNdWSsQzmJnDPcWT2EZGuXT7UMmcQMEe3yjbFU7y8rYj6wmSM/dE
xmNU834NoR3bJzXKlmNuH0oKUkbEM/FDN66QDSXLGsun08pFDxmiOac+AW/PMsUM
275FuuWcmK3GyjBiA0DH8nsPPr2fPmGxy2TKTARbLnj1+np2SDubNeKtM2Cy3IxC
cVfvgAbAloXesbwvwvjiq3hPZU+D6sNqXVR4i8UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRy/qmeioRovH5c5cR02IPYrXIXzAfBgNVHSMEGDAWgBR3xRBm1PU9rhDm
lnTc7T8DLdcu/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q4VVFadFQxUGE0UTVwWjAzTzBfQXkzWEx2MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNTNhMDNlLTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8x
LzBjdjZwbm9xRWFMeC1YT1hFZE5pRDJLMXlGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NTNhMDNlLTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8xL2Q4VVFadFQxUGE0
UTVwWjAzTzBfQXkzWEx2MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmKpjANBgkqhkiG9w0BAQsFAAOC
AQEAYc2ubEzVz5OumXNxcevXx30B6QOqLYF2s2eRL8qAGNZXS+y/qSnHD1C0Lheu
JIV9/ywRvMEI6qEqsb2XCEEwzbLeoJ4uS9oNhx9krVXxYPUHL8kzW2Z0wZd2ay/4
E0+NWk4//qtPT/AsYmmAiDVTQSv8EyBgCEgwsEb9coXJtmv+BMcn7DekMqMV3n24
gDIpIAfj1ihl7X2nj8kATG8wXFXxTn9u7b5QIUrLAmCpPymziPRsoldZOWtE75fT
bXKacLKqBfX+9uhDloeCHcN6QOIor6VTnSDtZrGjssmQBgROp4yq7vxrQ12AabDO
O+l/Q1DCYzLuzmUC/TiQYc4rbg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:51 2023 by rpki-client on console-ams.rpki-client.org