Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/MhbjaqTrEOz4PB0JtaXp6YZUHoM.roa
File:                     MhbjaqTrEOz4PB0JtaXp6YZUHoM.roa (raw, json)
Hash identifier:          ebaPs90msS+hgFcAxiZRsqiILZFCwrosToIO8A3EOTY=
Subject key identifier:   32:16:E3:6A:A4:EB:10:EC:F8:3C:1D:09:B5:A5:E9:E9:86:54:1E:83
Certificate issuer:       /CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
Certificate serial:       018419BB3865CF4D9C53CDC0A7166802241F
Authority key identifier: 1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/MhbjaqTrEOz4PB0JtaXp6YZUHoM.roa
Signing time:             Thu 27 Oct 2022 13:56:50 +0000
ROA not before:           Thu 27 Oct 2022 13:56:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        45.146.163.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:19:bb:38:65:cf:4d:9c:53:cd:c0:a7:16:68:02:24:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
        Validity
            Not Before: Oct 27 13:56:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3216e36aa4eb10ecf83c1d09b5a5e9e986541e83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:84:4d:52:1d:34:a2:ef:b8:66:e8:38:5a:42:
                    43:c9:c7:68:3f:65:42:e5:86:af:d0:e1:6a:2f:e7:
                    bf:ce:74:bb:6c:2a:25:1c:45:d7:4f:52:55:44:66:
                    9b:d9:72:fa:ac:ee:d2:d3:98:4f:a6:46:9c:35:08:
                    41:38:3d:6f:f8:7d:51:42:89:04:f9:52:c0:30:8d:
                    5e:26:17:47:c3:fe:88:f6:0b:cd:ad:9c:ab:24:0c:
                    9c:ca:85:cd:d1:65:90:9b:29:e8:b9:24:90:55:4e:
                    ce:6b:84:0d:27:ae:7e:d5:e8:7e:b3:f1:ac:12:62:
                    db:f0:eb:19:c9:fc:75:4a:15:2a:f4:bd:39:94:d9:
                    29:9f:a9:96:8f:bf:3b:02:8b:64:fb:98:ab:9f:5a:
                    50:63:97:bb:04:23:de:9b:7f:26:7c:40:9f:c8:c1:
                    4a:de:fc:cd:89:1a:a4:0b:d2:4d:62:23:2a:1e:c7:
                    15:62:80:a5:26:8c:fa:bf:1d:2a:a1:18:3c:08:e2:
                    c1:66:1f:c5:bc:b2:1e:64:b1:53:52:fa:e3:40:2d:
                    df:1c:55:51:0d:e3:53:23:8b:4b:a1:53:2b:99:c6:
                    cd:63:03:6a:bc:4f:b8:2e:56:f3:1a:16:cf:23:0d:
                    ee:1c:af:f0:ce:0b:5c:d7:78:19:04:57:84:a9:3e:
                    15:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:16:E3:6A:A4:EB:10:EC:F8:3C:1D:09:B5:A5:E9:E9:86:54:1E:83
            X509v3 Authority Key Identifier:
                keyid:1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/MhbjaqTrEOz4PB0JtaXp6YZUHoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HVrzriH5fsTsddUahaPhYu16ntc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:93:35:42:11:40:18:76:cb:5b:73:76:b7:00:41:92:b6:73:
         bd:45:f2:10:3a:84:16:72:f8:ba:0b:da:73:2a:3e:a6:44:bd:
         74:bb:8e:fc:ad:ff:af:84:a4:00:e1:32:43:3d:63:50:99:18:
         b9:2c:91:25:67:e1:ca:67:55:e2:a9:08:ff:ec:7b:0c:86:c2:
         03:e1:f1:95:70:09:b7:6e:4a:ac:91:83:ed:54:46:95:3a:ea:
         0f:78:8f:d5:da:46:b8:a8:3a:87:97:91:77:52:ba:71:86:d4:
         65:9b:53:63:a0:de:bd:67:a8:8d:03:84:1c:a0:4c:1e:33:19:
         67:96:af:65:fe:2f:be:62:9b:a1:b6:b5:61:e5:77:46:2e:ff:
         ce:92:b3:af:ff:4e:3a:f6:9d:08:a4:a4:8b:e6:c2:64:5e:9d:
         aa:5e:de:eb:48:02:37:1c:2e:7a:a8:e9:6a:29:6c:e3:49:05:
         4a:05:ee:af:37:95:fb:3d:eb:6a:cd:c1:a6:4d:c9:4c:fd:38:
         a2:88:9e:55:e2:7c:fa:3f:3f:e1:74:79:e8:af:60:58:bb:66:
         ad:aa:d7:cf:68:49:1c:0b:85:b3:2a:8a:28:d9:b3:2f:aa:6c:
         d0:dc:a4:96:9a:37:0b:73:b6:42:3f:d9:9d:b6:68:9a:44:4e:
         e9:be:6b:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZuzhlz02cU83ApxZoAiQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNWFmM2FlMjFmOTdlYzRlYzc1ZDUxYTg1YTNlMTYyZWQ3
YTllZDcwHhcNMjIxMDI3MTM1NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE2ZTM2YWE0ZWIxMGVjZjgzYzFkMDliNWE1ZTllOTg2NTQxZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4RNUh00ou+4Zug4WkJDycdoP2VC
5Yav0OFqL+e/znS7bColHEXXT1JVRGab2XL6rO7S05hPpkacNQhBOD1v+H1RQokE
+VLAMI1eJhdHw/6I9gvNrZyrJAycyoXN0WWQmynouSSQVU7Oa4QNJ65+1eh+s/Gs
EmLb8OsZyfx1ShUq9L05lNkpn6mWj787Aotk+5irn1pQY5e7BCPem38mfECfyMFK
3vzNiRqkC9JNYiMqHscVYoClJoz6vx0qoRg8COLBZh/FvLIeZLFTUvrjQC3fHFVR
DeNTI4tLoVMrmcbNYwNqvE+4LlbzGhbPIw3uHK/wzgtc13gZBFeEqT4VDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIW42qk6xDs+DwdCbWl6emGVB6DMB8GA1UdIwQY
MBaAFB1a864h+X7E7HXVGoWj4WLtep7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZyenJpSDVmc1RzZGRVYWhhUGhZdTE2bnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kMzRhY2YtM2E1Zi00NjRmLTk1ZWUt
OTA4YmJhMTJiMjFhLzEvTWhiamFxVHJFT3o0UEIwSnRhWHA2WVpVSG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kMzRhY2YtM2E1Zi00NjRmLTk1ZWUtOTA4YmJhMTJiMjFh
LzEvSFZyenJpSDVmc1RzZGRVYWhhUGhZdTE2bnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZKjMA0G
CSqGSIb3DQEBCwUAA4IBAQBekzVCEUAYdstbc3a3AEGStnO9RfIQOoQWcvi6C9pz
Kj6mRL10u478rf+vhKQA4TJDPWNQmRi5LJElZ+HKZ1XiqQj/7HsMhsID4fGVcAm3
bkqskYPtVEaVOuoPeI/V2ka4qDqHl5F3UrpxhtRlm1NjoN69Z6iNA4QcoEweMxln
lq9l/i++YpuhtrVh5XdGLv/OkrOv/0469p0IpKSL5sJkXp2qXt7rSAI3HC56qOlq
KWzjSQVKBe6vN5X7PetqzcGmTclM/TiiiJ5V4nz6Pz/hdHnor2BYu2atqtfPaEkc
C4WzKooo2bMvqmzQ3KSWmjcLc7ZCP9mdtmiaRE7pvmvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:30 2024 by rpki-client on console-ams.rpki-client.org