Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/NDPd3N7o7mDLxFrWntzojju4QRM.roa
File:                     NDPd3N7o7mDLxFrWntzojju4QRM.roa (raw, json)
Hash identifier:          JaIDXbJxPxd+IBunWZfl6Kn6CXdBEnB7R5G8gCzDHXc=
Subject key identifier:   34:33:DD:DC:DE:E8:EE:60:CB:C4:5A:D6:9E:DC:E8:8E:3B:B8:41:13
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       0181D54DBB0F1E01293AD0D810201949297F
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/NDPd3N7o7mDLxFrWntzojju4QRM.roa
Signing time:             Wed 06 Jul 2022 20:57:30 +0000
ROA not before:           Wed 06 Jul 2022 20:57:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        193.228.48.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d5:4d:bb:0f:1e:01:29:3a:d0:d8:10:20:19:49:29:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jul  6 20:57:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3433dddcdee8ee60cbc45ad69edce88e3bb84113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:85:f6:1d:78:0a:17:06:17:3c:b7:5b:68:14:
                    2a:10:e2:ff:82:c6:9e:15:93:11:ca:cf:6f:bf:b7:
                    02:3b:97:97:12:57:ed:ad:e9:96:fa:6b:ce:19:1a:
                    20:28:55:5a:56:02:20:59:69:a8:9d:fc:0e:ae:21:
                    1b:82:8d:d5:75:60:49:e6:02:35:ad:ab:ab:ce:36:
                    82:3c:cc:59:de:7c:af:79:bf:dc:18:3f:89:ca:32:
                    ef:cf:d3:bb:53:dd:c1:c3:e1:77:c0:aa:57:c4:9a:
                    21:2b:c3:e5:4f:bf:d1:55:6d:73:82:bb:d2:8c:6a:
                    98:ee:96:6e:68:4f:94:2d:4a:9c:53:56:1e:c1:a7:
                    cc:12:6a:c1:5b:aa:78:b4:a9:84:51:0e:5e:35:56:
                    4c:8c:b8:d2:50:93:6a:62:e1:28:ef:7d:07:4a:7f:
                    c0:80:47:82:4b:af:e1:66:af:4f:2d:61:f6:19:bd:
                    a7:29:e6:93:68:38:b8:52:70:b9:5a:2e:95:7a:01:
                    d6:97:d0:6e:4a:a3:d6:1b:5c:bc:4b:bd:ac:96:c5:
                    5f:78:2a:6b:c6:01:c0:3b:70:bf:b6:81:78:db:94:
                    0f:2d:88:5b:a9:0e:7c:90:6d:75:d4:08:d8:03:4e:
                    c4:30:7d:dc:17:13:53:01:d1:7b:08:e2:e8:96:90:
                    c1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:33:DD:DC:DE:E8:EE:60:CB:C4:5A:D6:9E:DC:E8:8E:3B:B8:41:13
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/NDPd3N7o7mDLxFrWntzojju4QRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.228.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:ba:3a:7e:36:0f:db:68:56:6f:53:89:71:b2:31:a9:88:31:
         1c:d3:e6:bd:ff:9f:a5:9d:cb:61:3a:d8:90:bf:09:82:d3:b3:
         35:d8:76:6b:ee:cd:56:f4:dd:8e:24:d3:cf:3a:7f:67:4d:8c:
         81:d2:30:11:ca:4b:7e:b9:be:e9:14:07:50:74:e1:51:f7:24:
         b9:88:b4:2c:66:b4:53:f5:36:f4:06:b3:45:fd:2a:3a:66:2f:
         22:42:48:ce:c1:7f:c8:a6:61:ee:92:2b:a0:bb:47:23:fb:58:
         5b:20:40:cb:91:f9:27:2b:aa:c2:b2:30:15:46:ce:6e:08:ca:
         3d:ac:43:f0:75:1f:81:60:08:8c:47:9e:05:dd:67:23:9e:d0:
         d0:95:13:a5:cd:89:78:ab:41:10:aa:36:7c:c0:ce:d8:9c:2a:
         fc:07:26:7c:b0:e4:00:60:cb:fb:77:40:b6:cd:ed:1e:91:5f:
         a8:51:97:42:e2:6e:2a:7b:86:15:ec:65:fa:ca:d2:67:70:b8:
         93:29:45:c1:8d:c1:cc:e1:17:e9:3b:5b:9d:53:db:98:12:6e:
         60:d8:18:a1:1c:42:72:81:fe:0d:c4:b9:f4:ed:cb:3b:3d:b4:
         c8:a1:fe:6b:56:36:0c:7c:42:a1:52:4e:b6:07:c1:71:c2:67:
         36:c0:b3:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHVTbsPHgEpOtDYECAZSSl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjIwNzA2MjA1NzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDMzZGRkY2RlZThlZTYwY2JjNDVhZDY5ZWRjZTg4ZTNiYjg0MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIX2HXgKFwYXPLdbaBQqEOL/gsae
FZMRys9vv7cCO5eXElftremW+mvOGRogKFVaVgIgWWmonfwOriEbgo3VdWBJ5gI1
raurzjaCPMxZ3nyveb/cGD+JyjLvz9O7U93Bw+F3wKpXxJohK8PlT7/RVW1zgrvS
jGqY7pZuaE+ULUqcU1YewafMEmrBW6p4tKmEUQ5eNVZMjLjSUJNqYuEo730HSn/A
gEeCS6/hZq9PLWH2Gb2nKeaTaDi4UnC5Wi6VegHWl9BuSqPWG1y8S72slsVfeCpr
xgHAO3C/toF425QPLYhbqQ58kG111AjYA07EMH3cFxNTAdF7COLolpDBdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQz3dze6O5gy8Ra1p7c6I47uEETMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvTkRQZDNON283bURMeEZyV250em9qanU0UVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCweQwMA0G
CSqGSIb3DQEBCwUAA4IBAQACujp+Ng/baFZvU4lxsjGpiDEc0+a9/5+lncthOtiQ
vwmC07M12HZr7s1W9N2OJNPPOn9nTYyB0jARykt+ub7pFAdQdOFR9yS5iLQsZrRT
9Tb0BrNF/So6Zi8iQkjOwX/IpmHukiugu0cj+1hbIEDLkfknK6rCsjAVRs5uCMo9
rEPwdR+BYAiMR54F3WcjntDQlROlzYl4q0EQqjZ8wM7YnCr8ByZ8sOQAYMv7d0C2
ze0ekV+oUZdC4m4qe4YV7GX6ytJncLiTKUXBjcHM4RfpO1udU9uYEm5g2BihHEJy
gf4NxLn07cs7PbTIof5rVjYMfEKhUk62B8Fxwmc2wLOO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org