Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QqMKgIp8UdbJm8hiPVrb1NkeqjE.roa
File:                     QqMKgIp8UdbJm8hiPVrb1NkeqjE.roa (raw, json)
Hash identifier:          cu1DQDBbEg2leKSaXWMaffu6vJ0EVlwbO1Mpb1ouFUw=
Subject key identifier:   42:A3:0A:80:8A:7C:51:D6:C9:9B:C8:62:3D:5A:DB:D4:D9:1E:AA:31
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       08C7F033
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QqMKgIp8UdbJm8hiPVrb1NkeqjE.roa
Signing time:             Thu 10 Mar 2022 20:46:40 +0000
ROA not before:           Thu 10 Mar 2022 20:46:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        89.19.35.0/24 maxlen: 25

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147320883 (0x8c7f033)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Mar 10 20:46:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=42a30a808a7c51d6c99bc8623d5adbd4d91eaa31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:58:06:bf:5f:b7:fa:94:a5:4f:94:9d:f9:96:
                    bd:50:1b:4e:5b:ae:66:14:4e:21:88:1c:b9:14:45:
                    98:eb:e4:46:39:21:93:95:af:31:bd:e0:f2:0d:eb:
                    00:d0:2a:92:f6:21:80:05:5a:99:16:f5:f3:5a:72:
                    00:62:66:ca:b1:2c:2b:32:c6:eb:fb:cf:2e:f6:e7:
                    7d:fc:60:22:43:50:62:e2:0c:19:57:7b:f1:1e:2c:
                    55:ab:7f:7c:21:e1:c2:33:e2:eb:9f:49:2e:d3:ed:
                    61:89:f3:44:50:ab:25:7b:6d:a9:a3:31:6b:3a:3a:
                    18:a2:14:af:cf:c3:fc:ca:cc:65:0e:41:ce:c9:1e:
                    57:24:18:6b:81:56:ba:7b:be:47:c0:29:f0:3f:23:
                    9d:55:9b:40:7b:08:6e:ed:96:ba:96:8c:8e:8d:0a:
                    a6:de:68:c4:dc:f1:99:eb:68:1b:73:c9:f1:4f:2c:
                    0b:eb:63:f2:94:6a:12:ff:8d:a2:61:e5:da:de:79:
                    63:be:70:4c:ba:9d:56:db:e9:39:fd:0b:fe:08:fa:
                    c8:79:8e:24:0e:b9:00:3d:21:75:6c:c0:3d:c1:1b:
                    d9:bf:71:42:3b:48:a7:80:c5:7a:79:f0:07:f0:3c:
                    76:f9:00:4c:06:cb:f3:cc:dd:5c:62:39:37:ef:4b:
                    48:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A3:0A:80:8A:7C:51:D6:C9:9B:C8:62:3D:5A:DB:D4:D9:1E:AA:31
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QqMKgIp8UdbJm8hiPVrb1NkeqjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:61:31:84:57:26:eb:12:d6:26:d3:ca:4e:05:5d:f4:9f:d6:
         b6:04:3b:01:06:75:d0:03:a5:8f:aa:7e:8a:b4:b7:28:91:63:
         30:93:fa:6d:dd:22:4d:85:3c:f2:b3:e1:11:cc:e0:49:38:df:
         89:7f:65:89:7f:57:5e:92:54:d0:71:86:4b:db:46:39:5e:80:
         9a:55:a0:6f:ec:5a:bc:5a:cd:7b:a6:c1:cc:6f:c5:80:97:ae:
         2f:22:ec:c7:37:34:ff:b6:1d:06:04:ef:27:c2:6e:23:58:a9:
         0f:78:d1:78:70:e0:50:c8:37:23:84:14:f8:06:e3:1d:e3:72:
         77:d3:fc:1d:b9:1c:c2:0f:1f:7f:9d:7a:6e:92:fb:f1:5d:7e:
         cd:00:e8:9d:32:4a:3a:dd:c1:95:b1:a6:d0:18:5d:8b:d3:d3:
         f4:02:29:2e:28:d5:68:5c:4a:86:f3:dd:9f:26:26:31:e7:a2:
         fd:c7:a0:ab:73:71:3b:d9:08:7c:d0:1c:df:96:5e:43:2b:d0:
         24:ce:b8:1b:b6:58:25:11:09:31:a0:2e:e0:14:77:e5:01:03:
         0c:ca:1f:f8:1a:67:9f:4d:73:7d:6e:45:bf:3d:c0:0e:cf:91:
         92:31:a8:20:e3:33:d3:28:06:c0:88:f1:02:59:10:49:fe:41:
         20:75:ae:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMfwMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjdkMmM5YWQzNmQ5Zjg4MWZhODFmZDQ3NTM4N2ZiODcwYjViNGZiMB4XDTIyMDMx
MDIwNDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDJhMzBhODA4YTdj
NTFkNmM5OWJjODYyM2Q1YWRiZDRkOTFlYWEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1YBr9ft/qUpU+UnfmWvVAbTluuZhROIYgcuRRFmOvkRjkh
k5WvMb3g8g3rANAqkvYhgAVamRb181pyAGJmyrEsKzLG6/vPLvbnffxgIkNQYuIM
GVd78R4sVat/fCHhwjPi659JLtPtYYnzRFCrJXttqaMxazo6GKIUr8/D/MrMZQ5B
zskeVyQYa4FWunu+R8Ap8D8jnVWbQHsIbu2WupaMjo0Kpt5oxNzxmetoG3PJ8U8s
C+tj8pRqEv+NomHl2t55Y75wTLqdVtvpOf0L/gj6yHmOJA65AD0hdWzAPcEb2b9x
QjtIp4DFennwB/A8dvkATAbL88zdXGI5N+9LSHMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCowqAinxR1smbyGI9WtvU2R6qMTAfBgNVHSMEGDAWgBRLfSya022fiB+o
H9R1OH+4cLW0+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MzMHNtdE50bjRnZnFCX1VkVGhfdUhDMXRQcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8x
L1FxTUtnSXA4VWRiSm04aGlQVnJiMU5rZXFqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8xL1MzMHNtdE50bjRn
ZnFCX1VkVGhfdUhDMXRQcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkTIzANBgkqhkiG9w0BAQsFAAOC
AQEADGExhFcm6xLWJtPKTgVd9J/WtgQ7AQZ10AOlj6p+irS3KJFjMJP6bd0iTYU8
8rPhEczgSTjfiX9liX9XXpJU0HGGS9tGOV6AmlWgb+xavFrNe6bBzG/FgJeuLyLs
xzc0/7YdBgTvJ8JuI1ipD3jReHDgUMg3I4QU+AbjHeNyd9P8Hbkcwg8ff516bpL7
8V1+zQDonTJKOt3BlbGm0Bhdi9PT9AIpLijVaFxKhvPdnyYmMeei/cegq3NxO9kI
fNAc35ZeQyvQJM64G7ZYJREJMaAu4BR35QEDDMof+Bpnn01zfW5Fvz3ADs+RkjGo
IOMz0ygGwIjxAlkQSf5BIHWu2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org