Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/cEZtosrgCwzMN7wc5QrdGCv3yiI.roa
File:                     cEZtosrgCwzMN7wc5QrdGCv3yiI.roa (raw, json)
Hash identifier:          iuLdnXTJfTkQ0iaOYBrrnuXgJmAvci4ChND6wxw7nNg=
Subject key identifier:   70:46:6D:A2:CA:E0:0B:0C:CC:37:BC:1C:E5:0A:DD:18:2B:F7:CA:22
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       01857094FF9CF95D7320E0BF9FA26272E131
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/cEZtosrgCwzMN7wc5QrdGCv3yiI.roa
Signing time:             Mon 02 Jan 2023 03:44:50 +0000
ROA not before:           Mon 02 Jan 2023 03:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35830
IP address blocks:        89.19.35.0/24 maxlen: 25

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:ff:9c:f9:5d:73:20:e0:bf:9f:a2:62:72:e1:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jan  2 03:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70466da2cae00b0ccc37bc1ce50add182bf7ca22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1b:a8:57:74:8a:ee:16:90:95:92:d1:d1:c4:
                    ab:05:47:a5:5d:55:cc:65:54:82:9e:ed:50:a9:25:
                    a9:f2:7a:a3:47:56:92:a2:00:44:ea:09:30:9a:ad:
                    ff:9e:33:b0:08:d3:f4:55:98:a0:c9:cc:4e:91:8b:
                    19:b3:7f:fe:21:62:5f:5a:a7:80:fd:c4:72:9d:07:
                    ab:56:89:3c:ac:a1:94:68:03:f5:60:f7:35:82:82:
                    f9:5b:90:fb:86:ff:8f:ea:75:c0:e3:24:da:3f:63:
                    03:04:d2:c8:a9:ea:54:55:95:2e:1f:e2:ef:d0:b0:
                    03:7b:4e:02:16:e2:2e:95:ba:65:40:79:db:0b:2f:
                    51:bc:5f:09:62:d7:c9:02:e9:38:49:9c:e2:9e:bd:
                    58:d6:b3:41:c8:3e:30:4b:e6:00:c5:ab:15:f7:f8:
                    fe:af:f0:63:82:d1:37:e2:24:74:ec:04:2f:66:5c:
                    24:49:a5:88:1e:c5:89:43:48:dc:42:98:4b:6d:66:
                    81:a2:9a:0f:78:d5:16:49:fd:33:42:4e:c4:43:f1:
                    ae:2b:a9:2b:f4:e9:f6:de:ca:85:37:e3:0b:02:9f:
                    99:80:a1:81:56:1a:1b:38:36:1f:37:5f:56:e6:4f:
                    d7:0e:1f:7f:52:02:e2:80:27:58:4f:e5:a8:b5:07:
                    f0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:46:6D:A2:CA:E0:0B:0C:CC:37:BC:1C:E5:0A:DD:18:2B:F7:CA:22
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/cEZtosrgCwzMN7wc5QrdGCv3yiI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:57:bc:1c:55:4d:06:20:22:ef:1a:15:fe:29:d0:f1:e0:d3:
         e1:2a:27:a8:01:db:cf:f6:0c:fe:b7:b3:a1:73:78:1b:5f:9e:
         45:19:f0:78:07:d9:4f:14:47:27:33:85:a7:4d:8f:8c:ed:a3:
         75:65:26:95:5b:3f:1c:e7:56:b5:ad:1c:53:f2:a7:69:70:c9:
         8d:80:6b:e2:d4:f3:b0:fa:e2:e4:9f:91:fd:80:67:c6:3a:e7:
         58:52:42:48:40:eb:f9:8e:8a:35:7b:5d:17:2a:c8:86:66:fb:
         4e:6c:ae:3d:4f:1e:cc:de:4c:18:86:d1:75:24:d1:d7:d8:9c:
         b2:b1:05:df:83:7e:45:03:24:b3:19:d8:f3:1c:f0:53:e6:98:
         a5:b5:70:24:9a:2f:e1:37:06:d2:41:1b:13:ea:a4:d1:93:a6:
         0a:15:9c:8f:76:78:16:af:ae:0d:bd:e3:1a:74:5a:01:34:ef:
         6c:90:bb:b8:00:ee:c5:2a:1e:29:33:41:df:5a:5a:5b:76:af:
         c4:85:13:34:bb:8d:14:a3:64:43:47:dc:48:7a:ac:40:ee:c5:
         32:e0:1c:62:69:d3:2b:14:f3:14:c7:ef:3e:61:f6:5d:89:fa:
         04:e2:f2:b9:5d:6c:43:b3:cf:90:c7:ea:f1:3a:af:d6:4c:fd:
         d9:68:97:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlP+c+V1zIOC/n6JicuExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjMwMTAyMDM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ2NmRhMmNhZTAwYjBjY2MzN2JjMWNlNTBhZGQxODJiZjdjYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxuoV3SK7haQlZLR0cSrBUelXVXM
ZVSCnu1QqSWp8nqjR1aSogBE6gkwmq3/njOwCNP0VZigycxOkYsZs3/+IWJfWqeA
/cRynQerVok8rKGUaAP1YPc1goL5W5D7hv+P6nXA4yTaP2MDBNLIqepUVZUuH+Lv
0LADe04CFuIulbplQHnbCy9RvF8JYtfJAuk4SZzinr1Y1rNByD4wS+YAxasV9/j+
r/BjgtE34iR07AQvZlwkSaWIHsWJQ0jcQphLbWaBopoPeNUWSf0zQk7EQ/GuK6kr
9On23sqFN+MLAp+ZgKGBVhobODYfN19W5k/XDh9/UgLigCdYT+WotQfwQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBGbaLK4AsMzDe8HOUK3Rgr98oiMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvY0VadG9zcmdDd3pNTjd3YzVRcmRHQ3YzeWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRMjMA0G
CSqGSIb3DQEBCwUAA4IBAQAYV7wcVU0GICLvGhX+KdDx4NPhKieoAdvP9gz+t7Oh
c3gbX55FGfB4B9lPFEcnM4WnTY+M7aN1ZSaVWz8c51a1rRxT8qdpcMmNgGvi1POw
+uLkn5H9gGfGOudYUkJIQOv5joo1e10XKsiGZvtObK49Tx7M3kwYhtF1JNHX2Jyy
sQXfg35FAySzGdjzHPBT5piltXAkmi/hNwbSQRsT6qTRk6YKFZyPdngWr64NveMa
dFoBNO9skLu4AO7FKh4pM0HfWlpbdq/EhRM0u40Uo2RDR9xIeqxA7sUy4BxiadMr
FPMUx+8+YfZdifoE4vK5XWxDs8+Qx+rxOq/WTP3ZaJfF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org