Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/kRWyOvc63QPQ0TXDh2TsnhfRhGY.roa
File:                     kRWyOvc63QPQ0TXDh2TsnhfRhGY.roa (raw, json)
Hash identifier:          6lZbidOzrq5yq066N7Dlf9QUCYIxjBuJt87s/Wypyi4=
Subject key identifier:   91:15:B2:3A:F7:3A:DD:03:D0:D1:35:C3:87:64:EC:9E:17:D1:84:66
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       096B5F42
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/kRWyOvc63QPQ0TXDh2TsnhfRhGY.roa
Signing time:             Thu 28 Apr 2022 06:29:00 +0000
ROA not before:           Thu 28 Apr 2022 06:29:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205779
IP address blocks:        212.69.135.0/24 maxlen: 25

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158031682 (0x96b5f42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Apr 28 06:29:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9115b23af73add03d0d135c38764ec9e17d18466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:23:84:6c:04:84:3c:ed:c0:7a:58:a1:d2:3a:
                    74:13:0e:53:8c:55:28:0e:1a:bd:5a:04:fb:e8:e5:
                    da:ac:6d:f5:e8:4a:d0:1d:79:0d:dd:fd:20:d2:e8:
                    0f:2a:a4:20:0d:37:68:59:82:24:18:9c:f2:eb:35:
                    d5:80:ed:fe:f3:04:97:95:8f:0d:5e:2c:30:5d:e0:
                    b0:cf:42:c4:16:9a:af:ec:4c:3f:f1:dd:6b:24:8f:
                    36:a5:fb:dd:b7:54:9c:05:40:0d:bd:e3:94:92:b4:
                    c2:6a:af:75:6c:49:12:7c:d1:08:8f:1a:c0:6c:53:
                    55:75:59:48:ad:e7:69:2b:74:91:1e:47:b6:1f:55:
                    51:c0:00:97:d0:8f:e9:3e:32:c0:ab:78:68:23:f0:
                    be:58:dd:3b:09:ed:0c:43:d2:40:09:ae:d7:b7:22:
                    dd:c8:88:70:02:0f:26:7b:fd:2a:62:2c:37:2b:05:
                    be:c6:9c:ce:a2:12:b0:a4:53:98:f4:97:17:32:24:
                    e9:be:c8:19:01:e6:bb:20:f4:ca:71:b6:c3:99:30:
                    b5:3d:5c:8e:fb:88:2b:a1:17:6f:06:35:e1:a5:ce:
                    2a:2f:62:d3:7a:88:73:84:ba:14:c9:f3:70:0a:b7:
                    2b:dd:8c:65:42:9e:71:8d:6c:8d:f8:bc:cd:8f:34:
                    6a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:15:B2:3A:F7:3A:DD:03:D0:D1:35:C3:87:64:EC:9E:17:D1:84:66
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/kRWyOvc63QPQ0TXDh2TsnhfRhGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.69.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:c5:95:5d:c5:86:df:02:f7:56:ee:58:c6:40:f8:93:24:be:
         91:a6:a6:03:4a:96:8d:0b:24:a1:bd:20:ce:e9:f9:9f:ce:29:
         30:71:9e:a9:26:cf:c7:57:ff:cf:c8:fd:01:69:95:f2:ff:e6:
         8b:96:d5:30:9f:18:0b:5f:b4:5d:54:50:8d:38:80:13:5b:60:
         48:cc:30:39:02:e1:8f:bd:51:a7:74:de:c1:5c:2e:25:a8:a2:
         cd:70:2b:ca:ed:40:53:ea:5a:e8:91:f3:19:64:8d:b5:e8:54:
         f5:39:e8:a8:66:9d:46:7f:31:ef:f2:8f:0f:c4:80:30:3b:0b:
         ab:99:44:f0:43:96:89:f7:33:49:43:4b:ed:45:f2:82:a6:12:
         22:2a:69:30:97:61:92:4f:19:72:39:67:4b:8b:d2:fe:68:44:
         7c:27:d8:de:87:71:2a:d4:62:b7:25:f6:5a:19:b0:dd:46:ff:
         f1:34:72:42:0b:2b:51:c5:89:29:17:12:1a:dc:c0:70:d7:8f:
         a8:e1:82:0a:83:5f:79:4d:41:05:23:94:73:09:b6:7c:c8:60:
         27:b6:af:38:80:f4:0c:b1:3d:80:9c:fc:4d:50:8f:29:21:01:
         c6:d3:13:3b:be:40:5c:2b:ea:70:20:02:ba:08:23:c6:41:fe:
         32:d1:64:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECWtfQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjdkMmM5YWQzNmQ5Zjg4MWZhODFmZDQ3NTM4N2ZiODcwYjViNGZiMB4XDTIyMDQy
ODA2MjkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTExNWIyM2FmNzNh
ZGQwM2QwZDEzNWMzODc2NGVjOWUxN2QxODQ2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUjhGwEhDztwHpYodI6dBMOU4xVKA4avVoE++jl2qxt9ehK
0B15Dd39INLoDyqkIA03aFmCJBic8us11YDt/vMEl5WPDV4sMF3gsM9CxBaar+xM
P/HdaySPNqX73bdUnAVADb3jlJK0wmqvdWxJEnzRCI8awGxTVXVZSK3naSt0kR5H
th9VUcAAl9CP6T4ywKt4aCPwvljdOwntDEPSQAmu17ci3ciIcAIPJnv9KmIsNysF
vsaczqISsKRTmPSXFzIk6b7IGQHmuyD0ynG2w5kwtT1cjvuIK6EXbwY14aXOKi9i
03qIc4S6FMnzcAq3K92MZUKecY1sjfi8zY80auUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSRFbI69zrdA9DRNcOHZOyeF9GEZjAfBgNVHSMEGDAWgBRLfSya022fiB+o
H9R1OH+4cLW0+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MzMHNtdE50bjRnZnFCX1VkVGhfdUhDMXRQcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8x
L2tSV3lPdmM2M1FQUTBUWERoMlRzbmhmUmhHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8xL1MzMHNtdE50bjRn
ZnFCX1VkVGhfdUhDMXRQcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRFhzANBgkqhkiG9w0BAQsFAAOC
AQEAJsWVXcWG3wL3Vu5YxkD4kyS+kaamA0qWjQskob0gzun5n84pMHGeqSbPx1f/
z8j9AWmV8v/mi5bVMJ8YC1+0XVRQjTiAE1tgSMwwOQLhj71Rp3TewVwuJaiizXAr
yu1AU+pa6JHzGWSNtehU9TnoqGadRn8x7/KPD8SAMDsLq5lE8EOWifczSUNL7UXy
gqYSIippMJdhkk8ZcjlnS4vS/mhEfCfY3odxKtRityX2Whmw3Ub/8TRyQgsrUcWJ
KRcSGtzAcNePqOGCCoNfeU1BBSOUcwm2fMhgJ7avOID0DLE9gJz8TVCPKSEBxtMT
O75AXCvqcCACuggjxkH+MtFknA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org