Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/qBXLNx6F557Aa2WcOAJWU6cQ7aE.roa
File:                     qBXLNx6F557Aa2WcOAJWU6cQ7aE.roa (raw, json)
Hash identifier:          YSpC22DsB3XGZsdi+QBnwKw079QIsSSBJliiXhj/OaM=
Subject key identifier:   A8:15:CB:37:1E:85:E7:9E:C0:6B:65:9C:38:02:56:53:A7:10:ED:A1
Certificate issuer:       /CN=9a9c7c1db517475dfc58e3c5a954e3565d4d9174
Certificate serial:       0186C0116595DA6B08AC6E0A6AAFF779F85F
Authority key identifier: 9A:9C:7C:1D:B5:17:47:5D:FC:58:E3:C5:A9:54:E3:56:5D:4D:91:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mpx8HbUXR138WOPFqVTjVl1NkXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/qBXLNx6F557Aa2WcOAJWU6cQ7aE.roa
Signing time:             Wed 08 Mar 2023 07:13:30 +0000
ROA not before:           Wed 08 Mar 2023 07:13:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207075
IP address blocks:        2a07:8d40::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c0:11:65:95:da:6b:08:ac:6e:0a:6a:af:f7:79:f8:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a9c7c1db517475dfc58e3c5a954e3565d4d9174
        Validity
            Not Before: Mar  8 07:13:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a815cb371e85e79ec06b659c38025653a710eda1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:da:e0:53:be:a0:71:e1:a9:4f:7c:2a:e0:1d:
                    0d:f6:5e:86:6d:43:7a:e7:93:69:63:58:b2:db:61:
                    f1:97:7f:af:7d:78:d9:53:f5:de:22:8c:9f:d9:f2:
                    7d:0e:2a:62:2c:73:2c:6b:b3:d9:76:e1:da:68:20:
                    7a:f1:53:06:e2:74:16:fb:37:aa:7e:d8:33:5e:0a:
                    e9:0a:0b:5d:ef:16:52:54:b5:5b:68:3d:28:e0:b6:
                    b4:06:54:d2:04:63:d0:84:01:b7:96:96:32:99:c3:
                    cf:a0:62:3c:bd:89:52:60:52:60:47:ce:ba:65:64:
                    26:36:94:a3:18:0c:25:e9:02:4f:62:43:70:cc:b4:
                    28:3e:6f:ad:16:c2:3a:4e:a1:73:e4:23:b7:84:b8:
                    bd:7d:1e:ed:01:94:f7:2a:d4:d1:43:c7:92:46:aa:
                    08:01:ff:67:51:3e:df:5b:8d:88:43:bc:f9:90:bf:
                    56:92:c4:2e:31:5b:fa:71:ce:b0:8b:94:a3:c5:c5:
                    b7:ef:10:a8:6e:48:a8:00:e5:10:33:f3:35:77:87:
                    b2:31:83:99:4d:d8:73:06:07:34:85:cf:f7:70:df:
                    2e:42:fd:08:78:c3:34:c9:f9:f2:ed:8e:a1:fc:bb:
                    cd:a7:92:9e:2f:9e:7c:7b:8c:8a:03:4a:b1:0c:d8:
                    cc:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:15:CB:37:1E:85:E7:9E:C0:6B:65:9C:38:02:56:53:A7:10:ED:A1
            X509v3 Authority Key Identifier:
                keyid:9A:9C:7C:1D:B5:17:47:5D:FC:58:E3:C5:A9:54:E3:56:5D:4D:91:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpx8HbUXR138WOPFqVTjVl1NkXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/qBXLNx6F557Aa2WcOAJWU6cQ7aE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/mpx8HbUXR138WOPFqVTjVl1NkXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:8d40::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:2c:8b:b5:99:75:7e:c3:cf:21:7e:a3:f1:a7:5a:3d:04:ad:
         77:bf:31:48:5b:75:fe:f1:1c:3d:9b:13:4f:bc:6d:66:02:fd:
         36:c9:a6:d4:cc:33:65:b3:4f:2a:d9:fd:2c:52:de:c9:7e:79:
         5b:33:e7:77:4e:19:d3:5e:f1:b9:b3:a3:d4:e3:75:f0:cb:6e:
         6d:6c:c1:6c:2a:0c:d5:84:93:d5:d4:80:42:75:81:c0:20:ba:
         2b:6a:b2:30:b9:36:df:64:f5:4e:cf:fc:24:1b:dc:cf:b9:8c:
         76:94:4e:1b:c6:82:42:0c:c5:f2:d5:d8:87:fe:4e:82:ca:a4:
         ba:e0:19:0a:b8:37:6d:e8:77:29:fd:4e:8f:6d:a9:c8:a2:a9:
         c2:81:06:44:30:79:e6:a0:f8:5e:c9:06:cc:d0:7e:5f:d7:b4:
         27:3a:6d:90:8b:1a:e7:34:9f:24:05:cc:57:fc:0f:d3:d3:36:
         ac:fc:00:65:b5:66:df:1c:35:01:1e:9b:59:09:ed:2b:28:30:
         80:90:4c:dd:60:ca:93:aa:63:71:b7:41:d0:49:63:4c:4a:df:
         9a:99:38:91:7c:8c:56:c5:e7:5f:cf:35:3f:7a:de:7a:9d:f4:
         50:ad:37:a8:0f:39:7c:5a:d8:21:71:83:27:13:69:0d:f8:47:
         e8:00:38:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbAEWWV2msIrG4Kaq/3efhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOWM3YzFkYjUxNzQ3NWRmYzU4ZTNjNWE5NTRlMzU2NWQ0
ZDkxNzQwHhcNMjMwMzA4MDcxMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE1Y2IzNzFlODVlNzllYzA2YjY1OWMzODAyNTY1M2E3MTBlZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtrgU76gceGpT3wq4B0N9l6GbUN6
55NpY1iy22Hxl3+vfXjZU/XeIoyf2fJ9DipiLHMsa7PZduHaaCB68VMG4nQW+zeq
ftgzXgrpCgtd7xZSVLVbaD0o4La0BlTSBGPQhAG3lpYymcPPoGI8vYlSYFJgR866
ZWQmNpSjGAwl6QJPYkNwzLQoPm+tFsI6TqFz5CO3hLi9fR7tAZT3KtTRQ8eSRqoI
Af9nUT7fW42IQ7z5kL9WksQuMVv6cc6wi5SjxcW37xCobkioAOUQM/M1d4eyMYOZ
TdhzBgc0hc/3cN8uQv0IeMM0yfny7Y6h/LvNp5KeL558e4yKA0qxDNjMWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKgVyzceheeewGtlnDgCVlOnEO2hMB8GA1UdIwQY
MBaAFJqcfB21F0dd/FjjxalU41ZdTZF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXB4OEhiVVhSMTM4V09QRnFWVGpWbDFOa1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDE0OGItNDY4Ny00N2YwLWJlMDgt
M2RjODMxZDJlZDY3LzEvcUJYTE54NkY1NTdBYTJXY09BSldVNmNRN2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDE0OGItNDY4Ny00N2YwLWJlMDgtM2RjODMxZDJlZDY3
LzEvbXB4OEhiVVhSMTM4V09QRnFWVGpWbDFOa1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgeNQDAN
BgkqhkiG9w0BAQsFAAOCAQEADiyLtZl1fsPPIX6j8adaPQStd78xSFt1/vEcPZsT
T7xtZgL9Nsmm1MwzZbNPKtn9LFLeyX55WzPnd04Z017xubOj1ON18MtubWzBbCoM
1YST1dSAQnWBwCC6K2qyMLk232T1Ts/8JBvcz7mMdpROG8aCQgzF8tXYh/5Ogsqk
uuAZCrg3beh3Kf1Oj22pyKKpwoEGRDB55qD4XskGzNB+X9e0JzptkIsa5zSfJAXM
V/wP09M2rPwAZbVm3xw1AR6bWQntKygwgJBM3WDKk6pjcbdB0EljTErfmpk4kXyM
VsXnX881P3reep30UK03qA85fFrYIXGDJxNpDfhH6AA4Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:45 2024 by rpki-client on console-ams.rpki-client.org