Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/tpQq2zZp56Qoq1F6RMPDovp4Ih4.roa
File:                     tpQq2zZp56Qoq1F6RMPDovp4Ih4.roa (raw, json)
Hash identifier:          JSeQLUq3EvWccPx6hddwuWraOjFc9lwoIj1a+L7OY/Q=
Subject key identifier:   B6:94:2A:DB:36:69:E7:A4:28:AB:51:7A:44:C3:C3:A2:FA:78:22:1E
Certificate issuer:       /CN=0f7290752730779e98f8ebe3287adf1b8a65b43f
Certificate serial:       01856CC153F52FB57E2E9F360C23BCA3023F
Authority key identifier: 0F:72:90:75:27:30:77:9E:98:F8:EB:E3:28:7A:DF:1B:8A:65:B4:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D3KQdScwd56Y-OvjKHrfG4pltD8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/tpQq2zZp56Qoq1F6RMPDovp4Ih4.roa
Signing time:             Sun 01 Jan 2023 09:54:47 +0000
ROA not before:           Sun 01 Jan 2023 09:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12843
IP address blocks:        2001:67c:1820::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:c1:53:f5:2f:b5:7e:2e:9f:36:0c:23:bc:a3:02:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f7290752730779e98f8ebe3287adf1b8a65b43f
        Validity
            Not Before: Jan  1 09:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6942adb3669e7a428ab517a44c3c3a2fa78221e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a0:f4:f2:4b:16:4e:f2:38:e0:39:7f:a6:39:
                    85:40:4c:d7:6f:23:b1:86:25:c2:42:90:5a:1f:6a:
                    fa:bf:5d:ed:a6:50:19:0a:29:ad:53:0b:42:8e:f8:
                    cf:4d:32:f2:8f:28:a2:55:2d:e3:1f:d1:20:c3:d4:
                    7b:cc:03:73:83:89:b1:2e:12:6c:d3:fd:13:cb:cb:
                    e0:46:85:e3:60:85:b0:90:ad:72:d8:3e:f1:f3:f2:
                    23:2d:e5:d1:3a:02:60:af:98:e7:65:cb:d5:a6:04:
                    da:50:ab:40:0c:b4:c8:9b:6b:91:5e:37:ac:e2:cf:
                    cd:8f:94:e2:a5:33:d5:95:43:1b:9b:c5:ff:da:90:
                    e7:99:69:bd:30:d4:df:6d:41:21:df:1e:71:0e:98:
                    73:97:62:79:00:6b:d2:e2:d9:60:45:a2:80:1a:82:
                    92:ea:7a:ea:ae:98:c3:10:d6:de:c2:68:02:51:90:
                    c0:90:ae:6a:63:2b:83:60:79:0d:1e:cd:a6:7e:f3:
                    8b:3f:4b:06:dc:46:75:d6:56:3d:3f:87:f3:5f:d7:
                    b5:e7:01:d5:e6:d3:aa:37:58:fb:74:a3:c2:a7:53:
                    b7:db:5b:91:a1:d9:f9:bc:01:ad:61:2e:96:18:7b:
                    26:16:a2:bf:36:17:ed:2f:cd:e5:47:7b:1a:34:b5:
                    92:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:94:2A:DB:36:69:E7:A4:28:AB:51:7A:44:C3:C3:A2:FA:78:22:1E
            X509v3 Authority Key Identifier:
                keyid:0F:72:90:75:27:30:77:9E:98:F8:EB:E3:28:7A:DF:1B:8A:65:B4:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3KQdScwd56Y-OvjKHrfG4pltD8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/tpQq2zZp56Qoq1F6RMPDovp4Ih4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/263082-4784-4cbc-a355-c41fae24bbb2/1/D3KQdScwd56Y-OvjKHrfG4pltD8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1820::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:e6:5e:86:5e:80:0a:58:53:75:82:c3:fd:44:c1:7e:70:8a:
         c5:e7:d6:1b:7a:a5:47:60:48:b9:49:80:fd:da:b3:e1:62:4a:
         9e:1f:f9:ec:1a:64:a8:b1:58:fa:93:74:f0:2e:5a:0f:96:27:
         6b:6e:85:dc:c5:08:0e:42:6d:ca:7c:5a:25:63:e9:99:a5:2d:
         38:cb:81:41:c1:48:dc:7b:be:9e:a0:e3:ba:a4:c1:d4:84:8f:
         c1:4a:8a:e7:20:2c:38:ba:31:c7:40:ad:d7:76:56:3f:fc:a3:
         b5:2d:4d:04:9c:a4:9b:3a:02:55:fa:5d:4a:e3:79:41:e4:40:
         c0:30:c0:85:2a:f8:a6:df:18:6a:e3:8d:73:41:49:fe:44:51:
         82:81:e1:f8:7f:77:fc:9b:4f:19:b4:a2:cb:83:10:51:36:d3:
         d4:10:dd:ef:c4:cf:f3:45:19:32:a2:69:31:0f:da:23:b3:5f:
         bd:58:9a:35:40:d8:fa:0f:a4:9a:68:bf:8a:72:f6:9e:82:f3:
         c5:f4:af:94:e8:f3:85:b1:6b:d0:b4:d2:2f:64:49:af:f6:3d:
         ce:50:0e:7e:1d:e7:62:38:7a:30:b5:fe:97:93:2a:d6:45:5d:
         8a:b8:97:7b:50:41:84:74:01:1a:60:5b:a8:30:32:e8:3b:91:
         52:9b:a4:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVswVP1L7V+Lp82DCO8owI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzI5MDc1MjczMDc3OWU5OGY4ZWJlMzI4N2FkZjFiOGE2
NWI0M2YwHhcNMjMwMTAxMDk1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjk0MmFkYjM2NjllN2E0MjhhYjUxN2E0NGMzYzNhMmZhNzgyMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqD08ksWTvI44Dl/pjmFQEzXbyOx
hiXCQpBaH2r6v13tplAZCimtUwtCjvjPTTLyjyiiVS3jH9Egw9R7zANzg4mxLhJs
0/0Ty8vgRoXjYIWwkK1y2D7x8/IjLeXROgJgr5jnZcvVpgTaUKtADLTIm2uRXjes
4s/Nj5TipTPVlUMbm8X/2pDnmWm9MNTfbUEh3x5xDphzl2J5AGvS4tlgRaKAGoKS
6nrqrpjDENbewmgCUZDAkK5qYyuDYHkNHs2mfvOLP0sG3EZ11lY9P4fzX9e15wHV
5tOqN1j7dKPCp1O321uRodn5vAGtYS6WGHsmFqK/NhftL83lR3saNLWSRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLaUKts2aeekKKtRekTDw6L6eCIeMB8GA1UdIwQY
MBaAFA9ykHUnMHeemPjr4yh63xuKZbQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNLUWRTY3dkNTZZLU92aktIcmZHNHBsdEQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yNjMwODItNDc4NC00Y2JjLWEzNTUt
YzQxZmFlMjRiYmIyLzEvdHBRcTJ6WnA1NlFvcTFGNlJNUERvdnA0SWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yNjMwODItNDc4NC00Y2JjLWEzNTUtYzQxZmFlMjRiYmIy
LzEvRDNLUWRTY3dkNTZZLU92aktIcmZHNHBsdEQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBy5l6GXoAKWFN1gsP9RMF+cIrF59YbeqVHYEi5
SYD92rPhYkqeH/nsGmSosVj6k3TwLloPlidrboXcxQgOQm3KfFolY+mZpS04y4FB
wUjce76eoOO6pMHUhI/BSornICw4ujHHQK3XdlY//KO1LU0EnKSbOgJV+l1K43lB
5EDAMMCFKvim3xhq441zQUn+RFGCgeH4f3f8m08ZtKLLgxBRNtPUEN3vxM/zRRky
omkxD9ojs1+9WJo1QNj6D6SaaL+KcvaegvPF9K+U6POFsWvQtNIvZEmv9j3OUA5+
HediOHowtf6XkyrWRV2KuJd7UEGEdAEaYFuoMDLoO5FSm6R/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:59 2024 by rpki-client on console-fra.rpki-client.org