Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/bmbB3BlFBBdpN7LLo5BlUXFxwU4.roa
File:                     bmbB3BlFBBdpN7LLo5BlUXFxwU4.roa (raw, json)
Hash identifier:          yWEmi4tDXGWIRrefV5s32wjXjkpf47d3+HOKgWIF+Hg=
Subject key identifier:   6E:66:C1:DC:19:45:04:17:69:37:B2:CB:A3:90:65:51:71:71:C1:4E
Certificate issuer:       /CN=dd0feb9a5fa040341ea18534c5b6aed7ecd2a0de
Certificate serial:       EE8E
Authority key identifier: DD:0F:EB:9A:5F:A0:40:34:1E:A1:85:34:C5:B6:AE:D7:EC:D2:A0:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Q_rml-gQDQeoYU0xbau1-zSoN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/bmbB3BlFBBdpN7LLo5BlUXFxwU4.roa
Signing time:             Mon 31 Jan 2022 15:54:01 +0000
ROA not before:           Mon 31 Jan 2022 15:54:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49392
IP address blocks:        195.64.126.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61070 (0xee8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0feb9a5fa040341ea18534c5b6aed7ecd2a0de
        Validity
            Not Before: Jan 31 15:54:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e66c1dc194504176937b2cba39065517171c14e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ba:c6:f8:f8:62:1d:13:32:5f:97:7b:3e:6d:
                    3a:4e:2f:d5:ab:87:fc:da:62:1d:db:ff:ad:99:ac:
                    67:17:26:79:1d:aa:10:e2:cf:66:5c:a0:7c:a2:c1:
                    d8:a1:6c:3a:25:a1:a7:b7:3b:5e:d0:c6:ea:14:06:
                    a5:a7:b3:ed:80:f2:e8:6a:47:77:ae:4b:66:84:ed:
                    54:71:70:54:37:49:47:9c:5a:0b:ef:6b:8f:73:a8:
                    9e:13:5e:ca:f3:6e:db:4e:bb:57:0a:b7:d9:ab:38:
                    26:5e:48:76:fc:e9:94:91:e1:90:a6:00:37:33:56:
                    1c:d2:a3:15:2d:10:02:eb:4b:b7:fe:7f:ca:48:dd:
                    16:8d:4f:19:67:35:36:a3:48:fc:47:59:2a:3c:1a:
                    d3:38:65:2f:0f:e0:02:b1:11:e3:0e:21:c2:fb:7e:
                    95:dc:2f:64:45:7f:7c:74:06:8a:a8:7f:f3:c9:d2:
                    98:95:71:49:96:12:63:e7:9f:d6:84:15:d9:52:e3:
                    a6:09:1d:e9:0d:34:23:dc:79:87:eb:79:70:0b:6f:
                    52:3f:b6:1a:ca:69:e0:66:f6:b3:90:ad:b5:68:7d:
                    44:e6:e9:2c:32:0b:31:32:3b:41:b2:93:f3:25:6b:
                    f9:84:d1:9a:e0:5e:b3:04:70:ba:7e:73:86:eb:d2:
                    96:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:66:C1:DC:19:45:04:17:69:37:B2:CB:A3:90:65:51:71:71:C1:4E
            X509v3 Authority Key Identifier:
                keyid:DD:0F:EB:9A:5F:A0:40:34:1E:A1:85:34:C5:B6:AE:D7:EC:D2:A0:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Q_rml-gQDQeoYU0xbau1-zSoN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/bmbB3BlFBBdpN7LLo5BlUXFxwU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/6d0270-95ab-4da3-abf5-8dc0d833f54b/1/3Q_rml-gQDQeoYU0xbau1-zSoN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:c9:78:25:8b:8a:a2:62:fb:12:34:77:ac:b8:70:83:83:0e:
         08:53:39:b4:17:f3:38:c9:5d:dd:1a:b9:51:c5:07:06:74:6f:
         d9:99:08:27:95:ca:98:f8:8d:8a:89:22:7c:79:d7:aa:76:ea:
         6c:85:6c:93:67:f7:63:b3:a8:fa:70:51:2d:8d:61:3a:72:e2:
         b2:56:79:23:a6:ad:24:4a:a1:52:d4:3c:fc:2a:b4:ee:3d:9f:
         b6:b0:1d:83:ce:c7:d1:60:83:b2:d8:32:6d:a0:de:22:cf:ae:
         a3:b0:d0:80:d4:18:f1:22:6e:53:f5:d0:95:cf:84:80:5e:df:
         1e:6e:3a:6e:c3:7e:d3:45:58:a4:a8:ef:2c:36:4a:72:37:2e:
         78:84:d3:d3:49:5d:ad:28:27:a6:78:37:c4:56:e2:19:51:ce:
         a4:da:c5:f4:f8:1f:1a:ea:51:0f:b7:c2:36:25:75:0f:d8:08:
         4e:a3:65:43:16:05:82:df:9f:54:de:f6:dd:9f:c0:93:ec:6c:
         4c:a0:d1:c3:d7:0e:c2:10:64:3e:3b:0e:a4:46:6a:de:65:74:
         7a:4a:75:93:6b:4e:0e:46:c0:5b:fe:46:05:39:86:5a:fa:78:
         5d:a3:b2:fa:11:cb:8f:c2:23:b5:81:de:7b:e8:6b:c6:cd:3d:
         ac:5a:2e:6c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAO6OMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
MGZlYjlhNWZhMDQwMzQxZWExODUzNGM1YjZhZWQ3ZWNkMmEwZGUwHhcNMjIwMTMx
MTU1NDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZTY2YzFkYzE5NDUw
NDE3NjkzN2IyY2JhMzkwNjU1MTcxNzFjMTRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnLrG+PhiHRMyX5d7Pm06Ti/Vq4f82mId2/+tmaxnFyZ5HaoQ
4s9mXKB8osHYoWw6JaGntzte0MbqFAalp7PtgPLoakd3rktmhO1UcXBUN0lHnFoL
72uPc6ieE17K827bTrtXCrfZqzgmXkh2/OmUkeGQpgA3M1Yc0qMVLRAC60u3/n/K
SN0WjU8ZZzU2o0j8R1kqPBrTOGUvD+ACsRHjDiHC+36V3C9kRX98dAaKqH/zydKY
lXFJlhJj55/WhBXZUuOmCR3pDTQj3HmH63lwC29SP7YaymngZvazkK21aH1E5uks
MgsxMjtBspPzJWv5hNGa4F6zBHC6fnOG69KWPwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFG5mwdwZRQQXaTeyy6OQZVFxccFOMB8GA1UdIwQYMBaAFN0P65pfoEA0HqGF
NMW2rtfs0qDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M1Ffcm1sLWdRRFFlb1lVMHhiYXUxLXpTb040LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMi82ZDAyNzAtOTVhYi00ZGEzLWFiZjUtOGRjMGQ4MzNmNTRiLzEv
Ym1iQjNCbEZCQmRwTjdMTG81QmxVWEZ4d1U0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi82
ZDAyNzAtOTVhYi00ZGEzLWFiZjUtOGRjMGQ4MzNmNTRiLzEvM1Ffcm1sLWdRRFFl
b1lVMHhiYXUxLXpTb040LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B+MA0GCSqGSIb3DQEBCwUAA4IB
AQCWyXgli4qiYvsSNHesuHCDgw4IUzm0F/M4yV3dGrlRxQcGdG/ZmQgnlcqY+I2K
iSJ8edeqdupshWyTZ/djs6j6cFEtjWE6cuKyVnkjpq0kSqFS1Dz8KrTuPZ+2sB2D
zsfRYIOy2DJtoN4iz66jsNCA1BjxIm5T9dCVz4SAXt8ebjpuw37TRVikqO8sNkpy
Ny54hNPTSV2tKCemeDfEVuIZUc6k2sX0+B8a6lEPt8I2JXUP2AhOo2VDFgWC359U
3vbdn8CT7GxMoNHD1w7CEGQ+Ow6kRmreZXR6SnWTa04ORsBb/kYFOYZa+nhdo7L6
EcuPwiO1gd576GvGzT2sWi5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:55 2024 by rpki-client on console-ams.rpki-client.org