Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/84b6a3-e5d8-46ac-8a3b-fd264b40f809/1/uEapgFKEBQRMJGOyvODHkhnH8G4.roa
File:                     uEapgFKEBQRMJGOyvODHkhnH8G4.roa (raw, json)
Hash identifier:          iUJGNxC/E81C6nEEoc7abzxyDw3Z/grnq89QvbOuJVM=
Subject key identifier:   B8:46:A9:80:52:84:05:04:4C:24:63:B2:BC:E0:C7:92:19:C7:F0:6E
Certificate issuer:       /CN=e368a8f67d62a84c5d6937960018704cc7758f76
Certificate serial:       01856E667AA61AEA9576F8D3484C074F1041
Authority key identifier: E3:68:A8:F6:7D:62:A8:4C:5D:69:37:96:00:18:70:4C:C7:75:8F:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/42io9n1iqExdaTeWABhwTMd1j3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/84b6a3-e5d8-46ac-8a3b-fd264b40f809/1/uEapgFKEBQRMJGOyvODHkhnH8G4.roa
Signing time:             Sun 01 Jan 2023 17:34:47 +0000
ROA not before:           Sun 01 Jan 2023 17:34:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5524
IP address blocks:        91.189.208.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:7a:a6:1a:ea:95:76:f8:d3:48:4c:07:4f:10:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e368a8f67d62a84c5d6937960018704cc7758f76
        Validity
            Not Before: Jan  1 17:34:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b846a980528405044c2463b2bce0c79219c7f06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9c:e9:f5:00:03:93:6c:4f:fb:f9:78:83:76:
                    2c:f8:bd:3f:af:50:69:4f:ee:d9:3b:40:33:94:21:
                    f8:73:24:b6:fb:21:9c:cd:c0:0b:1a:a5:2a:62:3c:
                    29:9e:be:3e:3e:47:82:ea:54:76:29:12:93:18:1a:
                    74:e2:00:9e:f6:b9:f5:e6:36:b4:15:4c:f7:75:c4:
                    cb:f7:aa:50:e8:f5:1b:a4:5f:9b:a1:7d:f1:62:9e:
                    57:cc:a1:e0:23:8d:3a:c6:8e:e8:f7:f8:e8:6f:fb:
                    5e:99:f5:6c:a4:70:7d:9b:0c:06:68:f4:a7:d5:e4:
                    34:cf:f9:73:7b:2a:d9:f3:9c:04:40:c3:4b:82:b5:
                    d3:90:22:09:a2:1e:c5:82:bb:7b:3b:9b:33:cc:11:
                    ee:56:35:e6:51:d0:5b:15:39:1c:f8:62:2d:f0:17:
                    dc:0d:e7:bd:bd:7f:1d:de:dd:a3:ef:a4:53:18:bc:
                    bc:90:02:e1:ec:2c:6e:b3:d5:86:01:4f:b8:5c:66:
                    e9:05:de:bc:a5:96:ea:8c:20:a3:c0:50:28:3d:5a:
                    b4:34:a6:79:c7:09:31:2b:fe:e2:bf:97:bc:4a:d7:
                    43:ce:0c:db:db:91:52:d7:ef:2d:eb:d1:55:a8:89:
                    ca:4b:8d:52:16:cf:22:b4:21:cc:d7:ca:5e:ce:03:
                    06:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:46:A9:80:52:84:05:04:4C:24:63:B2:BC:E0:C7:92:19:C7:F0:6E
            X509v3 Authority Key Identifier:
                keyid:E3:68:A8:F6:7D:62:A8:4C:5D:69:37:96:00:18:70:4C:C7:75:8F:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/42io9n1iqExdaTeWABhwTMd1j3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/84b6a3-e5d8-46ac-8a3b-fd264b40f809/1/uEapgFKEBQRMJGOyvODHkhnH8G4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/84b6a3-e5d8-46ac-8a3b-fd264b40f809/1/42io9n1iqExdaTeWABhwTMd1j3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.189.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:c2:e8:32:12:15:72:07:d4:96:92:ba:94:e6:bc:96:7d:a5:
         b9:f6:3b:13:06:a8:bf:e1:e9:f9:b4:29:af:67:8b:98:fe:ab:
         ab:3a:f1:ec:81:84:e5:b1:34:8e:46:d2:fb:87:f8:7c:a5:6e:
         a1:92:96:a8:44:04:30:68:9e:4e:59:1e:46:8b:b4:63:cd:df:
         d5:c1:5b:b4:69:0e:7a:d6:25:7a:ba:cd:76:e7:48:f9:e6:7f:
         10:32:5d:a4:bf:f2:c5:05:76:29:0c:17:f9:ab:cc:32:fc:ef:
         7a:ef:f2:86:36:e0:2a:79:2c:17:47:8e:a4:b6:5a:62:f1:d4:
         9f:be:b5:f6:72:7b:97:bb:8a:cc:ce:42:2e:a1:54:34:f2:10:
         a3:35:07:96:c4:61:ee:74:6b:7b:a3:79:89:fd:df:16:6c:47:
         d3:de:51:0e:bc:fa:ef:04:2b:df:93:79:13:aa:ef:33:0d:18:
         13:23:8a:c3:3d:2c:92:92:ca:c4:9b:c5:1b:52:e6:53:83:88:
         7a:d6:ac:99:5d:29:53:98:da:dd:c5:70:a8:1b:88:56:49:03:
         82:30:65:f8:24:62:f3:7b:2a:ca:2c:b3:7d:ea:ba:3e:56:46:
         4a:2e:fe:c2:7a:00:3d:a8:a2:09:78:4a:7d:aa:d0:ef:b6:94:
         ee:f4:34:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZnqmGuqVdvjTSEwHTxBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNjhhOGY2N2Q2MmE4NGM1ZDY5Mzc5NjAwMTg3MDRjYzc3
NThmNzYwHhcNMjMwMTAxMTczNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ2YTk4MDUyODQwNTA0NGMyNDYzYjJiY2UwYzc5MjE5YzdmMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJzp9QADk2xP+/l4g3Ys+L0/r1Bp
T+7ZO0AzlCH4cyS2+yGczcALGqUqYjwpnr4+PkeC6lR2KRKTGBp04gCe9rn15ja0
FUz3dcTL96pQ6PUbpF+boX3xYp5XzKHgI406xo7o9/job/temfVspHB9mwwGaPSn
1eQ0z/lzeyrZ85wEQMNLgrXTkCIJoh7Fgrt7O5szzBHuVjXmUdBbFTkc+GIt8Bfc
Dee9vX8d3t2j76RTGLy8kALh7Cxus9WGAU+4XGbpBd68pZbqjCCjwFAoPVq0NKZ5
xwkxK/7iv5e8StdDzgzb25FS1+8t69FVqInKS41SFs8itCHM18pezgMGfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhGqYBShAUETCRjsrzgx5IZx/BuMB8GA1UdIwQY
MBaAFONoqPZ9YqhMXWk3lgAYcEzHdY92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDJpbzluMWlxRXhkYVRlV0FCaHdUTWQxajNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NGI2YTMtZTVkOC00NmFjLThhM2It
ZmQyNjRiNDBmODA5LzEvdUVhcGdGS0VCUVJNSkdPeXZPREhraG5IOEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NGI2YTMtZTVkOC00NmFjLThhM2ItZmQyNjRiNDBmODA5
LzEvNDJpbzluMWlxRXhkYVRlV0FCaHdUTWQxajNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW73QMA0G
CSqGSIb3DQEBCwUAA4IBAQAfwugyEhVyB9SWkrqU5ryWfaW59jsTBqi/4en5tCmv
Z4uY/qurOvHsgYTlsTSORtL7h/h8pW6hkpaoRAQwaJ5OWR5Gi7Rjzd/VwVu0aQ56
1iV6us1250j55n8QMl2kv/LFBXYpDBf5q8wy/O967/KGNuAqeSwXR46ktlpi8dSf
vrX2cnuXu4rMzkIuoVQ08hCjNQeWxGHudGt7o3mJ/d8WbEfT3lEOvPrvBCvfk3kT
qu8zDRgTI4rDPSySksrEm8UbUuZTg4h61qyZXSlTmNrdxXCoG4hWSQOCMGX4JGLz
eyrKLLN96ro+VkZKLv7CegA9qKIJeEp9qtDvtpTu9DSV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:55 2024 by rpki-client on console-ams.rpki-client.org