Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/a535d4-e038-40ba-98c1-1c5c9973b128/1/TERtRwoHoSD3WEWdV3iCu-zYY7Q.roa
File:                     TERtRwoHoSD3WEWdV3iCu-zYY7Q.roa (raw, json)
Hash identifier:          a6xKk8/7xSkObrzTH6vM/KIFRqiruHsJv6Fgqq1c7iI=
Subject key identifier:   4C:44:6D:47:0A:07:A1:20:F7:58:45:9D:57:78:82:BB:EC:D8:63:B4
Certificate issuer:       /CN=537e9c6cd5b64e6342c53891faa742adf0a2193c
Certificate serial:       018572D5C5EDF36A35FE7D941D6B280BE655
Authority key identifier: 53:7E:9C:6C:D5:B6:4E:63:42:C5:38:91:FA:A7:42:AD:F0:A2:19:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U36cbNW2TmNCxTiR-qdCrfCiGTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/a535d4-e038-40ba-98c1-1c5c9973b128/1/TERtRwoHoSD3WEWdV3iCu-zYY7Q.roa
Signing time:             Mon 02 Jan 2023 14:14:50 +0000
ROA not before:           Mon 02 Jan 2023 14:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203020
IP address blocks:        146.255.187.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:c5:ed:f3:6a:35:fe:7d:94:1d:6b:28:0b:e6:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537e9c6cd5b64e6342c53891faa742adf0a2193c
        Validity
            Not Before: Jan  2 14:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c446d470a07a120f758459d577882bbecd863b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c3:d1:10:3d:64:68:87:21:63:5f:6e:99:21:
                    b7:26:68:18:b9:36:65:73:3b:a2:1a:ae:cf:c6:4e:
                    db:37:8f:70:a6:7c:c5:ae:13:7f:f9:db:1d:ee:30:
                    3a:e2:b9:e6:97:86:00:e7:bb:e7:8f:59:70:68:d3:
                    21:50:82:99:22:43:bf:b6:11:d0:97:01:86:fd:8f:
                    1c:6b:2c:8c:64:db:91:e0:0d:13:b7:94:c6:e0:9f:
                    49:30:06:b2:9f:26:91:bc:7a:04:cc:04:ad:f1:53:
                    a3:30:d5:5e:f9:8a:e5:0a:de:92:7c:6d:37:f0:e0:
                    36:7c:8b:a5:60:3c:7d:d6:ce:32:f7:b7:3a:b8:74:
                    21:d3:b7:e1:07:3f:bb:bc:b2:8a:5b:37:db:bc:f2:
                    36:87:be:86:38:9c:80:95:59:6a:0d:25:67:f1:a2:
                    70:f2:1a:e6:cb:6e:83:a2:78:40:17:62:4c:bc:5a:
                    3d:01:91:78:cb:a2:d5:7c:79:f4:93:e6:81:0d:61:
                    c1:c1:e2:e1:71:91:48:b5:e0:86:00:78:c0:fd:8a:
                    ff:b8:fb:36:4b:6d:e2:b9:6e:87:43:d0:1b:a1:2d:
                    b9:47:97:0b:42:90:52:aa:ca:e3:8b:33:17:6f:73:
                    67:84:4c:eb:8c:69:d4:a1:84:32:75:6c:f2:b5:9b:
                    14:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:44:6D:47:0A:07:A1:20:F7:58:45:9D:57:78:82:BB:EC:D8:63:B4
            X509v3 Authority Key Identifier:
                keyid:53:7E:9C:6C:D5:B6:4E:63:42:C5:38:91:FA:A7:42:AD:F0:A2:19:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U36cbNW2TmNCxTiR-qdCrfCiGTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a535d4-e038-40ba-98c1-1c5c9973b128/1/TERtRwoHoSD3WEWdV3iCu-zYY7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a535d4-e038-40ba-98c1-1c5c9973b128/1/U36cbNW2TmNCxTiR-qdCrfCiGTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.255.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:94:cc:4a:0c:0b:7f:15:1e:bf:41:8c:ac:12:38:ea:8b:82:
         f8:68:19:50:a9:77:bc:55:9a:5c:fd:cb:1d:96:62:0f:fe:ab:
         cf:e2:4d:b9:19:5e:4b:f4:f1:f9:f9:cb:86:57:ce:83:69:c7:
         c7:66:6d:ea:b5:70:86:2d:f6:6f:a8:28:bd:1a:ff:b8:32:48:
         74:a1:33:30:c1:85:8d:d1:4c:53:5d:17:a6:29:01:26:9f:d3:
         24:4a:90:b3:d9:98:00:da:2a:46:bc:a6:d3:4c:75:cd:a5:b4:
         bf:43:fe:66:3e:d0:8e:b6:0b:3a:77:db:d7:cb:90:a6:bf:10:
         7f:62:e9:c7:c3:9c:2f:5e:63:e2:d5:3c:9a:67:89:1d:af:2f:
         ac:3a:e8:f3:25:04:ce:4e:1e:77:1b:cb:45:78:4d:cd:e9:c4:
         6c:90:0e:65:ea:ef:ba:b6:d0:e1:bd:63:a9:a2:36:0e:5b:31:
         f1:af:8e:7e:61:3c:59:ad:e9:00:ac:3f:0a:8d:c1:88:e0:af:
         97:56:43:13:61:f6:43:6e:71:e2:8a:9d:80:60:ae:f7:ed:2c:
         2e:85:03:16:ef:b8:f9:66:aa:b5:92:47:6e:e9:a0:13:9f:2b:
         15:f1:3b:37:16:56:82:fa:18:36:4b:4f:2e:49:d2:7b:db:05:
         9f:33:78:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1cXt82o1/n2UHWsoC+ZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2U5YzZjZDViNjRlNjM0MmM1Mzg5MWZhYTc0MmFkZjBh
MjE5M2MwHhcNMjMwMTAyMTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ0NmQ0NzBhMDdhMTIwZjc1ODQ1OWQ1Nzc4ODJiYmVjZDg2M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMPRED1kaIchY19umSG3JmgYuTZl
czuiGq7Pxk7bN49wpnzFrhN/+dsd7jA64rnml4YA57vnj1lwaNMhUIKZIkO/thHQ
lwGG/Y8cayyMZNuR4A0Tt5TG4J9JMAaynyaRvHoEzASt8VOjMNVe+YrlCt6SfG03
8OA2fIulYDx91s4y97c6uHQh07fhBz+7vLKKWzfbvPI2h76GOJyAlVlqDSVn8aJw
8hrmy26DonhAF2JMvFo9AZF4y6LVfHn0k+aBDWHBweLhcZFIteCGAHjA/Yr/uPs2
S23iuW6HQ9AboS25R5cLQpBSqsrjizMXb3NnhEzrjGnUoYQydWzytZsUkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExEbUcKB6Eg91hFnVd4grvs2GO0MB8GA1UdIwQY
MBaAFFN+nGzVtk5jQsU4kfqnQq3wohk8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTM2Y2JOVzJUbU5DeFRpUi1xZENyZkNpR1R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9hNTM1ZDQtZTAzOC00MGJhLTk4YzEt
MWM1Yzk5NzNiMTI4LzEvVEVSdFJ3b0hvU0QzV0VXZFYzaUN1LXpZWTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9hNTM1ZDQtZTAzOC00MGJhLTk4YzEtMWM1Yzk5NzNiMTI4
LzEvVTM2Y2JOVzJUbU5DeFRpUi1xZENyZkNpR1R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkv+7MA0G
CSqGSIb3DQEBCwUAA4IBAQCElMxKDAt/FR6/QYysEjjqi4L4aBlQqXe8VZpc/csd
lmIP/qvP4k25GV5L9PH5+cuGV86DacfHZm3qtXCGLfZvqCi9Gv+4Mkh0oTMwwYWN
0UxTXRemKQEmn9MkSpCz2ZgA2ipGvKbTTHXNpbS/Q/5mPtCOtgs6d9vXy5CmvxB/
YunHw5wvXmPi1TyaZ4kdry+sOujzJQTOTh53G8tFeE3N6cRskA5l6u+6ttDhvWOp
ojYOWzHxr45+YTxZrekArD8KjcGI4K+XVkMTYfZDbnHiip2AYK737SwuhQMW77j5
Zqq1kkdu6aATnysV8Ts3FlaC+hg2S08uSdJ72wWfM3h7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org