Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/2TXLaKDrHk4ofgimA1ILdqwOYEs.roa
File:                     2TXLaKDrHk4ofgimA1ILdqwOYEs.roa (raw, json)
Hash identifier:          AG9uaayp0kghEEpYl7Jf+burh0rGFF0LjlHbtAy5Dn4=
Subject key identifier:   D9:35:CB:68:A0:EB:1E:4E:28:7E:08:A6:03:52:0B:76:AC:0E:60:4B
Certificate issuer:       /CN=50b49fa114a0ec3553c72132dbc56a2ebbef79df
Certificate serial:       016120B3
Authority key identifier: 50:B4:9F:A1:14:A0:EC:35:53:C7:21:32:DB:C5:6A:2E:BB:EF:79:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ULSfoRSg7DVTxyEy28VqLrvved8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/2TXLaKDrHk4ofgimA1ILdqwOYEs.roa
Signing time:             Sat 02 Jul 2022 04:02:25 +0000
ROA not before:           Sat 02 Jul 2022 04:02:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399641
IP address blocks:        89.106.205.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23142579 (0x16120b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50b49fa114a0ec3553c72132dbc56a2ebbef79df
        Validity
            Not Before: Jul  2 04:02:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d935cb68a0eb1e4e287e08a603520b76ac0e604b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:50:d7:3b:48:69:2d:eb:84:35:7a:94:21:4b:
                    2e:19:d2:bb:3e:15:88:b9:dd:36:c6:05:cb:c4:cb:
                    27:4a:3e:11:ea:2f:a7:ec:92:3a:35:5d:fa:b0:d2:
                    35:af:9a:c6:c7:c1:d0:6f:bc:3a:24:a5:06:1e:cd:
                    75:35:1e:6c:7d:b4:89:7e:ef:e7:13:d0:c8:d9:d1:
                    80:be:23:06:31:b9:ba:9f:44:47:24:e5:18:ba:ad:
                    bd:36:ba:ce:99:58:cb:88:bd:0c:e6:40:48:47:60:
                    62:07:b4:0f:6d:da:58:90:c1:42:02:39:b2:a7:2e:
                    41:28:d2:73:51:81:c1:cc:9d:9d:3c:46:8a:ac:37:
                    98:43:53:a1:7f:c4:70:c8:98:9a:80:d1:ab:2e:00:
                    87:50:8b:7b:ac:73:c4:a4:28:58:cd:64:38:10:3f:
                    85:be:e1:4f:f7:e3:3f:37:e6:7e:20:a5:3f:bb:1a:
                    28:62:9e:b4:56:df:29:89:24:c6:73:ed:b0:aa:b9:
                    a7:57:aa:a9:96:9c:22:5c:f7:43:90:30:6c:22:d9:
                    1a:35:d4:b3:63:07:cf:8c:c5:33:80:77:25:b5:0b:
                    96:05:98:75:7e:8d:3a:28:23:74:b2:f2:d1:a2:2b:
                    a1:ac:ef:f0:95:63:f1:11:38:e2:2b:42:b5:ba:de:
                    a0:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:35:CB:68:A0:EB:1E:4E:28:7E:08:A6:03:52:0B:76:AC:0E:60:4B
            X509v3 Authority Key Identifier:
                keyid:50:B4:9F:A1:14:A0:EC:35:53:C7:21:32:DB:C5:6A:2E:BB:EF:79:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULSfoRSg7DVTxyEy28VqLrvved8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/2TXLaKDrHk4ofgimA1ILdqwOYEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/ULSfoRSg7DVTxyEy28VqLrvved8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.106.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:3b:98:7d:6f:45:27:9b:d9:8c:03:f9:a4:60:69:c6:3d:42:
         bc:9a:4f:5c:ed:95:23:90:80:8c:7d:0b:d4:c4:6a:56:b6:67:
         af:94:19:a9:9c:84:b1:25:05:2d:90:1b:5f:f3:34:b4:91:ba:
         15:76:86:e2:67:04:7f:d9:38:8c:7c:81:73:9e:56:4f:c8:5f:
         8f:cd:9d:1c:40:4d:3a:34:ce:d7:b9:5c:36:81:28:79:55:0e:
         ac:65:10:63:d2:b6:a3:08:a5:e9:a3:80:c7:69:d8:6d:3b:3f:
         d0:d1:83:4a:02:36:88:7a:66:5e:49:09:a8:ce:92:67:5b:8b:
         b8:2a:7b:46:c0:90:98:89:6f:36:21:5b:ef:a5:78:d0:cc:dc:
         2f:7d:8a:b7:cb:2a:13:1f:1d:ec:ff:2b:81:ae:a6:06:ef:12:
         6e:67:ea:1e:78:46:5d:1c:e5:4f:1c:ab:70:2e:15:3f:15:17:
         68:76:e5:5b:a8:fc:99:d2:76:f2:9f:8b:3e:3a:73:d7:fe:45:
         fa:65:5a:df:e2:cb:59:43:2c:e3:3b:aa:31:5b:82:bb:5a:24:
         b5:1a:ae:68:6b:aa:51:65:90:9a:be:27:2d:b2:5a:41:cd:69:
         86:5b:b1:09:f0:8f:4e:12:b6:1d:52:5f:a4:5b:aa:cf:ed:94:
         a8:60:d5:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWEgszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI0OWZhMTE0YTBlYzM1NTNjNzIxMzJkYmM1NmEyZWJiZWY3OWRmMB4XDTIyMDcw
MjA0MDIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkzNWNiNjhhMGVi
MWU0ZTI4N2UwOGE2MDM1MjBiNzZhYzBlNjA0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpQ1ztIaS3rhDV6lCFLLhnSuz4ViLndNsYFy8TLJ0o+Eeov
p+ySOjVd+rDSNa+axsfB0G+8OiSlBh7NdTUebH20iX7v5xPQyNnRgL4jBjG5up9E
RyTlGLqtvTa6zplYy4i9DOZASEdgYge0D23aWJDBQgI5sqcuQSjSc1GBwcydnTxG
iqw3mENToX/EcMiYmoDRqy4Ah1CLe6xzxKQoWM1kOBA/hb7hT/fjPzfmfiClP7sa
KGKetFbfKYkkxnPtsKq5p1eqqZacIlz3Q5AwbCLZGjXUs2MHz4zFM4B3JbULlgWY
dX6NOigjdLLy0aIroazv8JVj8RE44itCtbreoHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZNctooOseTih+CKYDUgt2rA5gSzAfBgNVHSMEGDAWgBRQtJ+hFKDsNVPH
ITLbxWouu+953zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMU2ZvUlNnN0RWVHh5RXkyOFZxTHJ2dmVkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvZTU5NjVhLTBhMjctNDU4Ny04YWM2LTVjYzI4NDI2YzU4OC8x
LzJUWExhS0RySGs0b2ZnaW1BMUlMZHF3T1lFcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
ZTU5NjVhLTBhMjctNDU4Ny04YWM2LTVjYzI4NDI2YzU4OC8xL1VMU2ZvUlNnN0RW
VHh5RXkyOFZxTHJ2dmVkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFlqzTANBgkqhkiG9w0BAQsFAAOC
AQEAfzuYfW9FJ5vZjAP5pGBpxj1CvJpPXO2VI5CAjH0L1MRqVrZnr5QZqZyEsSUF
LZAbX/M0tJG6FXaG4mcEf9k4jHyBc55WT8hfj82dHEBNOjTO17lcNoEoeVUOrGUQ
Y9K2owil6aOAx2nYbTs/0NGDSgI2iHpmXkkJqM6SZ1uLuCp7RsCQmIlvNiFb76V4
0MzcL32Kt8sqEx8d7P8rga6mBu8SbmfqHnhGXRzlTxyrcC4VPxUXaHblW6j8mdJ2
8p+LPjpz1/5F+mVa3+LLWUMs4zuqMVuCu1oktRquaGuqUWWQmr4nLbJaQc1phlux
CfCPThK2HVJfpFuqz+2UqGDVSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:28 2024 by rpki-client on console-ams.rpki-client.org