Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1327e9-6a8e-4d90-8fcd-6c8c3c041629/1/cW5cORLb2uWWetANVv437dokm-0.roa
File:                     cW5cORLb2uWWetANVv437dokm-0.roa (raw, json)
Hash identifier:          eUwErNKOeQuUAGq3viaig7ix+TsjYRQuzZxDchiCk/U=
Subject key identifier:   71:6E:5C:39:12:DB:DA:E5:96:7A:D0:0D:56:FE:37:ED:DA:24:9B:ED
Certificate issuer:       /CN=b4a09c900a8578bd029d04de93a7ff3047d38f83
Certificate serial:       01856FCB976D3BAF26E5D04EE35B64F4DCD4
Authority key identifier: B4:A0:9C:90:0A:85:78:BD:02:9D:04:DE:93:A7:FF:30:47:D3:8F:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKCckAqFeL0CnQTek6f_MEfTj4M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/1327e9-6a8e-4d90-8fcd-6c8c3c041629/1/cW5cORLb2uWWetANVv437dokm-0.roa
Signing time:             Mon 02 Jan 2023 00:04:51 +0000
ROA not before:           Mon 02 Jan 2023 00:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        94.143.226.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:97:6d:3b:af:26:e5:d0:4e:e3:5b:64:f4:dc:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a09c900a8578bd029d04de93a7ff3047d38f83
        Validity
            Not Before: Jan  2 00:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=716e5c3912dbdae5967ad00d56fe37edda249bed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ee:12:c7:3f:f0:5a:c9:dd:29:97:96:50:87:
                    0c:d7:8a:60:88:1e:cd:15:63:f2:6a:cc:ac:c8:78:
                    32:b6:31:de:70:47:08:c7:12:f4:ed:29:d9:72:41:
                    23:bd:55:25:e0:c8:ab:fb:2b:a1:f7:33:f5:9b:85:
                    e2:ab:a6:70:c8:71:03:2d:92:15:06:16:55:76:a9:
                    74:d9:5b:e2:c3:ff:db:3b:c5:86:36:ef:a5:ae:9b:
                    e4:c2:df:40:53:9d:f6:98:78:a9:eb:2e:16:a6:01:
                    4e:c8:95:75:57:dd:c0:08:23:ab:f5:54:ac:40:0e:
                    d2:ec:0e:95:64:25:20:a3:dc:cc:df:27:fc:88:7c:
                    4a:cb:4d:43:34:97:6a:89:aa:5f:bf:18:2a:a0:89:
                    5b:11:88:22:04:e0:43:27:e5:18:07:01:f7:93:3b:
                    56:84:28:6b:ec:cb:c2:71:39:5e:f1:3c:3f:98:1c:
                    40:d9:0c:4d:eb:d3:26:85:9a:97:eb:b5:68:30:7d:
                    f5:59:45:07:5b:4b:a6:38:3d:f5:3d:32:8e:1b:ca:
                    13:97:5c:ff:88:97:b5:bf:d8:1d:3b:e6:0b:56:48:
                    e9:f9:22:96:8b:5a:fe:85:33:f5:0a:ac:2d:80:6b:
                    52:ef:be:c8:16:e0:22:1e:99:ca:89:a2:ef:c2:1a:
                    4d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:6E:5C:39:12:DB:DA:E5:96:7A:D0:0D:56:FE:37:ED:DA:24:9B:ED
            X509v3 Authority Key Identifier:
                keyid:B4:A0:9C:90:0A:85:78:BD:02:9D:04:DE:93:A7:FF:30:47:D3:8F:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKCckAqFeL0CnQTek6f_MEfTj4M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1327e9-6a8e-4d90-8fcd-6c8c3c041629/1/cW5cORLb2uWWetANVv437dokm-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1327e9-6a8e-4d90-8fcd-6c8c3c041629/1/tKCckAqFeL0CnQTek6f_MEfTj4M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:d0:e4:a1:b9:6b:8a:fd:27:36:1d:7d:ea:65:bd:39:d4:3f:
         d4:f4:86:cc:64:b4:d2:db:99:cd:12:87:75:2f:4e:5f:72:29:
         3d:15:9b:f3:49:f6:4b:31:35:e1:6f:23:28:18:f6:94:3b:04:
         b6:8a:a8:b8:1e:90:ab:9d:01:b0:b1:84:e1:bd:6d:73:ab:2d:
         b4:1f:e1:15:63:18:6f:cf:e1:99:75:ca:ba:2c:b4:02:7f:a4:
         79:ca:1a:16:65:d5:b9:0a:68:a3:7e:0a:82:0b:10:6e:5f:d8:
         a2:6a:ef:75:ea:73:ce:8a:33:e6:bb:60:d4:c3:3a:a1:21:a1:
         22:a6:82:d3:e6:69:86:cc:8d:c9:1d:17:f8:dc:e2:23:05:6a:
         94:58:0c:2f:48:bf:d2:1c:b1:b7:85:c7:45:83:89:87:0a:5f:
         a2:83:7a:c4:38:54:c5:e8:ef:24:65:99:82:b3:c0:79:ab:a7:
         c8:80:9c:50:2b:d2:51:26:73:bf:8f:9d:d0:15:0b:d9:20:68:
         dc:e9:72:76:90:11:83:56:57:f5:d7:b3:96:a8:b0:7c:59:42:
         61:f0:34:30:b6:c1:61:9f:e1:e9:91:e2:48:79:6a:1b:01:34:
         16:93:86:c3:50:4a:07:47:f2:65:de:d6:04:cd:f8:dc:70:a2:
         0b:ab:65:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5dtO68m5dBO41tk9NzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTA5YzkwMGE4NTc4YmQwMjlkMDRkZTkzYTdmZjMwNDdk
MzhmODMwHhcNMjMwMTAyMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZlNWMzOTEyZGJkYWU1OTY3YWQwMGQ1NmZlMzdlZGRhMjQ5YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO4Sxz/wWsndKZeWUIcM14pgiB7N
FWPyasysyHgytjHecEcIxxL07SnZckEjvVUl4Mir+yuh9zP1m4Xiq6ZwyHEDLZIV
BhZVdql02Vviw//bO8WGNu+lrpvkwt9AU532mHip6y4WpgFOyJV1V93ACCOr9VSs
QA7S7A6VZCUgo9zM3yf8iHxKy01DNJdqiapfvxgqoIlbEYgiBOBDJ+UYBwH3kztW
hChr7MvCcTle8Tw/mBxA2QxN69MmhZqX67VoMH31WUUHW0umOD31PTKOG8oTl1z/
iJe1v9gdO+YLVkjp+SKWi1r+hTP1CqwtgGtS777IFuAiHpnKiaLvwhpNjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFuXDkS29rllnrQDVb+N+3aJJvtMB8GA1UdIwQY
MBaAFLSgnJAKhXi9Ap0E3pOn/zBH04+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtDY2tBcUZlTDBDblFUZWs2Zl9NRWZUajRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xMzI3ZTktNmE4ZS00ZDkwLThmY2Qt
NmM4YzNjMDQxNjI5LzEvY1c1Y09STGIydVdXZXRBTlZ2NDM3ZG9rbS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xMzI3ZTktNmE4ZS00ZDkwLThmY2QtNmM4YzNjMDQxNjI5
LzEvdEtDY2tBcUZlTDBDblFUZWs2Zl9NRWZUajRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/iMA0G
CSqGSIb3DQEBCwUAA4IBAQCN0OShuWuK/Sc2HX3qZb051D/U9IbMZLTS25nNEod1
L05fcik9FZvzSfZLMTXhbyMoGPaUOwS2iqi4HpCrnQGwsYThvW1zqy20H+EVYxhv
z+GZdcq6LLQCf6R5yhoWZdW5CmijfgqCCxBuX9iiau916nPOijPmu2DUwzqhIaEi
poLT5mmGzI3JHRf43OIjBWqUWAwvSL/SHLG3hcdFg4mHCl+ig3rEOFTF6O8kZZmC
s8B5q6fIgJxQK9JRJnO/j53QFQvZIGjc6XJ2kBGDVlf117OWqLB8WUJh8DQwtsFh
n+HpkeJIeWobATQWk4bDUEoHR/Jl3tYEzfjccKILq2Xq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org