Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/SKeHnJzBXAdSeqcRUNaTb8Q1BxE.roa
File:                     SKeHnJzBXAdSeqcRUNaTb8Q1BxE.roa (raw, json)
Hash identifier:          d7sQzuQGnCUVY9Zxl9CqVxF++lxwY6GEHddrdAYG9vQ=
Subject key identifier:   48:A7:87:9C:9C:C1:5C:07:52:7A:A7:11:50:D6:93:6F:C4:35:07:11
Certificate issuer:       /CN=913f4c9c6388f0a0342762009e324ec13271337e
Certificate serial:       01435DA2
Authority key identifier: 91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kT9MnGOI8KA0J2IAnjJOwTJxM34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/SKeHnJzBXAdSeqcRUNaTb8Q1BxE.roa
Signing time:             Sat 01 Jan 2022 11:58:32 +0000
ROA not before:           Sat 01 Jan 2022 11:58:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.151.144.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21192098 (0x1435da2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913f4c9c6388f0a0342762009e324ec13271337e
        Validity
            Not Before: Jan  1 11:58:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48a7879c9cc15c07527aa71150d6936fc4350711
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:90:9c:ca:77:4c:0b:da:11:49:02:61:95:76:
                    49:d4:88:0c:d5:05:ca:60:5c:70:00:ba:68:b3:9b:
                    d6:a6:03:a6:9e:26:1d:54:31:40:66:09:66:e9:e9:
                    0b:05:2b:47:10:bf:90:71:1f:2f:59:70:73:06:90:
                    0e:0e:6b:86:e7:ad:8b:13:17:aa:44:e5:51:8f:99:
                    bc:18:06:fe:f5:fa:ca:c8:05:ec:81:e3:cb:b9:78:
                    25:0b:a4:fe:e4:cb:87:a1:d5:a5:ca:31:74:10:68:
                    e8:bc:9e:9c:52:0c:a1:aa:a1:2d:26:3c:32:4b:c0:
                    f8:18:6c:a0:cc:72:21:e0:f4:b7:38:28:77:99:ef:
                    62:d3:09:b9:c6:a7:f4:d6:f8:cd:36:4b:01:26:3d:
                    d5:40:46:e2:27:f3:50:f2:fa:45:9f:0a:92:df:f2:
                    53:32:a8:e1:74:4f:f8:a9:f5:af:8a:4a:fd:c7:a9:
                    9d:fe:b8:02:06:8c:06:3f:9b:9e:ae:bc:38:05:18:
                    7a:29:c3:80:e0:9d:2f:87:a5:f4:29:6a:3c:2a:74:
                    f9:a7:e1:19:ec:72:f2:31:0a:ad:25:65:19:ea:b6:
                    b9:3a:7b:09:03:45:d6:8f:35:ab:bc:91:12:74:fb:
                    c0:2b:6f:57:b2:16:0b:5b:a5:5e:81:83:1e:52:34:
                    20:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A7:87:9C:9C:C1:5C:07:52:7A:A7:11:50:D6:93:6F:C4:35:07:11
            X509v3 Authority Key Identifier:
                keyid:91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kT9MnGOI8KA0J2IAnjJOwTJxM34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/SKeHnJzBXAdSeqcRUNaTb8Q1BxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/kT9MnGOI8KA0J2IAnjJOwTJxM34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:e9:32:a3:de:3f:ae:ec:c5:b0:31:3b:f1:55:4f:d2:20:42:
         d1:d1:56:7c:30:5e:ea:54:de:c0:16:56:67:ce:bb:b8:67:43:
         3f:d9:10:05:87:2c:67:5e:98:32:67:d6:18:65:44:39:e0:42:
         8e:69:4a:fe:c3:13:f6:db:cc:c2:3c:82:c1:45:af:85:d6:62:
         69:53:5f:1d:d9:0f:05:43:ef:e6:ba:95:6d:08:a2:9d:a2:67:
         f4:58:22:72:2c:54:0e:cd:75:de:39:1a:79:f8:0d:98:17:fd:
         f0:0a:d3:0e:1a:f5:be:4d:c7:f8:2e:f5:29:7b:19:b0:45:21:
         51:e5:19:c2:52:bf:91:65:86:50:c2:8b:26:b4:2c:81:a4:12:
         29:04:31:c3:9a:47:d9:29:b3:b6:8b:89:8c:a1:01:50:2b:df:
         4b:a3:b8:f4:8c:c3:f7:b3:80:ea:a5:94:e7:49:83:c6:2c:fa:
         c3:34:f4:b3:1b:6f:23:8a:99:a7:bf:cf:f1:d2:63:bd:64:72:
         b6:99:63:6e:f1:88:21:bd:cd:70:17:8f:88:b9:49:7b:9b:47:
         ab:f4:b7:ad:74:57:2a:e1:40:30:40:20:d3:37:df:e4:9c:2f:
         2f:4a:9a:ac:24:4e:81:b4:63:bb:d0:8e:71:7d:c6:00:21:dc:
         32:8f:7a:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUNdojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTNmNGM5YzYzODhmMGEwMzQyNzYyMDA5ZTMyNGVjMTMyNzEzMzdlMB4XDTIyMDEw
MTExNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhhNzg3OWM5Y2Mx
NWMwNzUyN2FhNzExNTBkNjkzNmZjNDM1MDcxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2QnMp3TAvaEUkCYZV2SdSIDNUFymBccAC6aLOb1qYDpp4m
HVQxQGYJZunpCwUrRxC/kHEfL1lwcwaQDg5rhuetixMXqkTlUY+ZvBgG/vX6ysgF
7IHjy7l4JQuk/uTLh6HVpcoxdBBo6LyenFIMoaqhLSY8MkvA+BhsoMxyIeD0tzgo
d5nvYtMJucan9Nb4zTZLASY91UBG4ifzUPL6RZ8Kkt/yUzKo4XRP+Kn1r4pK/cep
nf64AgaMBj+bnq68OAUYeinDgOCdL4el9ClqPCp0+afhGexy8jEKrSVlGeq2uTp7
CQNF1o81q7yREnT7wCtvV7IWC1ulXoGDHlI0IPkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIp4ecnMFcB1J6pxFQ1pNvxDUHETAfBgNVHSMEGDAWgBSRP0ycY4jwoDQn
YgCeMk7BMnEzfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tUOU1uR09JOEtBMEoySUFuakpPd1RKeE0zNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvMWM3NDgxLWU2YTAtNGExYy04N2U2LTQwMjc0MjNhYTM4Yy8x
L1NLZUhuSnpCWEFkU2VxY1JVTmFUYjhRMUJ4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
MWM3NDgxLWU2YTAtNGExYy04N2U2LTQwMjc0MjNhYTM4Yy8xL2tUOU1uR09JOEtB
MEoySUFuakpPd1RKeE0zNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmXkDANBgkqhkiG9w0BAQsFAAOC
AQEAsOkyo94/ruzFsDE78VVP0iBC0dFWfDBe6lTewBZWZ867uGdDP9kQBYcsZ16Y
MmfWGGVEOeBCjmlK/sMT9tvMwjyCwUWvhdZiaVNfHdkPBUPv5rqVbQiinaJn9Fgi
cixUDs113jkaefgNmBf98ArTDhr1vk3H+C71KXsZsEUhUeUZwlK/kWWGUMKLJrQs
gaQSKQQxw5pH2SmztouJjKEBUCvfS6O49IzD97OA6qWU50mDxiz6wzT0sxtvI4qZ
p7/P8dJjvWRytpljbvGIIb3NcBePiLlJe5tHq/S3rXRXKuFAMEAg0zff5JwvL0qa
rCROgbRju9COcX3GACHcMo966A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org