Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/381f70-3fa4-4b76-af3b-0882c97ef0f2/1/cfoLGKwhgUHZ_9oiwSyv5q8uaN0.roa
File:                     cfoLGKwhgUHZ_9oiwSyv5q8uaN0.roa (raw, json)
Hash identifier:          ZZZH75xEomY0zONqcV/yCnixXVF+Ew2sLGt9M2D1i6g=
Subject key identifier:   71:FA:0B:18:AC:21:81:41:D9:FF:DA:22:C1:2C:AF:E6:AF:2E:68:DD
Certificate issuer:       /CN=3f7ec5e906163c7726193f0d5198daddcfea088d
Certificate serial:       063FA185
Authority key identifier: 3F:7E:C5:E9:06:16:3C:77:26:19:3F:0D:51:98:DA:DD:CF:EA:08:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P37F6QYWPHcmGT8NUZja3c_qCI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/381f70-3fa4-4b76-af3b-0882c97ef0f2/1/cfoLGKwhgUHZ_9oiwSyv5q8uaN0.roa
Signing time:             Sat 01 Jan 2022 07:56:50 +0000
ROA not before:           Sat 01 Jan 2022 07:56:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35196
IP address blocks:        91.132.100.12/32 maxlen: 32
                          91.132.100.72/32 maxlen: 32
                          91.132.101.0/24 maxlen: 24
                          91.132.102.0/24 maxlen: 24
                          91.132.100.0/24 maxlen: 24
                          91.132.103.0/24 maxlen: 24
                          91.132.100.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104833413 (0x63fa185)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f7ec5e906163c7726193f0d5198daddcfea088d
        Validity
            Not Before: Jan  1 07:56:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=71fa0b18ac218141d9ffda22c12cafe6af2e68dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:98:40:78:51:75:80:f4:3e:7f:b0:ed:60:b1:
                    89:35:a6:e3:67:ad:ad:ac:40:41:ff:86:e0:ce:e2:
                    82:bf:2f:76:64:cd:66:c6:1c:5f:75:af:df:fc:36:
                    7a:87:d9:b1:65:f9:f7:9a:d6:2b:b3:2f:5f:28:86:
                    bc:a5:12:f0:a1:c7:ac:2f:e7:9f:94:7c:f4:de:5d:
                    11:0b:54:a3:e1:55:b9:11:3a:6d:c4:a1:89:6c:0a:
                    02:f9:46:00:02:42:8e:07:46:25:c7:95:69:3b:ea:
                    de:ca:54:19:02:e4:18:06:95:36:43:7c:06:2e:81:
                    e4:f7:99:a0:48:ae:ed:0a:90:0c:b4:d0:7f:20:e6:
                    89:06:09:ae:79:87:52:b4:a0:0e:6e:13:53:9b:c8:
                    76:5c:80:e7:7c:d8:2f:73:3f:1d:44:dd:ea:a0:4a:
                    42:08:2f:a8:7a:6b:ef:70:78:57:3f:81:f9:29:97:
                    2c:af:dd:87:b4:5b:bb:dc:03:ce:a6:21:bc:0d:a2:
                    ee:08:dd:b8:28:74:58:09:98:3c:dd:9a:d6:7e:16:
                    c1:48:3e:5a:0e:14:49:79:9e:dd:d0:ed:a8:ff:03:
                    5e:a4:fa:cf:10:24:67:97:e6:5f:31:74:b3:b0:8c:
                    16:9f:18:38:bd:32:46:b5:a2:6d:f3:b4:59:c6:e5:
                    cf:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:FA:0B:18:AC:21:81:41:D9:FF:DA:22:C1:2C:AF:E6:AF:2E:68:DD
            X509v3 Authority Key Identifier:
                keyid:3F:7E:C5:E9:06:16:3C:77:26:19:3F:0D:51:98:DA:DD:CF:EA:08:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P37F6QYWPHcmGT8NUZja3c_qCI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/381f70-3fa4-4b76-af3b-0882c97ef0f2/1/cfoLGKwhgUHZ_9oiwSyv5q8uaN0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/381f70-3fa4-4b76-af3b-0882c97ef0f2/1/P37F6QYWPHcmGT8NUZja3c_qCI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:17:c0:9a:8d:f5:4a:5f:6a:97:c0:72:2f:19:b6:8d:7c:9d:
         ef:5e:29:99:5e:db:d4:52:99:c6:c6:c8:bd:e2:3d:5e:ca:86:
         c3:22:b2:3c:86:46:26:0e:82:5b:c1:2f:23:85:a1:9d:bd:9c:
         06:23:b3:98:12:e6:c4:73:13:5c:1f:be:44:96:5e:76:51:08:
         b5:a7:5e:3d:ed:b7:85:a1:26:1e:5b:e3:b8:05:89:90:05:15:
         5f:62:74:ce:52:df:45:7d:4d:be:17:88:37:64:57:2d:cd:3a:
         79:cd:a9:ef:75:a8:e5:6b:60:47:88:75:df:eb:25:0e:87:10:
         95:db:3e:8d:4e:0c:22:c1:df:33:6d:74:01:c1:7e:7f:a8:a7:
         fe:fc:d0:df:cc:b7:9a:83:90:bc:63:8f:6d:b6:8f:1e:9c:fb:
         a4:c4:ad:c5:29:d6:10:e0:b7:80:91:62:fa:cb:0e:3c:d8:80:
         ae:66:19:08:b6:c6:93:49:42:ad:d7:32:8c:17:12:75:c8:ad:
         74:ba:0d:b6:0e:ae:4a:3e:3c:57:21:ed:13:9b:e0:4b:00:dc:
         c3:27:46:f9:53:2a:3e:83:9c:1b:5b:70:3f:44:0b:50:78:cd:
         2f:ce:2c:e6:57:56:60:b0:c4:fd:2f:26:44:1f:7e:1e:a9:50:
         26:52:8a:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBj+hhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjdlYzVlOTA2MTYzYzc3MjYxOTNmMGQ1MTk4ZGFkZGNmZWEwODhkMB4XDTIyMDEw
MTA3NTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFmYTBiMThhYzIx
ODE0MWQ5ZmZkYTIyYzEyY2FmZTZhZjJlNjhkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSYQHhRdYD0Pn+w7WCxiTWm42etraxAQf+G4M7igr8vdmTN
ZsYcX3Wv3/w2eofZsWX595rWK7MvXyiGvKUS8KHHrC/nn5R89N5dEQtUo+FVuRE6
bcShiWwKAvlGAAJCjgdGJceVaTvq3spUGQLkGAaVNkN8Bi6B5PeZoEiu7QqQDLTQ
fyDmiQYJrnmHUrSgDm4TU5vIdlyA53zYL3M/HUTd6qBKQggvqHpr73B4Vz+B+SmX
LK/dh7Rbu9wDzqYhvA2i7gjduCh0WAmYPN2a1n4WwUg+Wg4USXme3dDtqP8DXqT6
zxAkZ5fmXzF0s7CMFp8YOL0yRrWibfO0Wcblz8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRx+gsYrCGBQdn/2iLBLK/mry5o3TAfBgNVHSMEGDAWgBQ/fsXpBhY8dyYZ
Pw1RmNrdz+oIjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1AzN0Y2UVlXUEhjbUdUOE5VWmphM2NfcUNJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvMzgxZjcwLTNmYTQtNGI3Ni1hZjNiLTA4ODJjOTdlZjBmMi8x
L2Nmb0xHS3doZ1VIWl85b2l3U3l2NXE4dWFOMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
MzgxZjcwLTNmYTQtNGI3Ni1hZjNiLTA4ODJjOTdlZjBmMi8xL1AzN0Y2UVlXUEhj
bUdUOE5VWmphM2NfcUNJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAluEZDANBgkqhkiG9w0BAQsFAAOC
AQEAAxfAmo31Sl9ql8ByLxm2jXyd714pmV7b1FKZxsbIveI9XsqGwyKyPIZGJg6C
W8EvI4Whnb2cBiOzmBLmxHMTXB++RJZedlEItadePe23haEmHlvjuAWJkAUVX2J0
zlLfRX1NvheIN2RXLc06ec2p73Wo5WtgR4h13+slDocQlds+jU4MIsHfM210AcF+
f6in/vzQ38y3moOQvGOPbbaPHpz7pMStxSnWEOC3gJFi+ssOPNiArmYZCLbGk0lC
rdcyjBcSdcitdLoNtg6uSj48VyHtE5vgSwDcwydG+VMqPoOcG1twP0QLUHjNL84s
5ldWYLDE/S8mRB9+HqlQJlKKqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:31 2024 by rpki-client on console-ams.rpki-client.org