Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/f71b3e-64bd-4587-9479-91eda98f8365/1/toY_7RZzLMcuqkQPxVG8m9J-T8k.roa
File:                     toY_7RZzLMcuqkQPxVG8m9J-T8k.roa (raw, json)
Hash identifier:          eRoewq9FLnqCrG9pZNPRahF3/bytZTHxflQy1wWusW4=
Subject key identifier:   B6:86:3F:ED:16:73:2C:C7:2E:AA:44:0F:C5:51:BC:9B:D2:7E:4F:C9
Certificate issuer:       /CN=7b509db91972523d3a1d4cee980536eeaf33eac9
Certificate serial:       6A4248
Authority key identifier: 7B:50:9D:B9:19:72:52:3D:3A:1D:4C:EE:98:05:36:EE:AF:33:EA:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e1CduRlyUj06HUzumAU27q8z6sk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/f71b3e-64bd-4587-9479-91eda98f8365/1/toY_7RZzLMcuqkQPxVG8m9J-T8k.roa
Signing time:             Sat 01 Jan 2022 01:55:35 +0000
ROA not before:           Sat 01 Jan 2022 01:55:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        146.19.184.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6963784 (0x6a4248)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b509db91972523d3a1d4cee980536eeaf33eac9
        Validity
            Not Before: Jan  1 01:55:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6863fed16732cc72eaa440fc551bc9bd27e4fc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d7:f4:04:2b:9c:9d:99:51:5e:6a:ab:dd:c3:
                    bc:99:f7:f1:6a:05:b2:fa:58:10:23:d8:79:c6:25:
                    a1:29:60:b1:e7:5f:c2:91:df:5a:44:42:48:7f:73:
                    12:48:ce:e0:21:f2:7d:71:e6:ba:c8:09:1d:81:31:
                    22:fa:1d:59:ed:df:d3:2c:f3:a7:1b:4d:a2:00:07:
                    5a:b5:d2:ad:88:20:18:7d:30:4e:41:c2:57:b4:fb:
                    af:1e:71:45:21:0d:c1:ee:c7:83:c4:46:7f:85:c1:
                    40:1f:2b:7f:72:ce:a5:5e:7a:cd:45:0a:bf:81:c0:
                    92:28:f1:e6:49:0c:15:8c:c0:6c:d7:d5:68:a6:5f:
                    bd:b5:9a:03:83:a2:a7:a3:af:0c:da:b5:0f:6a:89:
                    c3:72:85:dc:84:22:cd:2c:68:ab:dc:74:f4:6a:e5:
                    62:1c:bf:53:47:ea:34:aa:21:2e:af:36:23:29:00:
                    93:9c:36:86:cc:6a:56:5b:93:bf:fe:93:72:af:40:
                    cf:9d:0e:9d:51:e4:5e:70:84:4d:e0:93:f9:a3:0f:
                    ea:44:b1:43:0a:b1:f8:2a:50:8a:0e:22:91:e7:b0:
                    99:44:3e:ac:60:a0:5b:da:6a:eb:8f:ff:3e:fe:f4:
                    8b:ce:51:33:5f:3c:5c:fd:27:23:cd:26:9a:a5:18:
                    6b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:86:3F:ED:16:73:2C:C7:2E:AA:44:0F:C5:51:BC:9B:D2:7E:4F:C9
            X509v3 Authority Key Identifier:
                keyid:7B:50:9D:B9:19:72:52:3D:3A:1D:4C:EE:98:05:36:EE:AF:33:EA:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1CduRlyUj06HUzumAU27q8z6sk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f71b3e-64bd-4587-9479-91eda98f8365/1/toY_7RZzLMcuqkQPxVG8m9J-T8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f71b3e-64bd-4587-9479-91eda98f8365/1/e1CduRlyUj06HUzumAU27q8z6sk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:47:c9:f4:2d:c3:19:0b:6c:09:21:7b:09:44:9b:4e:16:01:
         ef:b4:71:d5:a1:79:1b:74:fe:0b:cf:4e:4c:51:e8:10:62:ec:
         ca:d9:05:df:70:da:ce:1c:dd:80:6c:96:53:bd:1b:2a:2e:b9:
         ae:43:56:76:f9:53:e6:95:7d:d9:e5:8f:6b:94:f4:74:12:3a:
         cf:69:2d:22:49:3b:3b:53:76:32:d0:50:9c:79:ed:f0:11:d7:
         3a:ec:92:ae:5c:56:01:e1:56:01:8c:8d:4e:b1:ce:34:09:97:
         53:65:ee:a9:44:6f:9b:fd:51:f8:cb:d4:ac:c3:78:a3:c5:9d:
         c2:26:46:b8:ee:f6:3c:03:91:b2:59:24:c9:ac:6c:81:e2:0b:
         99:29:56:59:66:ba:28:e5:81:e1:a7:92:e3:75:e8:86:b2:bc:
         41:6a:87:4d:56:ac:c5:dd:30:1b:4b:e4:9b:ff:7a:7e:06:5a:
         3a:b6:54:fc:ef:92:d5:ec:01:04:18:37:5f:df:17:07:77:dc:
         c9:10:91:89:1c:a8:50:4c:00:61:a8:8e:17:8e:0d:05:21:0f:
         76:d8:12:48:49:54:d9:cd:9f:07:d6:4d:8e:a9:71:30:ff:fc:
         a0:96:21:10:4d:fa:c9:59:52:55:22:67:19:26:8b:ff:9a:43:
         c2:9a:4e:21
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDakJIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdi
NTA5ZGI5MTk3MjUyM2QzYTFkNGNlZTk4MDUzNmVlYWYzM2VhYzkwHhcNMjIwMTAx
MDE1NTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNjg2M2ZlZDE2NzMy
Y2M3MmVhYTQ0MGZjNTUxYmM5YmQyN2U0ZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq9f0BCucnZlRXmqr3cO8mffxagWy+lgQI9h5xiWhKWCx51/C
kd9aREJIf3MSSM7gIfJ9cea6yAkdgTEi+h1Z7d/TLPOnG02iAAdatdKtiCAYfTBO
QcJXtPuvHnFFIQ3B7seDxEZ/hcFAHyt/cs6lXnrNRQq/gcCSKPHmSQwVjMBs19Vo
pl+9tZoDg6Kno68M2rUPaonDcoXchCLNLGir3HT0auViHL9TR+o0qiEurzYjKQCT
nDaGzGpWW5O//pNyr0DPnQ6dUeRecIRN4JP5ow/qRLFDCrH4KlCKDiKR57CZRD6s
YKBb2mrrj/8+/vSLzlEzXzxc/ScjzSaapRhrIwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLaGP+0WcyzHLqpED8VRvJvSfk/JMB8GA1UdIwQYMBaAFHtQnbkZclI9Oh1M
7pgFNu6vM+rJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZTFDZHVSbHlVajA2SFV6dW1BVTI3cTh6NnNrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZC9mNzFiM2UtNjRiZC00NTg3LTk0NzktOTFlZGE5OGY4MzY1LzEv
dG9ZXzdSWnpMTWN1cWtRUHhWRzhtOUotVDhrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9m
NzFiM2UtNjRiZC00NTg3LTk0NzktOTFlZGE5OGY4MzY1LzEvZTFDZHVSbHlVajA2
SFV6dW1BVTI3cTh6NnNrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhO4MA0GCSqGSIb3DQEBCwUAA4IB
AQBaR8n0LcMZC2wJIXsJRJtOFgHvtHHVoXkbdP4Lz05MUegQYuzK2QXfcNrOHN2A
bJZTvRsqLrmuQ1Z2+VPmlX3Z5Y9rlPR0EjrPaS0iSTs7U3Yy0FCcee3wEdc67JKu
XFYB4VYBjI1Osc40CZdTZe6pRG+b/VH4y9Ssw3ijxZ3CJka47vY8A5GyWSTJrGyB
4guZKVZZZroo5YHhp5LjdeiGsrxBaodNVqzF3TAbS+Sb/3p+Blo6tlT875LV7AEE
GDdf3xcHd9zJEJGJHKhQTABhqI4Xjg0FIQ922BJISVTZzZ8H1k2OqXEw//ygliEQ
TfrJWVJVImcZJov/mkPCmk4h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:02 2024 by rpki-client on console-ams.rpki-client.org