Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/Xnv8hpPuiY2dWniohJaU8NRbkGs.roa
File:                     Xnv8hpPuiY2dWniohJaU8NRbkGs.roa (raw, json)
Hash identifier:          XN3kLt0vefgvqMqQCg5CbBoFo+PpqU5EkUbeAPi6XDw=
Subject key identifier:   5E:7B:FC:86:93:EE:89:8D:9D:5A:78:A8:84:96:94:F0:D4:5B:90:6B
Certificate issuer:       /CN=0aa4667fc501352fbed17e47168c4687d775623f
Certificate serial:       01344C93
Authority key identifier: 0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/Xnv8hpPuiY2dWniohJaU8NRbkGs.roa
Signing time:             Sat 01 Jan 2022 11:59:51 +0000
ROA not before:           Sat 01 Jan 2022 11:59:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        194.26.119.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20204691 (0x1344c93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0aa4667fc501352fbed17e47168c4687d775623f
        Validity
            Not Before: Jan  1 11:59:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e7bfc8693ee898d9d5a78a8849694f0d45b906b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:51:27:19:59:27:aa:7c:98:95:1c:e8:93:4b:
                    47:40:c6:0d:d5:cc:f2:19:93:d8:1f:ac:1d:e2:66:
                    51:21:ad:ab:cb:f5:5f:2d:24:dd:10:c7:c7:32:18:
                    ab:55:23:9f:06:1b:5c:44:de:33:79:07:82:2b:20:
                    18:42:4e:7a:9c:d6:16:92:d8:d4:96:bc:24:f0:90:
                    5f:85:38:d3:ea:eb:bf:25:99:0f:a2:46:5d:21:41:
                    b1:c6:7f:0e:31:ac:33:f9:17:dc:25:cb:06:4d:7a:
                    59:ed:0c:21:58:44:3b:d7:65:73:e2:42:fd:e6:54:
                    79:8d:62:81:46:56:ea:cc:e7:55:02:8f:43:27:bb:
                    18:42:b6:4c:3b:20:de:3c:e8:b7:60:8b:48:82:5a:
                    67:56:aa:67:ce:ab:e1:6f:75:26:f8:1f:29:dd:01:
                    e6:51:b6:2e:88:ff:7d:07:88:da:b3:88:dc:48:53:
                    c0:16:74:fe:28:7a:51:d1:77:b5:35:4c:08:2f:7b:
                    08:7b:f5:bf:86:01:95:de:85:1f:45:8c:1b:b5:5a:
                    4d:ce:3d:52:05:a4:f3:e6:ec:fc:41:92:88:06:d8:
                    eb:5a:ca:ab:80:92:16:73:81:cb:e7:4c:4d:86:d4:
                    fa:3e:ce:a4:e7:b5:6d:81:7f:c6:60:07:3c:7a:d6:
                    a0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7B:FC:86:93:EE:89:8D:9D:5A:78:A8:84:96:94:F0:D4:5B:90:6B
            X509v3 Authority Key Identifier:
                keyid:0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/Xnv8hpPuiY2dWniohJaU8NRbkGs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/CqRmf8UBNS--0X5HFoxGh9d1Yj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:50:c3:8a:3d:14:08:38:05:6e:e4:4a:5a:ee:9a:7a:50:0e:
         a5:06:33:a1:de:f9:8f:14:ea:19:f5:ab:5e:4c:bb:9e:2b:3a:
         2a:4f:a4:d7:c4:82:62:0f:33:dc:48:3f:1b:cd:b7:1a:30:7f:
         37:c8:ba:7f:10:79:e5:c1:03:e0:4f:73:ed:32:64:42:b6:49:
         67:65:d9:3e:3f:48:a9:a1:d9:69:a0:1d:c1:d7:21:bf:5a:03:
         1d:3a:a3:59:c4:0c:fc:f4:89:0a:69:82:5d:56:c1:e8:d5:22:
         09:36:3e:fe:3c:53:94:f5:c6:bc:2e:d5:54:64:b8:eb:a0:0a:
         e5:75:83:c4:c0:d3:ac:38:ee:b5:a5:0c:2f:e2:88:84:c9:58:
         f6:8a:4e:da:ff:72:24:86:67:a7:c6:ef:90:6c:47:93:98:c7:
         eb:4f:c4:1c:92:01:92:ff:a7:c3:38:f3:40:8c:c2:a0:7b:72:
         8c:77:bf:ec:1e:b7:26:bb:7d:38:82:50:bc:7b:a8:1e:92:39:
         6f:bf:ea:61:cf:51:eb:13:3b:6a:c2:87:c9:58:8f:4a:ee:5a:
         53:15:e2:c3:d0:fb:b8:c1:96:3a:1c:3e:6b:0d:78:8a:1a:3d:
         a4:24:86:4e:d0:ae:85:e5:be:ee:c6:af:5e:c2:cd:43:0f:ee:
         65:2a:f1:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATRMkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWE0NjY3ZmM1MDEzNTJmYmVkMTdlNDcxNjhjNDY4N2Q3NzU2MjNmMB4XDTIyMDEw
MTExNTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU3YmZjODY5M2Vl
ODk4ZDlkNWE3OGE4ODQ5Njk0ZjBkNDViOTA2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJRJxlZJ6p8mJUc6JNLR0DGDdXM8hmT2B+sHeJmUSGtq8v1
Xy0k3RDHxzIYq1UjnwYbXETeM3kHgisgGEJOepzWFpLY1Ja8JPCQX4U40+rrvyWZ
D6JGXSFBscZ/DjGsM/kX3CXLBk16We0MIVhEO9dlc+JC/eZUeY1igUZW6sznVQKP
Qye7GEK2TDsg3jzot2CLSIJaZ1aqZ86r4W91JvgfKd0B5lG2Loj/fQeI2rOI3EhT
wBZ0/ih6UdF3tTVMCC97CHv1v4YBld6FH0WMG7VaTc49UgWk8+bs/EGSiAbY61rK
q4CSFnOBy+dMTYbU+j7OpOe1bYF/xmAHPHrWoLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRee/yGk+6JjZ1aeKiElpTw1FuQazAfBgNVHSMEGDAWgBQKpGZ/xQE1L77R
fkcWjEaH13ViPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NxUm1mOFVCTlMtLTBYNUhGb3hHaDlkMVlqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYjQxZjYzLTY1YjktNDAzYi1hMDY3LTQwMjBhNDg5ODNiMy8x
L1hudjhocFB1aVkyZFduaW9oSmFVOE5SYmtHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YjQxZjYzLTY1YjktNDAzYi1hMDY3LTQwMjBhNDg5ODNiMy8xL0NxUm1mOFVCTlMt
LTBYNUhGb3hHaDlkMVlqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIadzANBgkqhkiG9w0BAQsFAAOC
AQEAuVDDij0UCDgFbuRKWu6aelAOpQYzod75jxTqGfWrXky7nis6Kk+k18SCYg8z
3Eg/G823GjB/N8i6fxB55cED4E9z7TJkQrZJZ2XZPj9IqaHZaaAdwdchv1oDHTqj
WcQM/PSJCmmCXVbB6NUiCTY+/jxTlPXGvC7VVGS466AK5XWDxMDTrDjutaUML+KI
hMlY9opO2v9yJIZnp8bvkGxHk5jH60/EHJIBkv+nwzjzQIzCoHtyjHe/7B63Jrt9
OIJQvHuoHpI5b7/qYc9R6xM7asKHyViPSu5aUxXiw9D7uMGWOhw+aw14iho9pCSG
TtCuheW+7savXsLNQw/uZSrxzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:27 2024 by rpki-client on console-ams.rpki-client.org