Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/m56bZTFxxO51Y4TKvZJ5Id-WJM4.roa
File:                     m56bZTFxxO51Y4TKvZJ5Id-WJM4.roa (raw, json)
Hash identifier:          itZNf997ithBRyOobsTNSLAtVRzWRbwKJH+qMAx0V3g=
Subject key identifier:   9B:9E:9B:65:31:71:C4:EE:75:63:84:CA:BD:92:79:21:DF:96:24:CE
Certificate issuer:       /CN=85fccaab6898aa22242fa847ce02a5ba1a67dd22
Certificate serial:       B2466F
Authority key identifier: 85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfzKq2iYqiIkL6hHzgKluhpn3SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/m56bZTFxxO51Y4TKvZJ5Id-WJM4.roa
Signing time:             Sat 01 Jan 2022 06:53:11 +0000
ROA not before:           Sat 01 Jan 2022 06:53:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        91.247.172.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11683439 (0xb2466f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fccaab6898aa22242fa847ce02a5ba1a67dd22
        Validity
            Not Before: Jan  1 06:53:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b9e9b653171c4ee756384cabd927921df9624ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:79:23:ec:95:24:46:31:ea:26:de:b2:cd:48:
                    81:36:14:c6:12:ce:b5:9c:7a:ba:70:23:ba:58:21:
                    15:29:1e:6e:98:6c:d9:78:ff:f0:10:90:f2:ef:cb:
                    28:d7:cb:d0:36:bd:fe:20:60:4e:a1:25:2d:7d:9e:
                    8a:c1:86:9f:20:f5:b3:da:2a:3f:40:fd:0c:69:ab:
                    67:33:38:ba:73:2f:e6:b7:66:2f:1b:e2:04:94:b9:
                    93:a1:be:2f:b1:2b:55:fa:7b:d2:0c:47:58:12:9a:
                    6c:4f:82:39:99:7d:a9:b2:12:00:7e:9c:21:8d:64:
                    6f:dc:c3:16:4a:50:77:76:8d:6b:0c:6b:6d:92:23:
                    a0:6e:ff:f1:44:3b:e9:d3:a1:ca:ba:78:d7:f1:2a:
                    8a:7a:87:c7:5d:b6:de:ed:b6:f0:8a:a5:ef:41:53:
                    c3:94:e1:55:41:a8:a3:81:cf:e1:c2:03:06:8f:57:
                    d7:04:44:85:95:eb:c8:c4:92:66:34:4f:f3:5a:f0:
                    43:fa:5f:f3:ee:22:ad:90:d1:31:ec:9b:cf:17:cf:
                    09:d3:94:a9:93:6a:03:9f:bc:f1:6c:d8:f9:e4:54:
                    0f:86:93:a1:93:8b:f4:56:d1:54:bf:c9:74:08:55:
                    2e:0b:7c:0d:7c:9e:2c:b0:63:ed:6e:1a:b9:f2:1b:
                    bc:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9E:9B:65:31:71:C4:EE:75:63:84:CA:BD:92:79:21:DF:96:24:CE
            X509v3 Authority Key Identifier:
                keyid:85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfzKq2iYqiIkL6hHzgKluhpn3SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/m56bZTFxxO51Y4TKvZJ5Id-WJM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/hfzKq2iYqiIkL6hHzgKluhpn3SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.247.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:3b:6a:0e:4f:2a:09:37:d4:c4:0f:26:87:e1:7e:31:52:50:
         0f:50:8f:ad:99:75:8e:9a:d1:83:7a:98:41:b7:ec:f8:3c:d8:
         4c:31:a8:19:ca:84:48:ca:cc:b2:3e:e0:a2:73:c8:c3:a8:6c:
         d5:59:73:b6:14:66:fc:ac:47:f4:00:7c:f2:96:c2:a5:f4:e3:
         5b:20:03:ae:57:cc:df:da:ec:ca:88:01:94:d4:5c:e0:fd:6e:
         ac:d6:0e:c7:7f:1f:c0:f1:27:40:d8:cb:45:a8:4f:76:64:88:
         e6:22:20:b3:76:ae:e3:1a:b1:f1:d2:7d:1b:0e:62:5f:47:a2:
         27:74:d8:2b:e6:85:46:72:c0:23:78:79:ee:94:8f:ad:aa:35:
         04:dd:42:b9:00:09:91:36:92:d6:54:d2:bd:45:e7:67:d3:5e:
         f2:81:9a:60:67:2f:38:d8:4c:8a:0b:13:a2:39:61:bd:9f:d1:
         0a:1b:16:f0:de:9e:8d:d0:37:1f:fc:1d:da:65:10:a0:aa:d2:
         a4:07:83:dd:85:0a:30:48:b8:e9:5b:f1:9b:58:f7:76:67:c8:
         e6:d6:57:69:7a:23:67:e4:5b:74:18:6b:33:49:ff:cd:bb:19:
         38:b2:65:16:02:02:58:83:ee:60:6f:01:81:c3:35:a1:aa:78:
         e2:d5:ab:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALJGbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWZjY2FhYjY4OThhYTIyMjQyZmE4NDdjZTAyYTViYTFhNjdkZDIyMB4XDTIyMDEw
MTA2NTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI5ZTliNjUzMTcx
YzRlZTc1NjM4NGNhYmQ5Mjc5MjFkZjk2MjRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANB5I+yVJEYx6ibess1IgTYUxhLOtZx6unAjulghFSkebphs
2Xj/8BCQ8u/LKNfL0Da9/iBgTqElLX2eisGGnyD1s9oqP0D9DGmrZzM4unMv5rdm
LxviBJS5k6G+L7ErVfp70gxHWBKabE+COZl9qbISAH6cIY1kb9zDFkpQd3aNawxr
bZIjoG7/8UQ76dOhyrp41/EqinqHx1223u228Iql70FTw5ThVUGoo4HP4cIDBo9X
1wREhZXryMSSZjRP81rwQ/pf8+4irZDRMeybzxfPCdOUqZNqA5+88WzY+eRUD4aT
oZOL9FbRVL/JdAhVLgt8DXyeLLBj7W4aufIbvOkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSbnptlMXHE7nVjhMq9knkh35YkzjAfBgNVHSMEGDAWgBSF/MqraJiqIiQv
qEfOAqW6GmfdIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hmektxMmlZcWlJa0w2aEh6Z0tsdWhwbjNTSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvMThjYjg2LWY4ZjMtNDA0Mi1hMjZhLTliNTNhNTE3YTE1Ny8x
L201NmJaVEZ4eE81MVk0VEt2Wko1SWQtV0pNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
MThjYjg2LWY4ZjMtNDA0Mi1hMjZhLTliNTNhNTE3YTE1Ny8xL2hmektxMmlZcWlJ
a0w2aEh6Z0tsdWhwbjNTSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv3rDANBgkqhkiG9w0BAQsFAAOC
AQEAKjtqDk8qCTfUxA8mh+F+MVJQD1CPrZl1jprRg3qYQbfs+DzYTDGoGcqESMrM
sj7gonPIw6hs1VlzthRm/KxH9AB88pbCpfTjWyADrlfM39rsyogBlNRc4P1urNYO
x38fwPEnQNjLRahPdmSI5iIgs3au4xqx8dJ9Gw5iX0eiJ3TYK+aFRnLAI3h57pSP
rao1BN1CuQAJkTaS1lTSvUXnZ9Ne8oGaYGcvONhMigsTojlhvZ/RChsW8N6ejdA3
H/wd2mUQoKrSpAeD3YUKMEi46Vvxm1j3dmfI5tZXaXojZ+RbdBhrM0n/zbsZOLJl
FgICWIPuYG8BgcM1oap44tWrYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org