Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/41f84f-a80c-4247-b707-6ac526ed1b60/1/y3CLNO_MEJU87GknQ4t47Yu-VHw.roa
File:                     y3CLNO_MEJU87GknQ4t47Yu-VHw.roa (raw, json)
Hash identifier:          0BJS8qen6fslwqlPpSWDTeEkg19FhqoA+ZBSCoEqmV0=
Subject key identifier:   CB:70:8B:34:EF:CC:10:95:3C:EC:69:27:43:8B:78:ED:8B:BE:54:7C
Certificate issuer:       /CN=835defb86d4665b7abda63bfe8d9b07d06f96b27
Certificate serial:       01856C65B790FCC6CF993EF009C88EB5CB06
Authority key identifier: 83:5D:EF:B8:6D:46:65:B7:AB:DA:63:BF:E8:D9:B0:7D:06:F9:6B:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g13vuG1GZber2mO_6NmwfQb5ayc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/41f84f-a80c-4247-b707-6ac526ed1b60/1/y3CLNO_MEJU87GknQ4t47Yu-VHw.roa
Signing time:             Sun 01 Jan 2023 08:14:43 +0000
ROA not before:           Sun 01 Jan 2023 08:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13559
IP address blocks:        2a0e:8a84::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:65:b7:90:fc:c6:cf:99:3e:f0:09:c8:8e:b5:cb:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835defb86d4665b7abda63bfe8d9b07d06f96b27
        Validity
            Not Before: Jan  1 08:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb708b34efcc10953cec6927438b78ed8bbe547c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7c:2f:f5:59:78:5d:1e:e3:c5:13:bf:b3:52:
                    19:e2:d9:80:f2:24:65:ae:73:03:67:2b:c0:8f:5e:
                    84:81:99:6a:15:87:c9:25:0a:6d:95:d8:22:a8:f5:
                    2c:62:ca:b4:d3:b5:bc:1f:9f:24:9d:16:0b:1f:5e:
                    a3:c9:44:fc:05:1a:c8:4e:35:24:c1:48:46:4c:b5:
                    98:82:22:d8:e9:25:c9:2a:85:c0:a2:ee:b0:75:2a:
                    e3:c6:a4:1f:d1:ac:26:4f:c9:ab:82:71:de:23:79:
                    a6:50:fb:25:94:4b:c5:06:5a:c9:2d:b9:3c:95:01:
                    19:ec:8f:56:95:8c:b0:39:b3:c4:92:5f:c7:05:75:
                    79:6d:21:46:cd:33:7e:b0:a5:07:cb:1e:d7:6d:ce:
                    fd:6c:49:b9:bf:02:d9:38:db:ba:2e:bd:a0:8a:fd:
                    8a:11:f4:54:56:60:c1:f5:89:94:fe:8a:77:a9:59:
                    e9:ac:42:f3:ef:48:81:9a:49:ee:29:da:e0:4f:f4:
                    77:e1:6b:1d:c9:38:2a:27:ba:f5:2a:0b:df:07:a3:
                    8b:2c:61:80:b3:ec:27:d7:9f:fb:98:bc:b7:fe:2d:
                    6b:97:06:89:cf:aa:c6:44:a5:4a:43:b7:a5:f4:98:
                    70:fc:bc:b1:28:a7:d1:ed:7c:11:0b:fa:1a:2a:1c:
                    21:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:70:8B:34:EF:CC:10:95:3C:EC:69:27:43:8B:78:ED:8B:BE:54:7C
            X509v3 Authority Key Identifier:
                keyid:83:5D:EF:B8:6D:46:65:B7:AB:DA:63:BF:E8:D9:B0:7D:06:F9:6B:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g13vuG1GZber2mO_6NmwfQb5ayc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/41f84f-a80c-4247-b707-6ac526ed1b60/1/y3CLNO_MEJU87GknQ4t47Yu-VHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/41f84f-a80c-4247-b707-6ac526ed1b60/1/g13vuG1GZber2mO_6NmwfQb5ayc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8a84::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:ba:a6:d8:b9:be:af:96:0c:c1:94:52:ee:4a:0a:9d:df:76:
         05:cb:64:f2:29:2a:b2:80:50:e1:3c:96:1d:79:d8:e7:7f:23:
         e9:cf:5c:54:e9:e8:eb:8d:77:80:c8:93:d7:e2:10:65:1e:bb:
         a3:9f:6a:32:6b:f8:f4:1a:29:22:3e:a9:93:6c:75:43:bb:9f:
         81:e3:0c:24:49:1f:76:24:cc:4d:29:46:a7:47:08:5f:85:6a:
         f4:de:8b:97:62:fa:7c:41:fe:ea:ed:3f:24:fd:45:75:27:f8:
         12:26:03:08:46:74:b3:75:2e:55:d8:6c:bb:ff:84:86:46:d4:
         8c:fa:c5:81:a0:c7:26:e6:26:a7:34:e8:b1:c6:41:c6:e0:4d:
         da:a2:03:2c:c8:29:c4:5e:c7:27:b6:90:ff:4c:17:0e:3c:87:
         68:96:17:e2:08:cb:e4:b7:82:39:c5:93:e3:64:ed:00:e4:85:
         d1:9f:97:a0:cd:25:3a:8a:21:c2:5f:c2:08:b3:ec:76:f7:23:
         fb:83:ac:93:59:34:81:1e:1c:d8:8d:d4:aa:df:56:af:5c:d3:
         51:49:dd:7f:3b:fe:13:9b:8b:1e:7f:14:b7:b6:87:37:f1:e3:
         a3:57:f6:8a:13:46:78:54:63:73:f8:02:0d:6e:00:79:ba:df:
         12:4d:ce:2b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsZbeQ/MbPmT7wCciOtcsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWRlZmI4NmQ0NjY1YjdhYmRhNjNiZmU4ZDliMDdkMDZm
OTZiMjcwHhcNMjMwMTAxMDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjcwOGIzNGVmY2MxMDk1M2NlYzY5Mjc0MzhiNzhlZDhiYmU1NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3wv9Vl4XR7jxRO/s1IZ4tmA8iRl
rnMDZyvAj16EgZlqFYfJJQptldgiqPUsYsq007W8H58knRYLH16jyUT8BRrITjUk
wUhGTLWYgiLY6SXJKoXAou6wdSrjxqQf0awmT8mrgnHeI3mmUPsllEvFBlrJLbk8
lQEZ7I9WlYywObPEkl/HBXV5bSFGzTN+sKUHyx7Xbc79bEm5vwLZONu6Lr2giv2K
EfRUVmDB9YmU/op3qVnprELz70iBmknuKdrgT/R34WsdyTgqJ7r1KgvfB6OLLGGA
s+wn15/7mLy3/i1rlwaJz6rGRKVKQ7el9Jhw/LyxKKfR7XwRC/oaKhwhYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMtwizTvzBCVPOxpJ0OLeO2LvlR8MB8GA1UdIwQY
MBaAFINd77htRmW3q9pjv+jZsH0G+WsnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzEzdnVHMUdaYmVyMm1PXzZObXdmUWI1YXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC80MWY4NGYtYTgwYy00MjQ3LWI3MDct
NmFjNTI2ZWQxYjYwLzEveTNDTE5PX01FSlU4N0drblE0dDQ3WXUtVkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC80MWY4NGYtYTgwYy00MjQ3LWI3MDctNmFjNTI2ZWQxYjYw
LzEvZzEzdnVHMUdaYmVyMm1PXzZObXdmUWI1YXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg6KhDAN
BgkqhkiG9w0BAQsFAAOCAQEARrqm2Lm+r5YMwZRS7koKnd92Bctk8ikqsoBQ4TyW
HXnY538j6c9cVOno6413gMiT1+IQZR67o59qMmv49BopIj6pk2x1Q7ufgeMMJEkf
diTMTSlGp0cIX4Vq9N6Ll2L6fEH+6u0/JP1FdSf4EiYDCEZ0s3UuVdhsu/+EhkbU
jPrFgaDHJuYmpzToscZBxuBN2qIDLMgpxF7HJ7aQ/0wXDjyHaJYX4gjL5LeCOcWT
42TtAOSF0Z+XoM0lOoohwl/CCLPsdvcj+4Osk1k0gR4c2I3Uqt9Wr1zTUUndfzv+
E5uLHn8Ut7aHN/Hjo1f2ihNGeFRjc/gCDW4AebrfEk3OKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:50 2024 by rpki-client on console-fra.rpki-client.org