Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/tWBA3KIamY2x4MNeEpJz--ACLWo.roa
File:                     tWBA3KIamY2x4MNeEpJz--ACLWo.roa (raw, json)
Hash identifier:          3vhCO+iuhJBk3UZAgZJOduVPi5XY/z6V6ltWbVpBosE=
Subject key identifier:   B5:60:40:DC:A2:1A:99:8D:B1:E0:C3:5E:12:92:73:FB:E0:02:2D:6A
Certificate issuer:       /CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Certificate serial:       4FAAAF
Authority key identifier: 68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/tWBA3KIamY2x4MNeEpJz--ACLWo.roa
Signing time:             Tue 17 May 2022 17:17:28 +0000
ROA not before:           Tue 17 May 2022 17:17:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51765
IP address blocks:        217.28.129.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5221039 (0x4faaaf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
        Validity
            Not Before: May 17 17:17:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b56040dca21a998db1e0c35e129273fbe0022d6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7e:4f:d5:e2:f7:92:e6:22:c0:af:3c:2d:2f:
                    2f:ec:72:90:f1:ac:f5:e8:e4:a6:97:03:f7:2f:61:
                    2b:70:96:f5:b5:5f:98:fa:a0:37:b4:2f:42:6f:93:
                    aa:71:80:d7:69:b5:8b:02:49:99:ed:8d:db:b8:c5:
                    96:0c:1c:ed:7b:eb:0c:4d:c2:e8:3d:1b:b8:22:b8:
                    87:67:fd:05:4a:d6:e6:fe:62:db:41:6d:cc:40:d2:
                    db:4e:44:8a:6e:af:ca:58:fa:ce:bb:80:95:0b:94:
                    26:6b:62:01:0c:c3:a6:b9:44:8f:b9:60:7e:c9:6e:
                    3d:ca:74:b7:8f:50:e0:b4:81:7a:67:eb:70:59:73:
                    9a:13:b2:1c:e6:44:ed:79:84:b8:7f:86:78:42:d2:
                    19:f4:de:a4:7d:be:fb:f8:70:37:1e:fd:86:81:52:
                    55:a7:61:69:df:a4:9b:12:df:13:f2:81:51:e2:7a:
                    49:3f:f3:61:fb:ed:67:1e:cf:36:11:02:19:ec:2c:
                    37:59:03:0d:c5:4f:cb:91:c8:21:55:d1:57:d5:3b:
                    01:cd:ae:df:ec:1e:0a:3e:4b:da:01:9c:95:c8:35:
                    1d:2b:d4:2b:fe:2f:43:ca:3a:f1:7b:9d:c1:e0:00:
                    68:ed:0c:20:79:f5:4d:08:0b:10:ad:c8:99:cc:03:
                    ac:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:60:40:DC:A2:1A:99:8D:B1:E0:C3:5E:12:92:73:FB:E0:02:2D:6A
            X509v3 Authority Key Identifier:
                keyid:68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/tWBA3KIamY2x4MNeEpJz--ACLWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/aKg5zIFZ_F09dd7fYqrbgcQOq-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.28.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:98:6c:7f:fb:a9:b1:d7:35:8c:23:90:d4:95:1e:74:5c:bb:
         7c:61:93:a0:21:19:7a:db:ec:dc:24:03:47:c1:8d:62:72:d6:
         cb:4e:4b:bf:0a:6b:52:c5:2d:0f:74:16:fa:39:58:87:3c:d4:
         25:09:7f:b7:b9:c4:88:86:21:a7:c1:1f:98:c9:9a:eb:7a:ae:
         38:be:cc:3b:f7:23:7f:d4:57:9e:26:1f:41:8e:68:db:da:aa:
         16:c1:16:d8:66:67:99:73:9c:6a:d0:a4:30:f6:17:71:5d:2c:
         c5:7a:5a:8d:9c:3f:e9:e6:2b:ca:88:4d:2a:e6:bd:a0:00:3e:
         93:26:d0:92:61:a8:33:7e:ae:0b:f8:ec:48:e3:99:cd:92:13:
         66:45:76:af:bd:f7:56:19:34:f0:cb:08:a3:b3:62:4e:19:2a:
         66:19:ce:6f:6f:8b:22:65:ad:f9:85:73:8b:dc:f6:52:7b:89:
         d6:70:28:93:0a:76:e7:ff:7f:f8:c6:40:97:60:81:32:44:a3:
         22:3a:54:40:76:87:ed:44:09:2d:48:a8:b5:17:ba:b2:58:f9:
         41:97:cc:4a:87:b4:89:b1:06:b0:20:8f:dc:5c:fa:c3:09:b0:
         67:d8:ce:6c:53:e5:6f:18:82:5b:fb:93:f9:86:29:9a:7a:01:
         82:98:fa:7c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDT6qvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY4
YTgzOWNjODE1OWZjNWQzZDc1ZGVkZjYyYWFkYjgxYzQwZWFiZWQwHhcNMjIwNTE3
MTcxNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTYwNDBkY2EyMWE5
OThkYjFlMGMzNWUxMjkyNzNmYmUwMDIyZDZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnn5P1eL3kuYiwK88LS8v7HKQ8az16OSmlwP3L2ErcJb1tV+Y
+qA3tC9Cb5OqcYDXabWLAkmZ7Y3buMWWDBzte+sMTcLoPRu4IriHZ/0FStbm/mLb
QW3MQNLbTkSKbq/KWPrOu4CVC5Qma2IBDMOmuUSPuWB+yW49ynS3j1DgtIF6Z+tw
WXOaE7Ic5kTteYS4f4Z4QtIZ9N6kfb77+HA3Hv2GgVJVp2Fp36SbEt8T8oFR4npJ
P/Nh++1nHs82EQIZ7Cw3WQMNxU/LkcghVdFX1TsBza7f7B4KPkvaAZyVyDUdK9Qr
/i9Dyjrxe53B4ABo7QwgefVNCAsQrciZzAOskQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLVgQNyiGpmNseDDXhKSc/vgAi1qMB8GA1UdIwQYMBaAFGioOcyBWfxdPXXe
32Kq24HEDqvtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2FjLzEv
dFdCQTNLSWFtWTJ4NE1OZUVwSnotLUFDTFdvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83
ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2FjLzEvYUtnNXpJRlpfRjA5
ZGQ3ZllxcmJnY1FPcS0wLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyBMA0GCSqGSIb3DQEBCwUAA4IB
AQBimGx/+6mx1zWMI5DUlR50XLt8YZOgIRl62+zcJANHwY1ictbLTku/CmtSxS0P
dBb6OViHPNQlCX+3ucSIhiGnwR+YyZrreq44vsw79yN/1FeeJh9Bjmjb2qoWwRbY
ZmeZc5xq0KQw9hdxXSzFelqNnD/p5ivKiE0q5r2gAD6TJtCSYagzfq4L+OxI45nN
khNmRXavvfdWGTTwywijs2JOGSpmGc5vb4siZa35hXOL3PZSe4nWcCiTCnbn/3/4
xkCXYIEyRKMiOlRAdoftRAktSKi1F7qyWPlBl8xKh7SJsQawII/cXPrDCbBn2M5s
U+VvGIJb+5P5himaegGCmPp8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:18 2024 by rpki-client on console-fra.rpki-client.org