Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/zapx42Ju0Wrk12XiSvEiS-6VGAM.roa
File:                     zapx42Ju0Wrk12XiSvEiS-6VGAM.roa (raw, json)
Hash identifier:          VLkQVXTpfA6y1MK4zHivwHJD/LQBGHaO2Io9lmWGxjQ=
Subject key identifier:   CD:AA:71:E3:62:6E:D1:6A:E4:D7:65:E2:4A:F1:22:4B:EE:95:18:03
Certificate issuer:       /CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Certificate serial:       0157D7
Authority key identifier: 68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/zapx42Ju0Wrk12XiSvEiS-6VGAM.roa
Signing time:             Wed 13 Apr 2022 10:06:21 +0000
ROA not before:           Wed 13 Apr 2022 10:06:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        217.28.129.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88023 (0x157d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
        Validity
            Not Before: Apr 13 10:06:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdaa71e3626ed16ae4d765e24af1224bee951803
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e1:5c:72:4d:af:90:50:d6:6b:ce:b7:7c:95:
                    11:da:0b:90:b2:36:f7:a4:24:34:f4:d1:44:f4:f3:
                    52:cb:e0:38:77:6d:a1:af:44:f4:82:d3:b2:f9:41:
                    48:13:26:18:fd:30:be:db:d5:2a:aa:c7:7a:df:ec:
                    55:89:5b:af:d4:1d:c5:5e:e8:6b:b7:1c:b0:18:b5:
                    a3:8a:6c:b9:f9:ae:56:19:55:08:2b:64:aa:de:b8:
                    91:aa:1e:25:07:ce:40:46:21:d9:49:f3:14:d0:25:
                    a4:68:ce:98:f9:68:4d:cb:d5:4f:e7:54:be:f0:b4:
                    da:3a:f3:74:c9:c9:41:42:af:90:45:e0:6d:5b:d5:
                    b9:54:3b:01:c6:24:79:91:3e:d5:40:ba:5b:13:9e:
                    e5:88:33:26:24:da:cd:ce:2e:89:02:3a:01:0d:31:
                    44:bf:4a:b2:d8:ef:a7:5c:16:6f:49:4e:e2:39:3e:
                    48:9e:ce:6c:04:c0:44:16:14:40:65:93:46:67:be:
                    84:c1:0d:bc:d2:a7:f7:f6:86:43:7c:8c:aa:e9:38:
                    9f:61:ae:3d:51:25:be:8d:47:69:45:1b:81:8b:a9:
                    1e:36:d9:0d:96:f7:0c:e8:dc:55:a9:2e:df:0e:bc:
                    35:1b:29:49:dc:3f:ea:d0:d1:6e:19:26:31:b4:c4:
                    96:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:AA:71:E3:62:6E:D1:6A:E4:D7:65:E2:4A:F1:22:4B:EE:95:18:03
            X509v3 Authority Key Identifier:
                keyid:68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/zapx42Ju0Wrk12XiSvEiS-6VGAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/aKg5zIFZ_F09dd7fYqrbgcQOq-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.28.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:7e:d8:3e:6b:b4:37:2f:6e:dc:94:fa:ed:f3:f5:34:ac:b5:
         bf:87:0f:8d:85:35:ef:7e:a0:b8:82:8c:46:c3:12:45:1d:b4:
         0d:7d:68:f7:c0:7e:87:30:ce:94:ac:38:0a:22:d0:24:1b:0b:
         92:b4:a1:67:d4:13:4e:a4:02:94:13:75:23:50:bf:ae:bb:61:
         9c:4c:f1:e8:7a:c1:1e:91:5c:da:76:03:52:a0:fb:d1:58:53:
         ad:e9:36:72:c1:b1:8d:3f:62:5e:e9:96:47:e6:b3:f4:f8:c7:
         5f:be:eb:9a:5d:38:3a:b0:51:d9:94:cc:12:51:be:c9:8b:bf:
         67:0a:76:01:f2:36:8b:03:ad:99:35:63:b8:af:74:93:d2:46:
         74:75:27:ed:86:e2:e1:80:35:19:f9:d1:81:89:17:53:34:1f:
         66:40:d9:c5:33:68:9d:47:db:ab:32:fc:53:85:59:b9:46:e7:
         d2:c4:17:1d:19:63:5d:b5:c6:14:24:95:3e:af:4f:20:ed:64:
         80:a6:4b:32:60:96:cb:46:4f:29:8e:9e:d4:7f:04:8b:33:51:
         4d:48:eb:c2:c1:da:28:df:35:d6:ba:3a:cc:e9:d2:2e:24:ef:
         78:d1:58:1d:7a:bb:75:e4:25:82:b9:00:64:a5:a9:a9:d5:0b:
         6f:ac:12:1a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAVfXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY4
YTgzOWNjODE1OWZjNWQzZDc1ZGVkZjYyYWFkYjgxYzQwZWFiZWQwHhcNMjIwNDEz
MTAwNjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZGFhNzFlMzYyNmVk
MTZhZTRkNzY1ZTI0YWYxMjI0YmVlOTUxODAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxuFcck2vkFDWa863fJUR2guQsjb3pCQ09NFE9PNSy+A4d22h
r0T0gtOy+UFIEyYY/TC+29Uqqsd63+xViVuv1B3FXuhrtxywGLWjimy5+a5WGVUI
K2Sq3riRqh4lB85ARiHZSfMU0CWkaM6Y+WhNy9VP51S+8LTaOvN0yclBQq+QReBt
W9W5VDsBxiR5kT7VQLpbE57liDMmJNrNzi6JAjoBDTFEv0qy2O+nXBZvSU7iOT5I
ns5sBMBEFhRAZZNGZ76EwQ280qf39oZDfIyq6TifYa49USW+jUdpRRuBi6keNtkN
lvcM6NxVqS7fDrw1GylJ3D/q0NFuGSYxtMSWdwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFM2qceNibtFq5Ndl4krxIkvulRgDMB8GA1UdIwQYMBaAFGioOcyBWfxdPXXe
32Kq24HEDqvtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2FjLzEv
emFweDQySnUwV3JrMTJYaVN2RWlTLTZWR0FNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83
ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2FjLzEvYUtnNXpJRlpfRjA5
ZGQ3ZllxcmJnY1FPcS0wLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyBMA0GCSqGSIb3DQEBCwUAA4IB
AQBjftg+a7Q3L27clPrt8/U0rLW/hw+NhTXvfqC4goxGwxJFHbQNfWj3wH6HMM6U
rDgKItAkGwuStKFn1BNOpAKUE3UjUL+uu2GcTPHoesEekVzadgNSoPvRWFOt6TZy
wbGNP2Je6ZZH5rP0+MdfvuuaXTg6sFHZlMwSUb7Ji79nCnYB8jaLA62ZNWO4r3ST
0kZ0dSfthuLhgDUZ+dGBiRdTNB9mQNnFM2idR9urMvxThVm5RufSxBcdGWNdtcYU
JJU+r08g7WSApksyYJbLRk8pjp7UfwSLM1FNSOvCwdoo3zXWujrM6dIuJO940Vgd
ert15CWCuQBkpamp1QtvrBIa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:18 2024 by rpki-client on console-ams.rpki-client.org