Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/6a559f-51f0-4b43-bfef-6d3bf4ee4dad/1/rYYrExn5dl61pYhASnMWRVU2paw.roa
File:                     rYYrExn5dl61pYhASnMWRVU2paw.roa (raw, json)
Hash identifier:          XdnzQD/1E3LGvOQ86ZQda6gRQc/DuANMnR8SC7D0RNk=
Subject key identifier:   AD:86:2B:13:19:F9:76:5E:B5:A5:88:40:4A:73:16:45:55:36:A5:AC
Certificate issuer:       /CN=5b9908b4578a40af8c9051750a8ae5dfa84c8828
Certificate serial:       04C58098
Authority key identifier: 5B:99:08:B4:57:8A:40:AF:8C:90:51:75:0A:8A:E5:DF:A8:4C:88:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W5kItFeKQK-MkFF1Corl36hMiCg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/6a559f-51f0-4b43-bfef-6d3bf4ee4dad/1/rYYrExn5dl61pYhASnMWRVU2paw.roa
Signing time:             Sat 01 Jan 2022 10:03:59 +0000
ROA not before:           Sat 01 Jan 2022 10:03:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58349
IP address blocks:        45.158.46.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80052376 (0x4c58098)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b9908b4578a40af8c9051750a8ae5dfa84c8828
        Validity
            Not Before: Jan  1 10:03:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad862b1319f9765eb5a588404a7316455536a5ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:55:a6:d8:d3:96:45:fd:ca:93:ba:22:9d:14:
                    7a:cb:86:4e:10:c6:8f:c8:74:b9:ce:f3:da:68:7e:
                    89:a6:8d:f1:3d:6c:01:9a:75:9b:9a:7c:94:c7:1f:
                    5b:f6:41:15:d8:50:e3:dc:73:91:0b:5e:8c:39:54:
                    ea:11:57:4d:54:ae:cf:c1:ca:db:92:b1:bf:cd:ea:
                    be:a4:0b:38:08:9a:09:a0:a2:b8:4e:25:b1:1f:f7:
                    6d:39:b1:94:d0:91:45:81:3e:26:7c:93:94:86:d8:
                    85:b1:a2:c8:8c:46:42:6c:12:0d:c8:89:9c:c6:73:
                    24:b2:bb:57:ae:ca:8a:d1:30:5a:53:a5:a2:67:22:
                    bd:c4:c1:d9:35:4f:70:58:0b:64:1f:79:90:3c:5b:
                    68:f6:ce:e2:e0:f5:0f:ce:63:db:34:86:1d:9b:13:
                    43:15:e5:71:40:a9:2f:ab:e9:01:8f:37:23:6a:62:
                    43:e3:18:40:c1:6d:af:9c:67:3a:bc:ac:c7:cb:0c:
                    c3:15:4b:99:ec:a2:94:cb:51:93:bb:88:6f:e0:ca:
                    4d:ba:36:d0:33:71:86:c2:b5:5a:52:9c:f7:45:f7:
                    a8:bd:80:c1:56:fb:6b:f5:68:e4:c0:eb:68:6f:d6:
                    97:69:60:82:1b:61:b1:89:5e:d9:73:31:35:7b:ae:
                    c3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:86:2B:13:19:F9:76:5E:B5:A5:88:40:4A:73:16:45:55:36:A5:AC
            X509v3 Authority Key Identifier:
                keyid:5B:99:08:B4:57:8A:40:AF:8C:90:51:75:0A:8A:E5:DF:A8:4C:88:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5kItFeKQK-MkFF1Corl36hMiCg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/6a559f-51f0-4b43-bfef-6d3bf4ee4dad/1/rYYrExn5dl61pYhASnMWRVU2paw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/6a559f-51f0-4b43-bfef-6d3bf4ee4dad/1/W5kItFeKQK-MkFF1Corl36hMiCg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:d6:9b:9a:bd:dc:a4:f3:80:80:20:0e:e2:5c:74:76:12:ac:
         39:2d:15:10:3e:5e:12:92:42:e9:cc:cd:8d:bd:b5:48:9c:ce:
         74:01:38:cf:a9:66:1d:a2:65:3b:14:dd:23:33:92:d9:88:cc:
         f6:16:d3:71:d7:98:40:c1:3b:c0:ae:0c:75:ef:ed:73:d5:ae:
         39:99:ed:20:1e:fe:5d:49:a7:a3:6a:d1:4b:76:a6:3b:cc:01:
         fc:ef:c4:6e:8d:1f:80:37:9f:fa:db:34:f4:d3:ff:0f:fa:f0:
         e9:bf:21:5c:1f:e8:b6:6f:51:90:67:6a:a3:5b:37:26:21:dc:
         38:be:f5:10:30:18:e5:f1:f3:a0:fd:26:a8:d4:a9:0e:33:4a:
         a6:5a:92:39:b0:2b:6d:87:9d:f1:3f:6b:a0:c0:a7:2a:3a:7b:
         4f:86:4f:ba:3f:f3:ae:89:ea:1b:a0:27:d4:82:b6:d2:a5:f8:
         97:bc:e9:d0:fb:13:5c:3d:be:60:cd:f2:46:7c:90:16:62:71:
         b4:50:c7:3d:f3:a2:19:0c:ea:a4:2d:d6:47:23:d9:31:fa:6e:
         62:19:a1:1d:c7:e4:ed:c7:05:ed:61:40:5c:25:0b:1b:4f:b5:
         42:f1:fb:f4:45:1b:8c:ab:d4:7b:bc:55:7b:70:ea:0c:32:80:
         74:e3:f5:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBMWAmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Yjk5MDhiNDU3OGE0MGFmOGM5MDUxNzUwYThhZTVkZmE4NGM4ODI4MB4XDTIyMDEw
MTEwMDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ4NjJiMTMxOWY5
NzY1ZWI1YTU4ODQwNGE3MzE2NDU1NTM2YTVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtVptjTlkX9ypO6Ip0UesuGThDGj8h0uc7z2mh+iaaN8T1s
AZp1m5p8lMcfW/ZBFdhQ49xzkQtejDlU6hFXTVSuz8HK25Kxv83qvqQLOAiaCaCi
uE4lsR/3bTmxlNCRRYE+JnyTlIbYhbGiyIxGQmwSDciJnMZzJLK7V67KitEwWlOl
omcivcTB2TVPcFgLZB95kDxbaPbO4uD1D85j2zSGHZsTQxXlcUCpL6vpAY83I2pi
Q+MYQMFtr5xnOrysx8sMwxVLmeyilMtRk7uIb+DKTbo20DNxhsK1WlKc90X3qL2A
wVb7a/Vo5MDraG/Wl2lgghthsYle2XMxNXuuw08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSthisTGfl2XrWliEBKcxZFVTalrDAfBgNVHSMEGDAWgBRbmQi0V4pAr4yQ
UXUKiuXfqEyIKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c1a0l0RmVLUUstTWtGRjFDb3JsMzZoTWlDZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvNmE1NTlmLTUxZjAtNGI0My1iZmVmLTZkM2JmNGVlNGRhZC8x
L3JZWXJFeG41ZGw2MXBZaEFTbk1XUlZVMnBhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
NmE1NTlmLTUxZjAtNGI0My1iZmVmLTZkM2JmNGVlNGRhZC8xL1c1a0l0RmVLUUst
TWtGRjFDb3JsMzZoTWlDZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2eLjANBgkqhkiG9w0BAQsFAAOC
AQEAjdabmr3cpPOAgCAO4lx0dhKsOS0VED5eEpJC6czNjb21SJzOdAE4z6lmHaJl
OxTdIzOS2YjM9hbTcdeYQME7wK4Mde/tc9WuOZntIB7+XUmno2rRS3amO8wB/O/E
bo0fgDef+ts09NP/D/rw6b8hXB/otm9RkGdqo1s3JiHcOL71EDAY5fHzoP0mqNSp
DjNKplqSObArbYed8T9roMCnKjp7T4ZPuj/zronqG6An1IK20qX4l7zp0PsTXD2+
YM3yRnyQFmJxtFDHPfOiGQzqpC3WRyPZMfpuYhmhHcfk7ccF7WFAXCULG0+1QvH7
9EUbjKvUe7xVe3DqDDKAdOP1xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:27 2024 by rpki-client on console-ams.rpki-client.org