Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/mGnYGwfIEZuhdOIeIsFK_-N3bEU.roa
File:                     mGnYGwfIEZuhdOIeIsFK_-N3bEU.roa (raw, json)
Hash identifier:          LKLGo+aVfjOH+tPU3rhaeACr/49wumpi3vgkWqyCcVk=
Subject key identifier:   98:69:D8:1B:07:C8:11:9B:A1:74:E2:1E:22:C1:4A:FF:E3:77:6C:45
Certificate issuer:       /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial:       08A71D99
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/mGnYGwfIEZuhdOIeIsFK_-N3bEU.roa
Signing time:             Fri 17 Jun 2022 03:33:45 +0000
ROA not before:           Fri 17 Jun 2022 03:33:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     55722
IP address blocks:        151.216.33.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145169817 (0x8a71d99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
        Validity
            Not Before: Jun 17 03:33:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9869d81b07c8119ba174e21e22c14affe3776c45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:03:da:27:fc:68:60:8b:62:d4:5a:29:55:e0:
                    77:21:33:e2:51:eb:35:43:84:e0:be:97:2d:d5:37:
                    34:a6:58:c8:d0:1f:44:b1:75:43:72:b2:08:b7:67:
                    06:e1:aa:1c:f8:2c:6b:41:22:80:cc:81:42:ad:9a:
                    81:25:d6:43:e8:3e:e2:54:05:45:5b:c4:aa:bd:1b:
                    99:de:e1:f4:11:28:e1:63:16:57:fe:13:81:dc:6f:
                    52:e6:ce:3e:5b:03:37:d9:74:45:61:5f:e0:63:d4:
                    07:cb:a2:e1:aa:7e:e8:81:c2:ec:2f:2e:bb:07:90:
                    66:2e:e2:75:ff:51:a1:c9:97:02:e5:10:8e:1f:e1:
                    d0:64:9d:b4:48:27:71:19:82:ba:6a:61:d6:29:35:
                    cf:d0:1a:94:a2:b5:15:74:8e:62:fc:0f:2b:5b:58:
                    e6:f1:67:93:f4:6e:8e:4b:73:38:20:59:9b:d8:8d:
                    d7:e7:31:e5:8b:02:61:a6:27:6c:ac:05:f9:77:13:
                    30:c4:43:69:d8:b3:1a:d5:ab:dc:05:3c:8d:29:a5:
                    ce:a0:ce:3f:0f:b3:10:d3:a7:1f:96:0e:1b:51:36:
                    58:2a:a8:ad:63:59:a6:fe:55:42:2e:fe:cb:0e:b1:
                    88:2d:4e:1f:77:45:0a:a1:15:5f:1b:a3:dc:0d:23:
                    7b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:69:D8:1B:07:C8:11:9B:A1:74:E2:1E:22:C1:4A:FF:E3:77:6C:45
            X509v3 Authority Key Identifier:
                keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/mGnYGwfIEZuhdOIeIsFK_-N3bEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.216.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:80:5f:59:2c:d9:76:57:d4:9b:da:f0:b6:fd:ed:bd:ad:43:
         36:ef:ef:d1:88:ca:21:f6:93:41:ac:8c:9b:c9:15:a7:e7:ab:
         da:ad:64:d5:ae:69:80:a3:a4:e5:f1:79:5a:45:f2:51:a1:fc:
         57:d9:91:35:b1:c3:49:be:4d:ef:2d:6c:4c:7c:c7:9c:20:e7:
         ba:45:4a:f6:4a:e5:46:29:a5:c8:c6:61:29:47:83:47:6b:81:
         e6:c1:b8:c7:c9:2e:dd:72:b3:1d:65:d2:5b:9d:25:84:07:7f:
         fa:9a:02:ea:e9:ba:cf:d1:fc:cb:13:ca:f1:3b:f8:1b:88:f5:
         08:29:5a:bb:c0:6f:2e:44:83:4a:e7:4d:ee:15:46:5e:fa:4f:
         ca:53:3b:63:dc:bf:b6:13:d4:90:a6:95:e2:7d:a6:6d:db:28:
         7f:15:06:9f:a1:24:e2:52:33:10:ac:b6:ff:8b:df:ef:2e:98:
         de:ef:bd:ac:f0:36:ff:45:08:35:9d:e2:55:24:62:e0:f1:ef:
         66:53:b3:8c:3f:9b:06:06:f7:eb:0d:b8:38:86:1d:90:9b:04:
         0f:1d:10:0f:9c:a6:49:92:fc:af:94:74:11:03:56:f2:df:12:
         4a:e0:88:e7:8d:f6:de:c6:6d:23:05:ed:d1:63:02:db:11:cf:
         a1:34:ed:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKcdmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDYx
NzAzMzM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg2OWQ4MWIwN2M4
MTE5YmExNzRlMjFlMjJjMTRhZmZlMzc3NmM0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMID2if8aGCLYtRaKVXgdyEz4lHrNUOE4L6XLdU3NKZYyNAf
RLF1Q3KyCLdnBuGqHPgsa0EigMyBQq2agSXWQ+g+4lQFRVvEqr0bmd7h9BEo4WMW
V/4TgdxvUubOPlsDN9l0RWFf4GPUB8ui4ap+6IHC7C8uuweQZi7idf9RocmXAuUQ
jh/h0GSdtEgncRmCumph1ik1z9AalKK1FXSOYvwPK1tY5vFnk/RujktzOCBZm9iN
1+cx5YsCYaYnbKwF+XcTMMRDadizGtWr3AU8jSmlzqDOPw+zENOnH5YOG1E2WCqo
rWNZpv5VQi7+yw6xiC1OH3dFCqEVXxuj3A0je3kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYadgbB8gRm6F04h4iwUr/43dsRTAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L21HbllHd2ZJRVp1aGRPSWVJc0ZLXy1OM2JFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJfYITANBgkqhkiG9w0BAQsFAAOC
AQEAYIBfWSzZdlfUm9rwtv3tva1DNu/v0YjKIfaTQayMm8kVp+er2q1k1a5pgKOk
5fF5WkXyUaH8V9mRNbHDSb5N7y1sTHzHnCDnukVK9krlRimlyMZhKUeDR2uB5sG4
x8ku3XKzHWXSW50lhAd/+poC6um6z9H8yxPK8Tv4G4j1CClau8BvLkSDSudN7hVG
XvpPylM7Y9y/thPUkKaV4n2mbdsofxUGn6Ek4lIzEKy2/4vf7y6Y3u+9rPA2/0UI
NZ3iVSRi4PHvZlOzjD+bBgb36w24OIYdkJsEDx0QD5ymSZL8r5R0EQNW8t8SSuCI
54323sZtIwXt0WMC2xHPoTTtlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:28 2024 by rpki-client on console-fra.rpki-client.org