Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/KMaFWwt4MFhs4gSE1IIRSswktrw.roa
File:                     KMaFWwt4MFhs4gSE1IIRSswktrw.roa (raw, json)
Hash identifier:          a04ilhOobkaJwwRIKFyWakHQtGA321DL8BTW9ZrLJV0=
Subject key identifier:   28:C6:85:5B:0B:78:30:58:6C:E2:04:84:D4:82:11:4A:CC:24:B6:BC
Certificate issuer:       /CN=764f8daadf1d775d59d1502b573901b875513b56
Certificate serial:       01856D11D8D56C86F1281AD7BE66C5A24D83
Authority key identifier: 76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/KMaFWwt4MFhs4gSE1IIRSswktrw.roa
Signing time:             Sun 01 Jan 2023 11:22:44 +0000
ROA not before:           Sun 01 Jan 2023 11:22:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64487
IP address blocks:        89.23.89.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:11:d8:d5:6c:86:f1:28:1a:d7:be:66:c5:a2:4d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=764f8daadf1d775d59d1502b573901b875513b56
        Validity
            Not Before: Jan  1 11:22:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28c6855b0b7830586ce20484d482114acc24b6bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cb:03:10:92:71:fe:49:86:04:1b:0b:0b:ca:
                    61:b1:51:76:99:ef:ea:ab:04:57:52:48:79:7c:67:
                    02:27:f1:45:47:94:4e:5c:fc:c4:ce:57:79:77:9e:
                    40:e0:7f:05:71:5d:53:0a:b8:b2:db:15:10:2b:46:
                    8f:fa:41:65:c4:5e:bc:f6:f8:d9:a7:7f:8e:78:4e:
                    99:08:53:df:08:42:89:fb:a8:7f:4e:42:5f:9a:d6:
                    32:91:d7:a4:54:fc:f6:be:67:e6:0f:a6:a5:5d:d4:
                    33:97:72:8a:b7:6c:b8:fd:8d:20:c2:39:90:3f:68:
                    b0:8a:f7:72:db:ba:41:08:a1:fe:f4:b1:e1:90:23:
                    1f:70:ba:65:69:8b:79:97:3d:f3:22:b5:dd:fb:2a:
                    94:18:48:1f:7c:b3:3d:50:20:ef:8c:b1:d6:bf:d7:
                    d5:5d:06:5b:de:68:21:49:a6:b4:fe:8f:d9:09:0d:
                    40:4c:fa:a0:c1:bb:da:84:ff:45:08:a8:8c:14:66:
                    a0:fc:2c:c2:f9:2d:3e:97:dd:89:0b:be:77:4f:d5:
                    ef:ef:1e:6d:1d:a2:a2:6d:7b:e8:ca:21:ce:87:fe:
                    0f:50:a8:d0:93:29:a8:c6:85:a8:cd:8b:04:23:d8:
                    aa:07:05:53:fd:d1:3b:42:38:17:bc:a0:95:59:8c:
                    2a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C6:85:5B:0B:78:30:58:6C:E2:04:84:D4:82:11:4A:CC:24:B6:BC
            X509v3 Authority Key Identifier:
                keyid:76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/KMaFWwt4MFhs4gSE1IIRSswktrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:86:e5:d7:9f:17:3e:b5:16:75:af:16:1c:dc:89:62:81:ac:
         20:f5:ee:1c:db:26:e4:49:96:b0:1f:70:d1:36:a2:ba:e9:83:
         4f:08:29:95:e8:53:6c:71:c7:87:28:06:8d:57:30:8f:bb:6e:
         3b:c6:d1:71:b5:96:85:e8:39:f1:e2:ae:98:42:d2:b7:fe:6e:
         ce:d9:84:9d:06:5d:b9:69:89:b9:eb:bb:33:c0:4e:08:74:e3:
         05:20:cd:0f:33:0c:7b:b7:b9:39:9f:8f:27:90:50:fa:01:0f:
         74:c5:d8:06:ec:c9:e5:43:f5:b7:65:bc:bd:24:2e:d8:9d:e5:
         03:e3:c0:ca:ff:ea:f6:3e:3b:91:3a:68:d8:96:8e:bf:68:63:
         77:5e:e5:43:fc:df:97:d0:c1:a0:3b:40:14:7b:c2:ba:bf:57:
         e3:c2:22:80:42:16:4e:71:cd:e7:2b:7c:95:77:05:18:c3:f3:
         7c:31:f8:f0:66:d4:1d:3e:4d:64:a3:10:39:2f:c4:b8:37:30:
         5f:00:31:fe:f2:c9:f1:ce:ef:52:02:57:c7:6e:f6:21:69:50:
         26:03:cb:15:e3:3c:28:a5:19:fd:e0:78:1a:45:c1:99:55:d2:
         72:41:fc:54:03:40:a8:30:3b:04:cc:d7:18:ae:ac:87:65:4b:
         9e:2b:af:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtEdjVbIbxKBrXvmbFok2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NGY4ZGFhZGYxZDc3NWQ1OWQxNTAyYjU3MzkwMWI4NzU1
MTNiNTYwHhcNMjMwMTAxMTEyMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM2ODU1YjBiNzgzMDU4NmNlMjA0ODRkNDgyMTE0YWNjMjRiNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8sDEJJx/kmGBBsLC8phsVF2me/q
qwRXUkh5fGcCJ/FFR5ROXPzEzld5d55A4H8FcV1TCriy2xUQK0aP+kFlxF689vjZ
p3+OeE6ZCFPfCEKJ+6h/TkJfmtYykdekVPz2vmfmD6alXdQzl3KKt2y4/Y0gwjmQ
P2iwivdy27pBCKH+9LHhkCMfcLplaYt5lz3zIrXd+yqUGEgffLM9UCDvjLHWv9fV
XQZb3mghSaa0/o/ZCQ1ATPqgwbvahP9FCKiMFGag/CzC+S0+l92JC753T9Xv7x5t
HaKibXvoyiHOh/4PUKjQkymoxoWozYsEI9iqBwVT/dE7QjgXvKCVWYwqzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjGhVsLeDBYbOIEhNSCEUrMJLa8MB8GA1UdIwQY
MBaAFHZPjarfHXddWdFQK1c5Abh1UTtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODIt
YmZiMmI4ODE1ZTQ5LzEvS01hRld3dDRNRmhzNGdTRTFJSVJTc3drdHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODItYmZiMmI4ODE1ZTQ5
LzEvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdZMA0G
CSqGSIb3DQEBCwUAA4IBAQBDhuXXnxc+tRZ1rxYc3Iligawg9e4c2ybkSZawH3DR
NqK66YNPCCmV6FNscceHKAaNVzCPu247xtFxtZaF6Dnx4q6YQtK3/m7O2YSdBl25
aYm567szwE4IdOMFIM0PMwx7t7k5n48nkFD6AQ90xdgG7MnlQ/W3Zby9JC7YneUD
48DK/+r2PjuROmjYlo6/aGN3XuVD/N+X0MGgO0AUe8K6v1fjwiKAQhZOcc3nK3yV
dwUYw/N8MfjwZtQdPk1koxA5L8S4NzBfADH+8snxzu9SAlfHbvYhaVAmA8sV4zwo
pRn94HgaRcGZVdJyQfxUA0CoMDsEzNcYrqyHZUueK68u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:17 2024 by rpki-client on console-ams.rpki-client.org