Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/008ca6-6ca8-4c5a-9bb2-b69d13b2e39e/1/KzVra4ChMNyPzNThqyqH4EpyB8Y.roa
File:                     KzVra4ChMNyPzNThqyqH4EpyB8Y.roa (raw, json)
Hash identifier:          IRC4x3fMO17loHZ5iZFu+YjiX04cqss4HDQSmLZGBw8=
Subject key identifier:   2B:35:6B:6B:80:A1:30:DC:8F:CC:D4:E1:AB:2A:87:E0:4A:72:07:C6
Certificate issuer:       /CN=8fc18efa49c2768e31ff9073d35189b908c52077
Certificate serial:       018937A690AC85134A4B56FB1BBF9BE942F6
Authority key identifier: 8F:C1:8E:FA:49:C2:76:8E:31:FF:90:73:D3:51:89:B9:08:C5:20:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j8GO-knCdo4x_5Bz01GJuQjFIHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/008ca6-6ca8-4c5a-9bb2-b69d13b2e39e/1/KzVra4ChMNyPzNThqyqH4EpyB8Y.roa
Signing time:             Sat 08 Jul 2023 22:36:50 +0000
ROA not before:           Sat 08 Jul 2023 22:36:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207459
IP address blocks:        91.246.49.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:37:a6:90:ac:85:13:4a:4b:56:fb:1b:bf:9b:e9:42:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fc18efa49c2768e31ff9073d35189b908c52077
        Validity
            Not Before: Jul  8 22:36:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b356b6b80a130dc8fccd4e1ab2a87e04a7207c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c7:c8:05:24:38:5a:9f:fe:01:47:b7:59:87:
                    4b:d6:78:da:97:9b:85:84:46:94:02:2f:ad:6a:f1:
                    b6:22:13:9a:40:56:01:72:8e:25:ef:49:a0:9d:67:
                    b8:fd:31:86:e6:32:7b:f5:93:d5:33:7f:2e:15:0d:
                    4e:b9:40:b5:5c:d7:7c:0c:f7:b1:c5:fb:2c:d5:21:
                    3c:a6:33:14:4c:d7:0e:45:46:32:bf:80:ce:59:07:
                    10:5e:95:f3:cc:8c:bd:07:90:24:28:c7:d5:32:7c:
                    3c:24:cb:cf:f9:c7:6c:03:bb:0c:1a:f3:2f:7d:cf:
                    2a:c6:a4:b8:72:fa:cd:13:a7:7a:57:47:f5:61:ce:
                    ee:a9:4a:30:e8:3d:d3:3d:f0:df:61:a0:38:dc:8c:
                    79:c0:b1:78:e0:e4:a1:b1:cb:38:ba:4b:ae:c0:cb:
                    08:42:9d:d5:34:15:63:a5:7f:61:77:0e:38:84:a6:
                    f5:48:05:9b:6d:b2:85:95:13:cd:40:6c:48:86:f9:
                    1a:aa:11:77:be:f8:f6:e4:bf:9d:c8:73:9f:e0:07:
                    ca:ec:7e:da:a1:a0:50:b4:a0:a4:84:b5:e4:24:11:
                    05:b5:39:eb:a7:3e:7a:3d:b9:ea:b9:10:e5:98:d2:
                    c3:49:09:dc:27:ba:4a:a4:d3:c6:00:42:9b:28:48:
                    99:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:35:6B:6B:80:A1:30:DC:8F:CC:D4:E1:AB:2A:87:E0:4A:72:07:C6
            X509v3 Authority Key Identifier:
                keyid:8F:C1:8E:FA:49:C2:76:8E:31:FF:90:73:D3:51:89:B9:08:C5:20:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8GO-knCdo4x_5Bz01GJuQjFIHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/008ca6-6ca8-4c5a-9bb2-b69d13b2e39e/1/KzVra4ChMNyPzNThqyqH4EpyB8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/008ca6-6ca8-4c5a-9bb2-b69d13b2e39e/1/j8GO-knCdo4x_5Bz01GJuQjFIHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:79:31:ab:ae:08:d8:b5:bb:c2:00:ab:e8:e4:ed:bc:0c:28:
         09:15:ac:8f:c7:e6:83:f9:ac:7b:76:4b:e2:3a:a7:a6:3d:60:
         76:cc:b8:ff:39:c1:19:57:0f:3b:e4:56:bd:e5:b0:d3:d9:b4:
         1d:7d:79:c0:35:96:f4:c8:ab:4c:aa:2b:0c:4f:c9:61:c4:b8:
         19:87:23:99:8f:6b:9f:0f:67:d7:7d:f5:51:b6:2c:20:e5:d1:
         ca:90:e4:57:d3:de:81:81:89:9d:75:ea:ac:0a:23:44:9a:de:
         a6:9e:f3:2f:54:1c:62:c7:4b:f0:fe:be:4a:3a:ea:e2:0f:2e:
         4d:d4:e9:6b:63:4c:e8:46:3f:0b:10:88:84:21:b9:d9:0f:b4:
         d9:9d:71:ab:7b:c3:d7:40:5e:61:f5:4f:71:e1:60:b9:5f:04:
         cc:a2:54:69:20:0e:d5:84:d0:05:85:ac:a9:f6:23:d6:2a:89:
         20:2d:7c:73:02:33:f2:54:1c:00:ee:43:a9:69:a3:36:4d:e3:
         26:73:10:04:c0:75:35:0a:87:d2:4a:c1:fc:43:14:e6:30:45:
         b2:fd:46:16:06:e8:b7:23:70:97:4e:87:0c:26:3f:03:4b:36:
         3f:d8:45:5f:96:a7:20:ec:33:38:8d:6b:84:38:2a:c5:28:c1:
         44:65:07:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk3ppCshRNKS1b7G7+b6UL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzE4ZWZhNDljMjc2OGUzMWZmOTA3M2QzNTE4OWI5MDhj
NTIwNzcwHhcNMjMwNzA4MjIzNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM1NmI2YjgwYTEzMGRjOGZjY2Q0ZTFhYjJhODdlMDRhNzIwN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMfIBSQ4Wp/+AUe3WYdL1njal5uF
hEaUAi+tavG2IhOaQFYBco4l70mgnWe4/TGG5jJ79ZPVM38uFQ1OuUC1XNd8DPex
xfss1SE8pjMUTNcORUYyv4DOWQcQXpXzzIy9B5AkKMfVMnw8JMvP+cdsA7sMGvMv
fc8qxqS4cvrNE6d6V0f1Yc7uqUow6D3TPfDfYaA43Ix5wLF44OShscs4ukuuwMsI
Qp3VNBVjpX9hdw44hKb1SAWbbbKFlRPNQGxIhvkaqhF3vvj25L+dyHOf4AfK7H7a
oaBQtKCkhLXkJBEFtTnrpz56PbnquRDlmNLDSQncJ7pKpNPGAEKbKEiZBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCs1a2uAoTDcj8zU4asqh+BKcgfGMB8GA1UdIwQY
MBaAFI/BjvpJwnaOMf+Qc9NRibkIxSB3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhHTy1rbkNkbzR4XzVCejAxR0p1UWpGSUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wMDhjYTYtNmNhOC00YzVhLTliYjIt
YjY5ZDEzYjJlMzllLzEvS3pWcmE0Q2hNTnlQek5UaHF5cUg0RXB5QjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wMDhjYTYtNmNhOC00YzVhLTliYjItYjY5ZDEzYjJlMzll
LzEvajhHTy1rbkNkbzR4XzVCejAxR0p1UWpGSUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YxMA0G
CSqGSIb3DQEBCwUAA4IBAQBveTGrrgjYtbvCAKvo5O28DCgJFayPx+aD+ax7dkvi
OqemPWB2zLj/OcEZVw875Fa95bDT2bQdfXnANZb0yKtMqisMT8lhxLgZhyOZj2uf
D2fXffVRtiwg5dHKkORX096BgYmddeqsCiNEmt6mnvMvVBxix0vw/r5KOuriDy5N
1OlrY0zoRj8LEIiEIbnZD7TZnXGre8PXQF5h9U9x4WC5XwTMolRpIA7VhNAFhayp
9iPWKokgLXxzAjPyVBwA7kOpaaM2TeMmcxAEwHU1CofSSsH8QxTmMEWy/UYWBui3
I3CXTocMJj8DSzY/2EVflqcg7DM4jWuEOCrFKMFEZQel
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:22 2024 by rpki-client on console-ams.rpki-client.org