Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/9aa25b-5d1f-43b8-9f89-ccb5e39b208b/1/hwOPDwEYp5laIAy7eDxz7VljT6k.roa
File:                     hwOPDwEYp5laIAy7eDxz7VljT6k.roa (raw, json)
Hash identifier:          3efiOe3T9VoVws5jMeBXbz3ZnJz4YtDfrwnS6Lli034=
Subject key identifier:   87:03:8F:0F:01:18:A7:99:5A:20:0C:BB:78:3C:73:ED:59:63:4F:A9
Certificate issuer:       /CN=fb05135f037d25d716d3b721c1ab721366faf905
Certificate serial:       0681BFDC
Authority key identifier: FB:05:13:5F:03:7D:25:D7:16:D3:B7:21:C1:AB:72:13:66:FA:F9:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-wUTXwN9JdcW07chwatyE2b6-QU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/9aa25b-5d1f-43b8-9f89-ccb5e39b208b/1/hwOPDwEYp5laIAy7eDxz7VljT6k.roa
Signing time:             Sat 01 Jan 2022 02:54:25 +0000
ROA not before:           Sat 01 Jan 2022 02:54:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50311
IP address blocks:        91.220.131.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109166556 (0x681bfdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb05135f037d25d716d3b721c1ab721366faf905
        Validity
            Not Before: Jan  1 02:54:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87038f0f0118a7995a200cbb783c73ed59634fa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:dd:42:df:01:d9:d2:2b:45:ce:ef:ea:45:07:
                    75:62:8c:b9:b8:62:ab:fb:c8:fd:30:c1:e8:5d:6f:
                    97:c1:16:a7:37:33:d0:8d:62:ca:da:85:50:5d:c7:
                    1c:2c:e9:a6:d5:53:e9:5d:e9:76:45:b0:95:34:dc:
                    84:a9:64:10:8b:12:ee:66:38:76:f1:24:1f:07:b6:
                    d6:91:d8:02:8d:cd:cd:55:d3:1a:f9:dd:0f:52:8d:
                    3c:c0:63:de:f8:90:62:a4:8a:54:6d:41:80:c0:37:
                    38:56:07:a9:aa:cd:9f:c3:a3:f5:ad:ef:a1:94:ea:
                    f7:4d:33:5d:ff:d0:02:a3:ea:65:99:46:c3:4e:74:
                    7c:04:80:05:a2:0c:4a:5e:12:75:82:f6:dd:8c:ba:
                    77:8f:12:8c:18:86:da:7b:19:8a:63:6e:5c:e2:c1:
                    2c:bf:5d:ed:04:b6:2c:ac:7b:58:bd:be:48:e7:24:
                    a5:f5:0d:be:98:42:34:9d:b9:2f:05:a1:8e:c7:f1:
                    f5:73:cf:2f:9f:54:12:37:3d:d1:a9:16:4e:bc:7d:
                    b9:66:55:f7:62:6b:ee:ae:cf:a9:ad:c5:97:24:bb:
                    78:dc:25:ba:e6:09:cb:6b:37:64:79:17:ce:56:05:
                    5a:ad:96:17:7e:bb:98:5b:3b:39:1e:92:d9:31:8f:
                    8f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:03:8F:0F:01:18:A7:99:5A:20:0C:BB:78:3C:73:ED:59:63:4F:A9
            X509v3 Authority Key Identifier:
                keyid:FB:05:13:5F:03:7D:25:D7:16:D3:B7:21:C1:AB:72:13:66:FA:F9:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wUTXwN9JdcW07chwatyE2b6-QU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/9aa25b-5d1f-43b8-9f89-ccb5e39b208b/1/hwOPDwEYp5laIAy7eDxz7VljT6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/9aa25b-5d1f-43b8-9f89-ccb5e39b208b/1/1-wUTXwN9JdcW07chwatyE2b6-QU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:35:a9:22:a1:06:71:f6:aa:20:c8:a6:fd:36:95:5e:f9:94:
         d3:08:e5:fb:be:db:f6:c7:8f:d5:d5:cb:d2:51:ee:d9:2a:d3:
         e1:f0:33:e3:14:3c:ba:94:1a:f2:a1:ab:fc:a9:9a:79:63:49:
         1c:f0:56:dc:ee:b4:c4:8b:24:f2:b2:82:16:e4:05:fc:ee:0e:
         17:14:a7:c4:97:30:a5:12:83:6f:23:d6:b0:29:61:47:6b:12:
         b0:4b:d1:03:d8:15:88:2f:c8:a1:80:41:a9:2d:0d:d0:71:e6:
         fb:e1:43:c4:20:e3:6f:57:79:af:83:11:96:ad:d6:ad:10:f8:
         2c:ad:77:61:cc:73:83:7f:3e:cb:4d:9a:8b:10:78:2e:cb:67:
         92:a7:b7:39:f9:d2:b5:c2:a1:d0:93:a1:dc:c8:83:77:aa:10:
         99:d7:2d:05:34:57:fc:4f:f5:b4:c5:f2:9f:2a:dc:cc:cf:9b:
         56:42:f3:e9:a8:c0:2b:25:db:0e:0a:b9:b3:1a:87:0d:37:54:
         81:20:ee:d9:a2:0c:43:47:df:8c:8a:67:6e:92:3e:89:e9:98:
         32:62:01:5d:a3:c1:2c:a0:fa:d0:93:01:61:8d:aa:4a:4a:01:
         fb:69:3b:4f:89:eb:2b:2d:f7:30:37:ff:41:da:42:f6:89:b9:
         79:e2:40:dd
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBoG/3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjA1MTM1ZjAzN2QyNWQ3MTZkM2I3MjFjMWFiNzIxMzY2ZmFmOTA1MB4XDTIyMDEw
MTAyNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcwMzhmMGYwMTE4
YTc5OTVhMjAwY2JiNzgzYzczZWQ1OTYzNGZhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/dQt8B2dIrRc7v6kUHdWKMubhiq/vI/TDB6F1vl8EWpzcz
0I1iytqFUF3HHCzpptVT6V3pdkWwlTTchKlkEIsS7mY4dvEkHwe21pHYAo3NzVXT
GvndD1KNPMBj3viQYqSKVG1BgMA3OFYHqarNn8Oj9a3voZTq900zXf/QAqPqZZlG
w050fASABaIMSl4SdYL23Yy6d48SjBiG2nsZimNuXOLBLL9d7QS2LKx7WL2+SOck
pfUNvphCNJ25LwWhjsfx9XPPL59UEjc90akWTrx9uWZV92Jr7q7Pqa3FlyS7eNwl
uuYJy2s3ZHkXzlYFWq2WF367mFs7OR6S2TGPj+kCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSHA48PARinmVogDLt4PHPtWWNPqTAfBgNVHSMEGDAWgBT7BRNfA30l1xbT
tyHBq3ITZvr5BTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtd1VUWHdOOUpkY1cwN2Nod2F0eUUyYjYtUVUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2VlLzlhYTI1Yi01ZDFmLTQzYjgtOWY4OS1jY2I1ZTM5YjIwOGIv
MS9od09QRHdFWXA1bGFJQXk3ZUR4ejdWbGpUNmsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vl
LzlhYTI1Yi01ZDFmLTQzYjgtOWY4OS1jY2I1ZTM5YjIwOGIvMS8xLXdVVFh3TjlK
ZGNXMDdjaHdhdHlFMmI2LVFVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yDMA0GCSqGSIb3DQEBCwUA
A4IBAQAxNakioQZx9qogyKb9NpVe+ZTTCOX7vtv2x4/V1cvSUe7ZKtPh8DPjFDy6
lBryoav8qZp5Y0kc8Fbc7rTEiyTysoIW5AX87g4XFKfElzClEoNvI9awKWFHaxKw
S9ED2BWIL8ihgEGpLQ3Qceb74UPEIONvV3mvgxGWrdatEPgsrXdhzHODfz7LTZqL
EHguy2eSp7c5+dK1wqHQk6HcyIN3qhCZ1y0FNFf8T/W0xfKfKtzMz5tWQvPpqMAr
JdsOCrmzGocNN1SBIO7ZogxDR9+Mimdukj6J6ZgyYgFdo8EsoPrQkwFhjapKSgH7
aTtPiesrLfcwN/9B2kL2ibl54kDd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org