Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/WjbC5zS6H2709j2B9VorW1HErUg.roa
File:                     WjbC5zS6H2709j2B9VorW1HErUg.roa (raw, json)
Hash identifier:          xijXg2+R+ZrWpVSl+XI/eKgEqNjngc/sIO+dnsWRUGI=
Subject key identifier:   5A:36:C2:E7:34:BA:1F:6E:F4:F6:3D:81:F5:5A:2B:5B:51:C4:AD:48
Certificate issuer:       /CN=5ab4349405298585f1efcb658537618f25d4335e
Certificate serial:       010B2E15
Authority key identifier: 5A:B4:34:94:05:29:85:85:F1:EF:CB:65:85:37:61:8F:25:D4:33:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrQ0lAUphYXx78tlhTdhjyXUM14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/WjbC5zS6H2709j2B9VorW1HErUg.roa
Signing time:             Sat 01 Jan 2022 08:56:08 +0000
ROA not before:           Sat 01 Jan 2022 08:56:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        89.107.8.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17509909 (0x10b2e15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab4349405298585f1efcb658537618f25d4335e
        Validity
            Not Before: Jan  1 08:56:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a36c2e734ba1f6ef4f63d81f55a2b5b51c4ad48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ff:32:97:63:65:31:73:90:6d:83:83:20:9f:
                    90:e7:c2:53:34:e3:b8:1c:4a:d6:73:c8:b8:38:ea:
                    56:62:d4:6a:20:1b:58:45:35:95:10:18:b3:17:bc:
                    0c:99:94:c5:34:5b:9b:2c:1d:7c:8d:e4:e8:be:c0:
                    f9:9e:39:57:59:1b:09:69:af:66:bd:1c:61:f2:1b:
                    94:02:6a:84:4c:57:e7:9a:a4:fa:c0:63:33:9f:6b:
                    57:bb:b9:fc:da:a0:72:3f:df:0d:00:20:e4:1c:0b:
                    98:36:e7:f1:24:10:a9:1a:67:c3:75:e2:5c:d7:e7:
                    44:d6:21:ea:08:2a:52:2d:d5:80:97:1e:bf:f7:5e:
                    0c:50:1d:c0:d2:f6:ac:eb:ab:40:bc:11:c1:86:91:
                    3d:99:bb:29:0e:cb:7d:4f:1b:7a:a0:f2:bf:36:50:
                    bc:89:6a:cf:76:db:a9:12:aa:84:4b:34:77:a1:99:
                    ff:f7:3c:18:b2:4d:eb:cb:87:2f:18:ee:f4:6a:bf:
                    71:ff:65:b7:a5:17:e2:fa:65:ec:59:24:bd:26:a9:
                    e1:9b:32:bc:58:a1:e5:b0:b9:58:a3:2c:9e:f5:42:
                    2a:1c:ae:68:c1:09:ae:04:5d:e7:7e:2c:7a:b0:a5:
                    cc:ff:cf:e1:f7:95:9e:20:c3:72:a2:3b:f2:50:68:
                    57:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:36:C2:E7:34:BA:1F:6E:F4:F6:3D:81:F5:5A:2B:5B:51:C4:AD:48
            X509v3 Authority Key Identifier:
                keyid:5A:B4:34:94:05:29:85:85:F1:EF:CB:65:85:37:61:8F:25:D4:33:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrQ0lAUphYXx78tlhTdhjyXUM14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/WjbC5zS6H2709j2B9VorW1HErUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/WrQ0lAUphYXx78tlhTdhjyXUM14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.107.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:92:32:75:6a:fa:34:0e:c2:6c:94:13:50:3f:00:4f:74:13:
         db:f0:10:e3:98:a5:df:07:c5:a0:50:8c:50:f8:20:98:c6:d7:
         07:11:df:17:d2:7c:a3:25:d9:37:2f:1c:7a:1e:cb:36:03:cf:
         97:76:ab:b1:d9:11:cf:a0:1e:c6:eb:d6:bc:54:05:73:30:b7:
         28:42:84:cd:c8:e6:ba:b8:fb:d8:a6:7d:aa:8d:87:e3:9a:76:
         40:3c:79:54:40:df:0f:99:1a:ea:f5:f3:0a:fc:54:9b:85:63:
         d0:37:5c:6d:c1:05:53:e2:81:42:8d:f4:5b:f5:42:73:93:c2:
         18:2c:d7:a8:0d:70:8a:43:9a:3d:c6:7f:ed:70:4c:24:e1:53:
         1f:3e:58:e4:3b:6c:b5:5e:8d:c9:e9:76:0d:15:79:fd:4c:51:
         4f:64:44:ef:c7:48:f6:2b:1b:cc:22:61:d7:2b:fb:cc:15:e0:
         2e:54:4b:9c:8c:42:95:ef:c7:8b:31:da:71:92:63:5c:5c:6d:
         49:5c:94:90:6a:0e:a1:7b:d2:4d:e3:2b:c6:a3:52:39:4a:a9:
         77:70:67:e8:90:5c:85:ef:e3:67:70:99:5d:31:ba:66:a0:96:
         05:d4:59:e2:b3:7a:52:46:9a:a3:9e:5c:3b:f7:82:87:ac:cf:
         62:9b:2b:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQsuFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWI0MzQ5NDA1Mjk4NTg1ZjFlZmNiNjU4NTM3NjE4ZjI1ZDQzMzVlMB4XDTIyMDEw
MTA4NTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWEzNmMyZTczNGJh
MWY2ZWY0ZjYzZDgxZjU1YTJiNWI1MWM0YWQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7/MpdjZTFzkG2DgyCfkOfCUzTjuBxK1nPIuDjqVmLUaiAb
WEU1lRAYsxe8DJmUxTRbmywdfI3k6L7A+Z45V1kbCWmvZr0cYfIblAJqhExX55qk
+sBjM59rV7u5/Nqgcj/fDQAg5BwLmDbn8SQQqRpnw3XiXNfnRNYh6ggqUi3VgJce
v/deDFAdwNL2rOurQLwRwYaRPZm7KQ7LfU8beqDyvzZQvIlqz3bbqRKqhEs0d6GZ
//c8GLJN68uHLxju9Gq/cf9lt6UX4vpl7FkkvSap4ZsyvFih5bC5WKMsnvVCKhyu
aMEJrgRd534serClzP/P4feVniDDcqI78lBoV7MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaNsLnNLofbvT2PYH1WitbUcStSDAfBgNVHSMEGDAWgBRatDSUBSmFhfHv
y2WFN2GPJdQzXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dyUTBsQVVwaFlYeDc4dGxoVGRoanlYVU0xNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNjEyN2E2LTIwNmUtNDYwNi05OTYwLWIzOTQwODg0NDRkOC8x
L1dqYkM1elM2SDI3MDlqMkI5Vm9yVzFIRXJVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NjEyN2E2LTIwNmUtNDYwNi05OTYwLWIzOTQwODg0NDRkOC8xL1dyUTBsQVVwaFlY
eDc4dGxoVGRoanlYVU0xNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFlrCDANBgkqhkiG9w0BAQsFAAOC
AQEAyJIydWr6NA7CbJQTUD8AT3QT2/AQ45il3wfFoFCMUPggmMbXBxHfF9J8oyXZ
Ny8ceh7LNgPPl3arsdkRz6AexuvWvFQFczC3KEKEzcjmurj72KZ9qo2H45p2QDx5
VEDfD5ka6vXzCvxUm4Vj0DdcbcEFU+KBQo30W/VCc5PCGCzXqA1wikOaPcZ/7XBM
JOFTHz5Y5DtstV6Nyel2DRV5/UxRT2RE78dI9isbzCJh1yv7zBXgLlRLnIxCle/H
izHacZJjXFxtSVyUkGoOoXvSTeMrxqNSOUqpd3Bn6JBche/jZ3CZXTG6ZqCWBdRZ
4rN6Ukaao55cO/eCh6zPYpsr7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org