Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1e8c8d-f650-4d5a-9e8c-2016b1e97f9b/1/rQfmMB8EhGCc5zG7mP2iw-nb28o.roa
File:                     rQfmMB8EhGCc5zG7mP2iw-nb28o.roa (raw, json)
Hash identifier:          rVU/IaObZvbJjVKhSgD11MCQ/U+mEgOyQTLXDLyK//s=
Subject key identifier:   AD:07:E6:30:1F:04:84:60:9C:E7:31:BB:98:FD:A2:C3:E9:DB:DB:CA
Certificate issuer:       /CN=7ae9beb14e5572bac4fc930b26cacf3d92029662
Certificate serial:       042B383D
Authority key identifier: 7A:E9:BE:B1:4E:55:72:BA:C4:FC:93:0B:26:CA:CF:3D:92:02:96:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eum-sU5VcrrE_JMLJsrPPZIClmI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/1e8c8d-f650-4d5a-9e8c-2016b1e97f9b/1/rQfmMB8EhGCc5zG7mP2iw-nb28o.roa
Signing time:             Mon 31 Jan 2022 08:08:43 +0000
ROA not before:           Mon 31 Jan 2022 08:08:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        217.74.20.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69941309 (0x42b383d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ae9beb14e5572bac4fc930b26cacf3d92029662
        Validity
            Not Before: Jan 31 08:08:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad07e6301f0484609ce731bb98fda2c3e9dbdbca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:be:40:d8:67:45:f1:77:4c:91:58:8f:60:f8:
                    5f:5d:dd:1a:c3:79:27:2a:9e:e8:2f:04:62:30:0c:
                    23:02:0d:ae:73:65:1f:96:4d:0b:e3:29:ab:ea:9c:
                    fb:05:ed:68:79:5e:a4:98:a6:1d:44:9d:f0:41:17:
                    64:dd:c2:cc:10:9b:2f:01:bf:70:58:18:4d:81:fb:
                    af:66:5b:1a:08:6c:9a:c8:0d:bf:65:a4:85:f2:7b:
                    0b:df:02:8f:11:20:e4:70:23:97:06:59:8c:8e:cd:
                    18:82:d7:f1:67:30:18:84:cb:cc:da:53:67:da:b6:
                    f3:c1:40:50:94:80:7a:2d:dc:c8:d5:66:ae:3c:5d:
                    dd:ac:c3:95:8b:bd:35:c8:a4:84:75:da:da:0c:f0:
                    66:e1:ba:32:10:c8:9c:d2:7c:f6:7f:22:26:23:84:
                    13:52:b8:3f:83:52:cf:fc:94:54:86:f6:64:ca:b4:
                    6c:32:2d:2d:aa:75:0c:ef:12:b3:77:cb:15:c1:19:
                    6c:91:04:ff:af:ff:fd:d5:ad:3d:1f:15:77:31:a7:
                    73:ad:ad:3b:09:4b:8b:1f:d6:aa:2d:27:a5:4e:82:
                    97:73:fc:70:9b:42:36:fe:85:67:7d:59:e5:64:92:
                    a6:1d:da:43:e4:d0:97:86:50:c8:89:10:cc:2e:6b:
                    73:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:07:E6:30:1F:04:84:60:9C:E7:31:BB:98:FD:A2:C3:E9:DB:DB:CA
            X509v3 Authority Key Identifier:
                keyid:7A:E9:BE:B1:4E:55:72:BA:C4:FC:93:0B:26:CA:CF:3D:92:02:96:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eum-sU5VcrrE_JMLJsrPPZIClmI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1e8c8d-f650-4d5a-9e8c-2016b1e97f9b/1/rQfmMB8EhGCc5zG7mP2iw-nb28o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1e8c8d-f650-4d5a-9e8c-2016b1e97f9b/1/eum-sU5VcrrE_JMLJsrPPZIClmI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.74.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:47:68:1a:fc:47:97:a9:ed:66:51:fe:db:1e:2c:be:ff:b7:
         9e:29:d2:f4:b9:8c:98:ea:a4:7c:2c:c3:5d:e3:aa:44:3f:67:
         e4:01:21:48:ab:c6:ff:f9:08:2e:86:6b:17:0d:e3:f2:8d:ec:
         7d:88:19:97:10:58:53:36:7f:e0:db:f5:00:79:ef:2a:ca:74:
         88:bb:8c:59:61:52:a5:9f:68:43:9f:2d:1f:99:63:bd:0a:91:
         63:79:41:29:18:36:b2:78:55:ca:f5:f8:e6:ea:a9:ce:dd:5d:
         d1:52:01:5a:5e:d4:ae:af:9e:46:ca:9e:3c:c6:3f:f0:b4:3f:
         c9:bd:5a:4a:ee:66:c5:53:bd:4d:54:98:41:70:70:ed:32:f2:
         23:7c:c2:07:cb:34:e1:3b:3c:5e:af:01:84:22:c6:9c:d8:58:
         80:95:29:03:64:50:de:c3:db:9b:99:bf:03:e6:d4:eb:0b:fc:
         e9:90:b0:49:98:6f:2f:d9:9a:63:23:f9:d9:bc:6c:b4:4d:7e:
         d8:23:61:04:8d:f3:50:80:19:b5:86:9f:f9:d0:e4:81:9b:94:
         c8:d6:d5:d7:16:b3:2e:6c:55:a1:71:90:e6:2b:7b:74:a5:ee:
         aa:e4:bb:c8:b8:f3:09:a6:b5:03:72:24:d4:50:13:3e:67:4a:
         6d:5c:0d:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCs4PTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YWU5YmViMTRlNTU3MmJhYzRmYzkzMGIyNmNhY2YzZDkyMDI5NjYyMB4XDTIyMDEz
MTA4MDg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQwN2U2MzAxZjA0
ODQ2MDljZTczMWJiOThmZGEyYzNlOWRiZGJjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq+QNhnRfF3TJFYj2D4X13dGsN5Jyqe6C8EYjAMIwINrnNl
H5ZNC+Mpq+qc+wXtaHlepJimHUSd8EEXZN3CzBCbLwG/cFgYTYH7r2ZbGghsmsgN
v2WkhfJ7C98CjxEg5HAjlwZZjI7NGILX8WcwGITLzNpTZ9q288FAUJSAei3cyNVm
rjxd3azDlYu9NcikhHXa2gzwZuG6MhDInNJ89n8iJiOEE1K4P4NSz/yUVIb2ZMq0
bDItLap1DO8Ss3fLFcEZbJEE/6///dWtPR8VdzGnc62tOwlLix/Wqi0npU6Cl3P8
cJtCNv6FZ31Z5WSSph3aQ+TQl4ZQyIkQzC5rc30CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBStB+YwHwSEYJznMbuY/aLD6dvbyjAfBgNVHSMEGDAWgBR66b6xTlVyusT8
kwsmys89kgKWYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2V1bS1zVTVWY3JyRV9KTUxKc3JQUFpJQ2xtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMWU4YzhkLWY2NTAtNGQ1YS05ZThjLTIwMTZiMWU5N2Y5Yi8x
L3JRZm1NQjhFaEdDYzV6RzdtUDJpdy1uYjI4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MWU4YzhkLWY2NTAtNGQ1YS05ZThjLTIwMTZiMWU5N2Y5Yi8xL2V1bS1zVTVWY3Jy
RV9KTUxKc3JQUFpJQ2xtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANlKFDANBgkqhkiG9w0BAQsFAAOC
AQEAiUdoGvxHl6ntZlH+2x4svv+3ninS9LmMmOqkfCzDXeOqRD9n5AEhSKvG//kI
LoZrFw3j8o3sfYgZlxBYUzZ/4Nv1AHnvKsp0iLuMWWFSpZ9oQ58tH5ljvQqRY3lB
KRg2snhVyvX45uqpzt1d0VIBWl7Urq+eRsqePMY/8LQ/yb1aSu5mxVO9TVSYQXBw
7TLyI3zCB8s04Ts8Xq8BhCLGnNhYgJUpA2RQ3sPbm5m/A+bU6wv86ZCwSZhvL9ma
YyP52bxstE1+2CNhBI3zUIAZtYaf+dDkgZuUyNbV1xazLmxVoXGQ5it7dKXuquS7
yLjzCaa1A3Ik1FATPmdKbVwNKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:51 2024 by rpki-client on console-ams.rpki-client.org