Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5c0cc9-f761-4e7a-8155-ba9c371e0b66/1/EPFYUtJgImT5qIH8RuOCYEigGlE.roa
File:                     EPFYUtJgImT5qIH8RuOCYEigGlE.roa (raw, json)
Hash identifier:          ekkOycOrOo70Bv3/vRJbhq+zYIpf8bm++7Ircu+lQNc=
Subject key identifier:   10:F1:58:52:D2:60:22:64:F9:A8:81:FC:46:E3:82:60:48:A0:1A:51
Certificate issuer:       /CN=0a2010093f10810b1b85724ea89e294fcdccfbf2
Certificate serial:       0184AFF7EB2EED06F42FAF3DF9E53F3E5952
Authority key identifier: 0A:20:10:09:3F:10:81:0B:1B:85:72:4E:A8:9E:29:4F:CD:CC:FB:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CiAQCT8QgQsbhXJOqJ4pT83M-_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5c0cc9-f761-4e7a-8155-ba9c371e0b66/1/EPFYUtJgImT5qIH8RuOCYEigGlE.roa
Signing time:             Fri 25 Nov 2022 18:06:10 +0000
ROA not before:           Fri 25 Nov 2022 18:06:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209260
IP address blocks:        46.31.64.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:af:f7:eb:2e:ed:06:f4:2f:af:3d:f9:e5:3f:3e:59:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a2010093f10810b1b85724ea89e294fcdccfbf2
        Validity
            Not Before: Nov 25 18:06:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10f15852d2602264f9a881fc46e3826048a01a51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:49:1d:8e:06:b1:c3:0b:1f:10:c4:01:22:5e:
                    01:e7:f1:84:e7:18:be:35:f8:b3:d2:53:27:d8:1d:
                    75:14:fc:c6:08:e1:c7:f1:09:eb:76:b3:17:b7:20:
                    de:34:10:fc:48:73:18:6d:76:6f:4e:c6:df:b5:2e:
                    58:68:69:e4:8e:c6:fc:b0:70:10:2e:9a:50:6d:28:
                    f6:64:16:22:13:33:dd:a0:84:3f:5b:6d:55:13:47:
                    50:05:68:d0:d9:4e:9c:75:3a:95:7e:95:bf:f7:2d:
                    51:10:e9:46:2e:2c:5e:5c:55:16:df:f2:65:6a:3b:
                    b6:70:5c:12:95:3f:c8:fb:49:96:65:6a:c7:76:40:
                    2b:ed:a2:1a:22:d5:57:81:26:62:1a:6a:57:21:85:
                    90:81:cd:42:f2:1e:1f:66:9c:c6:d8:e0:28:8a:7a:
                    94:3d:2d:cd:93:6b:8e:85:d9:a3:39:5d:16:86:c0:
                    53:30:a8:91:fd:04:52:8d:41:6f:5e:03:86:4d:4f:
                    ae:04:d0:22:18:a5:57:c9:70:79:e1:79:e6:d9:fb:
                    0e:50:e0:c8:74:4f:fa:40:ad:f1:30:82:f6:4e:17:
                    0a:28:73:ed:df:7d:51:5f:7c:dd:79:2e:9f:df:eb:
                    64:78:8d:56:65:22:93:71:d8:e1:26:7f:52:17:a8:
                    33:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F1:58:52:D2:60:22:64:F9:A8:81:FC:46:E3:82:60:48:A0:1A:51
            X509v3 Authority Key Identifier:
                keyid:0A:20:10:09:3F:10:81:0B:1B:85:72:4E:A8:9E:29:4F:CD:CC:FB:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiAQCT8QgQsbhXJOqJ4pT83M-_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5c0cc9-f761-4e7a-8155-ba9c371e0b66/1/EPFYUtJgImT5qIH8RuOCYEigGlE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5c0cc9-f761-4e7a-8155-ba9c371e0b66/1/CiAQCT8QgQsbhXJOqJ4pT83M-_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.31.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:1f:44:eb:9b:74:26:e3:32:4b:69:42:3b:86:35:b9:1e:49:
         78:34:44:14:7a:66:24:f5:71:cf:bf:3b:79:73:38:3e:40:8a:
         7a:df:fc:2b:12:3e:99:69:bf:96:d0:9d:95:96:52:38:58:45:
         37:db:10:43:da:07:2d:57:25:da:6f:ad:b2:21:52:a0:ac:61:
         dd:e4:47:83:99:70:27:33:8b:07:da:6e:03:59:ae:66:29:01:
         11:88:c6:93:01:9e:bd:4f:ec:f8:31:a2:d6:7e:19:24:9b:97:
         fc:b7:66:b9:be:52:73:17:b2:53:71:1c:80:2d:12:cc:c8:b2:
         b0:20:8b:ba:4e:5b:ff:0c:fe:53:f8:4d:c9:32:63:5a:f8:0c:
         70:7f:f6:55:7e:83:03:24:8e:cf:2d:f9:81:a1:15:5a:6c:bc:
         45:0d:59:65:07:f8:7e:42:a0:46:cf:41:03:3e:be:60:9e:80:
         6f:40:0f:57:c6:63:c0:bc:fd:d9:e2:d2:0f:aa:7f:60:2d:8b:
         f2:76:d6:b1:c3:6f:5f:a1:14:0d:27:08:3f:04:ce:e8:5c:e1:
         74:c7:25:bb:fc:4f:d8:6e:ba:13:c9:17:94:d2:d2:c9:f0:4c:
         ec:5c:1f:4a:11:0c:b1:6a:d5:7c:8b:3e:74:37:ce:c0:04:79:
         ff:d7:0b:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSv9+su7Qb0L689+eU/PllSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMjAxMDA5M2YxMDgxMGIxYjg1NzI0ZWE4OWUyOTRmY2Rj
Y2ZiZjIwHhcNMjIxMTI1MTgwNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGYxNTg1MmQyNjAyMjY0ZjlhODgxZmM0NmUzODI2MDQ4YTAxYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEkdjgaxwwsfEMQBIl4B5/GE5xi+
Nfiz0lMn2B11FPzGCOHH8QnrdrMXtyDeNBD8SHMYbXZvTsbftS5YaGnkjsb8sHAQ
LppQbSj2ZBYiEzPdoIQ/W21VE0dQBWjQ2U6cdTqVfpW/9y1REOlGLixeXFUW3/Jl
aju2cFwSlT/I+0mWZWrHdkAr7aIaItVXgSZiGmpXIYWQgc1C8h4fZpzG2OAoinqU
PS3Nk2uOhdmjOV0WhsBTMKiR/QRSjUFvXgOGTU+uBNAiGKVXyXB54Xnm2fsOUODI
dE/6QK3xMIL2ThcKKHPt331RX3zdeS6f3+tkeI1WZSKTcdjhJn9SF6gzFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDxWFLSYCJk+aiB/EbjgmBIoBpRMB8GA1UdIwQY
MBaAFAogEAk/EIELG4VyTqieKU/NzPvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lBUUNUOFFnUXNiaFhKT3FKNHBUODNNLV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81YzBjYzktZjc2MS00ZTdhLTgxNTUt
YmE5YzM3MWUwYjY2LzEvRVBGWVV0SmdJbVQ1cUlIOFJ1T0NZRWlnR2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81YzBjYzktZjc2MS00ZTdhLTgxNTUtYmE5YzM3MWUwYjY2
LzEvQ2lBUUNUOFFnUXNiaFhKT3FKNHBUODNNLV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh9AMA0G
CSqGSIb3DQEBCwUAA4IBAQBEH0Trm3Qm4zJLaUI7hjW5Hkl4NEQUemYk9XHPvzt5
czg+QIp63/wrEj6Zab+W0J2VllI4WEU32xBD2gctVyXab62yIVKgrGHd5EeDmXAn
M4sH2m4DWa5mKQERiMaTAZ69T+z4MaLWfhkkm5f8t2a5vlJzF7JTcRyALRLMyLKw
IIu6Tlv/DP5T+E3JMmNa+Axwf/ZVfoMDJI7PLfmBoRVabLxFDVllB/h+QqBGz0ED
Pr5gnoBvQA9XxmPAvP3Z4tIPqn9gLYvydtaxw29foRQNJwg/BM7oXOF0xyW7/E/Y
broTyReU0tLJ8EzsXB9KEQyxatV8iz50N87ABHn/1wtV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:06 2024 by rpki-client on console-ams.rpki-client.org