Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/krEJKipVa8jSCtPbezpXHxBA29Y.roa
File:                     krEJKipVa8jSCtPbezpXHxBA29Y.roa (raw, json)
Hash identifier:          /DoCLlu/rG1Wwk/5R3GOmT643nQdvv8MDQxw/T3JGPg=
Subject key identifier:   92:B1:09:2A:2A:55:6B:C8:D2:0A:D3:DB:7B:3A:57:1F:10:40:DB:D6
Certificate issuer:       /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial:       01823B4C77145FDA2C561DD24DB14924D88F
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/krEJKipVa8jSCtPbezpXHxBA29Y.roa
Signing time:             Tue 26 Jul 2022 16:17:23 +0000
ROA not before:           Tue 26 Jul 2022 16:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49697
IP address blocks:        45.139.8.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3b:4c:77:14:5f:da:2c:56:1d:d2:4d:b1:49:24:d8:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
        Validity
            Not Before: Jul 26 16:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92b1092a2a556bc8d20ad3db7b3a571f1040dbd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6e:99:ac:6f:16:ac:8b:fa:83:e0:29:41:cf:
                    51:a5:c7:cc:72:1c:f4:1d:10:c2:ac:c6:29:50:e9:
                    99:a9:b1:16:75:c9:ce:3d:35:ee:71:42:62:8d:60:
                    dc:21:c4:7f:3c:1e:08:a9:60:5c:8d:52:b6:ee:ff:
                    35:e1:1f:4f:91:c2:76:df:ff:81:c0:43:4f:62:d4:
                    09:c0:a2:dd:a6:2d:e2:94:ff:78:0f:1a:eb:3e:27:
                    4e:cc:ac:c9:e7:5a:d6:32:21:86:13:52:a9:a0:a4:
                    b5:7c:12:82:bd:e5:98:57:d0:d0:6c:9b:45:33:b3:
                    3e:ce:90:21:16:73:c4:8a:99:55:96:f7:fa:35:8d:
                    ee:d1:fc:33:5d:e4:1c:fc:27:5d:d8:02:b8:21:d0:
                    83:9e:15:4f:5a:dd:73:af:fc:73:ae:a3:e8:28:d1:
                    f8:92:9e:31:eb:71:92:37:96:dd:62:a3:96:05:37:
                    98:2b:c8:76:dc:64:78:4d:79:1c:06:ae:40:79:56:
                    37:ec:3a:8f:2e:e8:5b:b2:53:52:78:5b:54:da:8c:
                    ce:cc:7e:22:0a:0b:c0:34:c6:d3:cd:3b:a6:e0:07:
                    e6:70:77:8f:89:a1:23:69:90:35:62:fb:4f:3c:81:
                    1e:91:e9:83:43:47:04:19:40:1c:cf:b3:f5:a9:0f:
                    f7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B1:09:2A:2A:55:6B:C8:D2:0A:D3:DB:7B:3A:57:1F:10:40:DB:D6
            X509v3 Authority Key Identifier:
                keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/krEJKipVa8jSCtPbezpXHxBA29Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:0c:bd:f1:b7:6b:dc:9e:2d:96:3c:b1:11:ff:fe:a4:56:26:
         2d:e3:83:37:ba:eb:1f:d8:8a:5c:9c:90:57:78:93:d9:4e:ac:
         1b:b0:a2:53:11:a6:43:76:67:e8:e3:cc:24:c2:fd:02:ba:5d:
         32:56:a8:b9:bf:5c:00:35:b0:1f:79:4f:4f:af:04:8a:30:ae:
         1f:b9:b7:f9:4c:0c:a6:59:47:c2:ff:e3:13:a9:09:36:9a:53:
         46:38:ef:14:22:a6:79:fe:c4:ad:50:e4:a6:45:33:d1:a7:58:
         55:3e:e1:b7:c5:f6:f4:6c:3c:1b:61:6d:52:9f:f4:18:45:47:
         f1:c3:99:87:61:17:92:6e:6f:ca:7d:bd:32:0e:bd:16:0e:75:
         f1:84:ad:f6:cb:d3:34:48:44:07:ec:24:48:c8:d7:ac:b1:78:
         87:70:49:be:8c:00:e3:a8:fd:b3:39:46:c5:63:fd:96:d4:67:
         34:27:27:e7:07:06:1e:70:10:bf:d9:13:d8:2e:01:6b:95:2e:
         84:e5:51:d7:1d:15:92:f4:45:f2:20:3d:9c:38:ec:3f:10:ed:
         9b:42:fd:01:33:8e:7d:13:5a:b5:a3:81:95:6c:a2:87:fb:84:
         45:c2:9d:fd:d7:77:05:af:4b:b9:74:a8:aa:bf:ea:12:eb:9a:
         68:d6:26:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI7THcUX9osVh3STbFJJNiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIwNzI2MTYxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIxMDkyYTJhNTU2YmM4ZDIwYWQzZGI3YjNhNTcxZjEwNDBkYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW6ZrG8WrIv6g+ApQc9RpcfMchz0
HRDCrMYpUOmZqbEWdcnOPTXucUJijWDcIcR/PB4IqWBcjVK27v814R9PkcJ23/+B
wENPYtQJwKLdpi3ilP94DxrrPidOzKzJ51rWMiGGE1KpoKS1fBKCveWYV9DQbJtF
M7M+zpAhFnPEiplVlvf6NY3u0fwzXeQc/Cdd2AK4IdCDnhVPWt1zr/xzrqPoKNH4
kp4x63GSN5bdYqOWBTeYK8h23GR4TXkcBq5AeVY37DqPLuhbslNSeFtU2ozOzH4i
CgvANMbTzTum4AfmcHePiaEjaZA1YvtPPIEekemDQ0cEGUAcz7P1qQ/38wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKxCSoqVWvI0grT23s6Vx8QQNvWMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEva3JFSktpcFZhOGpTQ3RQYmV6cFhIeEJBMjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYsIMA0G
CSqGSIb3DQEBCwUAA4IBAQBaDL3xt2vcni2WPLER//6kViYt44M3uusf2IpcnJBX
eJPZTqwbsKJTEaZDdmfo48wkwv0Cul0yVqi5v1wANbAfeU9PrwSKMK4fubf5TAym
WUfC/+MTqQk2mlNGOO8UIqZ5/sStUOSmRTPRp1hVPuG3xfb0bDwbYW1Sn/QYRUfx
w5mHYReSbm/Kfb0yDr0WDnXxhK32y9M0SEQH7CRIyNessXiHcEm+jADjqP2zOUbF
Y/2W1Gc0JyfnBwYecBC/2RPYLgFrlS6E5VHXHRWS9EXyID2cOOw/EO2bQv0BM459
E1q1o4GVbKKH+4RFwp3913cFr0u5dKiqv+oS65po1iY3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:24 2024 by rpki-client on console-fra.rpki-client.org