Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/kA5ZPzP_6RbKKTKbnFsLtoEwipg.roa
File:                     kA5ZPzP_6RbKKTKbnFsLtoEwipg.roa (raw, json)
Hash identifier:          yHZRkIThyLJjgbacVm2eh/dxCElBAXZPMPH/XnV9ipY=
Subject key identifier:   90:0E:59:3F:33:FF:E9:16:CA:29:32:9B:9C:5B:0B:B6:81:30:8A:98
Certificate issuer:       /CN=62fa765a393369c96d8d836f23f76e67489c7dde
Certificate serial:       09F29E32
Authority key identifier: 62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/kA5ZPzP_6RbKKTKbnFsLtoEwipg.roa
Signing time:             Mon 18 Apr 2022 15:32:03 +0000
ROA not before:           Mon 18 Apr 2022 15:32:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        45.66.148.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 166895154 (0x9f29e32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fa765a393369c96d8d836f23f76e67489c7dde
        Validity
            Not Before: Apr 18 15:32:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=900e593f33ffe916ca29329b9c5b0bb681308a98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fc:f5:2e:f9:89:f7:2b:17:01:ca:1e:6c:19:
                    eb:0d:60:2f:cd:e2:06:c3:ea:5a:50:1f:54:bc:d3:
                    1a:8a:d6:2d:f7:b3:1c:e7:d5:ad:73:84:b0:f2:49:
                    18:d5:a7:30:2f:ef:8b:b1:10:96:18:e1:78:d8:09:
                    04:f0:8d:3f:31:b8:c0:56:f2:f9:2e:0a:62:1f:67:
                    67:7d:e4:df:9b:1c:79:2f:0f:2b:81:db:e0:c5:f3:
                    56:03:87:30:c7:86:5e:59:82:65:8f:0d:e2:46:c1:
                    2e:02:cc:60:e4:2d:fc:aa:26:c1:22:16:d8:9d:8d:
                    fe:c4:89:7b:dc:7e:a9:8b:ac:7d:d4:52:14:ad:45:
                    6f:24:f6:ec:32:7c:f2:9e:dd:a0:39:cf:fe:48:80:
                    61:bc:06:ef:c5:6f:13:b1:62:f2:2b:26:29:64:d1:
                    9c:ed:96:22:d7:21:6c:47:9c:50:cf:57:c2:df:a0:
                    ff:25:9a:57:b0:e3:2c:49:07:26:5f:92:df:89:e0:
                    98:bf:c2:64:ed:7f:c5:f9:34:4f:11:6e:b8:81:ba:
                    89:d1:cf:37:5a:ce:df:09:0a:e7:17:ea:30:0a:f5:
                    4b:24:d4:a4:09:82:28:40:a1:0d:6c:9c:23:13:d3:
                    44:bd:93:cd:03:e8:37:6c:ee:45:86:f7:72:ea:dc:
                    1f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:0E:59:3F:33:FF:E9:16:CA:29:32:9B:9C:5B:0B:B6:81:30:8A:98
            X509v3 Authority Key Identifier:
                keyid:62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/kA5ZPzP_6RbKKTKbnFsLtoEwipg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/Yvp2WjkzacltjYNvI_duZ0icfd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:2e:59:f7:99:ad:25:67:ea:8d:c7:a5:31:09:79:a9:95:b4:
         61:d3:4a:b8:6c:1e:16:9e:65:3d:e3:2c:1c:84:b5:1c:9e:0a:
         71:7d:a7:0f:49:67:d1:bf:60:c7:9c:cd:c4:42:56:07:3c:fb:
         cd:ff:09:60:cd:00:bf:df:85:02:ec:6d:c2:d8:b7:85:0e:48:
         bc:07:a9:2b:47:5c:5f:85:4e:8e:fe:33:f6:72:46:c5:c8:07:
         f4:d3:c5:f1:53:4f:f2:45:79:1a:a7:4d:08:f6:26:2b:41:cf:
         7e:93:57:74:57:c0:45:41:33:66:23:0b:ff:f9:a3:26:29:8a:
         4b:e1:ef:2b:b0:01:8c:bc:30:c0:11:3c:3a:9b:e9:3e:57:d7:
         37:a0:43:63:ea:c7:30:64:9d:64:e1:f3:bb:36:c3:de:c9:d7:
         41:ad:85:9a:97:c2:af:a5:bf:21:6f:37:f0:69:d5:bb:b2:a8:
         ba:7f:1c:c9:2d:24:49:57:83:6c:2d:b4:dd:f3:85:23:00:32:
         d9:0e:2c:95:c2:7d:e0:9d:31:de:a9:67:04:d2:81:d2:3d:d0:
         85:48:2e:d3:cc:5b:38:ad:a2:de:1b:1d:ef:fa:65:51:35:59:
         6a:44:1b:e9:7d:f5:d3:ea:94:0e:be:48:40:96:f2:11:e5:93:
         91:64:89:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECfKeMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZhNzY1YTM5MzM2OWM5NmQ4ZDgzNmYyM2Y3NmU2NzQ4OWM3ZGRlMB4XDTIyMDQx
ODE1MzIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAwZTU5M2YzM2Zm
ZTkxNmNhMjkzMjliOWM1YjBiYjY4MTMwOGE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJf89S75ifcrFwHKHmwZ6w1gL83iBsPqWlAfVLzTGorWLfez
HOfVrXOEsPJJGNWnMC/vi7EQlhjheNgJBPCNPzG4wFby+S4KYh9nZ33k35sceS8P
K4Hb4MXzVgOHMMeGXlmCZY8N4kbBLgLMYOQt/KomwSIW2J2N/sSJe9x+qYusfdRS
FK1FbyT27DJ88p7doDnP/kiAYbwG78VvE7Fi8ismKWTRnO2WItchbEecUM9Xwt+g
/yWaV7DjLEkHJl+S34ngmL/CZO1/xfk0TxFuuIG6idHPN1rO3wkK5xfqMAr1SyTU
pAmCKEChDWycIxPTRL2TzQPoN2zuRYb3curcH68CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQDlk/M//pFsopMpucWwu2gTCKmDAfBgNVHSMEGDAWgBRi+nZaOTNpyW2N
g28j925nSJx93jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2cDJXamt6YWNsdGpZTnZJX2R1WjBpY2ZkNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvYWRmZjgwLWIyMDctNGZiZC1iZjVlLTA3ZGQxYjRjNTVkOS8x
L2tBNVpQelBfNlJiS0tUS2JuRnNMdG9Fd2lwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
YWRmZjgwLWIyMDctNGZiZC1iZjVlLTA3ZGQxYjRjNTVkOS8xL1l2cDJXamt6YWNs
dGpZTnZJX2R1WjBpY2ZkNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1ClDANBgkqhkiG9w0BAQsFAAOC
AQEAQS5Z95mtJWfqjcelMQl5qZW0YdNKuGweFp5lPeMsHIS1HJ4KcX2nD0ln0b9g
x5zNxEJWBzz7zf8JYM0Av9+FAuxtwti3hQ5IvAepK0dcX4VOjv4z9nJGxcgH9NPF
8VNP8kV5GqdNCPYmK0HPfpNXdFfARUEzZiML//mjJimKS+HvK7ABjLwwwBE8Opvp
PlfXN6BDY+rHMGSdZOHzuzbD3snXQa2FmpfCr6W/IW838GnVu7Koun8cyS0kSVeD
bC203fOFIwAy2Q4slcJ94J0x3qlnBNKB0j3QhUgu08xbOK2i3hsd7/plUTVZakQb
6X310+qUDr5IQJbyEeWTkWSJew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:20 2024 by rpki-client on console-ams.rpki-client.org