Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a5ecd4-6579-4b26-8f13-df4033502d88/1/RIqnfSxss--lugJf0VOIa-7g1CI.roa
File:                     RIqnfSxss--lugJf0VOIa-7g1CI.roa (raw, json)
Hash identifier:          RLCyYVFTRjlLQr19b2/IiSPvutz8bTpCS1Qo81TgdBI=
Subject key identifier:   44:8A:A7:7D:2C:6C:B3:EF:A5:BA:02:5F:D1:53:88:6B:EE:E0:D4:22
Certificate issuer:       /CN=0e6661a5628c4512932182bdbda7f9272702b8e1
Certificate serial:       C671
Authority key identifier: 0E:66:61:A5:62:8C:45:12:93:21:82:BD:BD:A7:F9:27:27:02:B8:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DmZhpWKMRRKTIYK9vaf5JycCuOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a5ecd4-6579-4b26-8f13-df4033502d88/1/RIqnfSxss--lugJf0VOIa-7g1CI.roa
Signing time:             Fri 14 Jan 2022 11:40:27 +0000
ROA not before:           Fri 14 Jan 2022 11:40:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        45.86.86.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50801 (0xc671)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e6661a5628c4512932182bdbda7f9272702b8e1
        Validity
            Not Before: Jan 14 11:40:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=448aa77d2c6cb3efa5ba025fd153886beee0d422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2f:0c:a7:ec:50:ec:cd:92:81:b5:ec:e3:a6:
                    8d:2a:99:04:bb:38:eb:42:b9:a4:ba:20:75:66:3d:
                    b7:0f:95:53:ae:e2:3c:30:b2:32:e7:8f:36:e7:6c:
                    a2:19:2a:ce:4c:74:28:43:b7:99:b2:a3:fa:bf:bb:
                    5c:90:6d:5d:18:81:64:48:e6:ac:97:84:9b:60:2e:
                    0f:39:78:53:74:65:be:f2:6f:a7:7d:c0:82:ca:ea:
                    1d:17:15:43:82:e4:9e:59:7b:f5:16:3c:18:86:48:
                    34:b2:1a:3d:45:30:36:81:34:5c:74:8f:1e:14:fd:
                    16:77:35:2d:7a:b3:aa:f3:f6:34:95:c6:f0:0f:14:
                    e5:08:40:db:61:15:a1:ad:50:82:89:d9:7e:ee:64:
                    f8:bd:f4:8f:97:0c:58:cf:df:37:5d:e5:68:6e:85:
                    04:80:15:a0:89:04:b3:28:90:e8:a1:5c:0b:16:72:
                    92:4a:cc:dc:b3:a6:7e:4e:54:5b:0d:63:c9:10:ba:
                    b1:26:ec:8a:97:63:40:bb:cf:5e:94:f8:e6:05:68:
                    f5:f4:e0:27:21:42:d6:3a:63:ba:01:a1:b9:5f:64:
                    7c:91:cb:b4:b4:cf:24:b8:cd:4e:dc:b9:3b:72:dc:
                    1a:9f:cb:98:70:13:cf:56:eb:52:84:4b:90:de:63:
                    6d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:8A:A7:7D:2C:6C:B3:EF:A5:BA:02:5F:D1:53:88:6B:EE:E0:D4:22
            X509v3 Authority Key Identifier:
                keyid:0E:66:61:A5:62:8C:45:12:93:21:82:BD:BD:A7:F9:27:27:02:B8:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmZhpWKMRRKTIYK9vaf5JycCuOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a5ecd4-6579-4b26-8f13-df4033502d88/1/RIqnfSxss--lugJf0VOIa-7g1CI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a5ecd4-6579-4b26-8f13-df4033502d88/1/DmZhpWKMRRKTIYK9vaf5JycCuOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:62:98:35:b4:26:9b:0a:77:00:b6:45:d1:e9:eb:42:9f:d0:
         75:34:27:6a:4f:64:a8:5c:8c:a1:0a:58:b1:af:98:74:cd:b3:
         af:f7:04:02:7a:5a:be:59:ee:bb:d7:df:10:9c:c7:46:8c:13:
         bf:2a:ed:dc:b7:c1:2a:2c:bf:3c:3c:93:8c:a6:47:f0:f3:81:
         8f:c0:75:09:09:0d:41:fe:7e:82:6e:0a:c0:c9:23:0c:12:ca:
         74:ff:9d:a0:a8:d1:61:ee:c1:4f:55:41:e5:bc:56:57:3b:c9:
         03:f3:b3:f2:f6:c7:72:23:88:5b:6f:c1:53:15:b4:1a:4f:9f:
         4c:c5:6c:66:b0:2d:2e:2a:34:94:02:77:97:27:f6:42:22:c2:
         b4:b8:5d:e6:9a:54:d0:1a:0d:89:db:f5:57:cc:ec:9d:b7:9b:
         4b:ec:1f:df:89:b6:f2:02:e9:82:e9:a4:24:d0:b8:50:4d:13:
         46:e3:53:e6:18:22:4a:fd:86:fc:af:58:07:6e:ba:5a:a4:ce:
         c7:da:84:cb:d7:a6:88:43:f1:db:c9:d6:63:10:e9:3e:bc:6f:
         e4:de:48:df:da:b0:9f:01:3f:fa:15:62:2f:85:ef:56:28:cd:
         7f:f4:89:2f:91:71:38:b1:be:62:e3:23:1b:df:c1:39:49:4d:
         09:ba:a7:2a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAMZxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
NjY2MWE1NjI4YzQ1MTI5MzIxODJiZGJkYTdmOTI3MjcwMmI4ZTEwHhcNMjIwMTE0
MTE0MDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NDhhYTc3ZDJjNmNi
M2VmYTViYTAyNWZkMTUzODg2YmVlZTBkNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApy8Mp+xQ7M2SgbXs46aNKpkEuzjrQrmkuiB1Zj23D5VTruI8
MLIy548252yiGSrOTHQoQ7eZsqP6v7tckG1dGIFkSOasl4SbYC4POXhTdGW+8m+n
fcCCyuodFxVDguSeWXv1FjwYhkg0sho9RTA2gTRcdI8eFP0WdzUterOq8/Y0lcbw
DxTlCEDbYRWhrVCCidl+7mT4vfSPlwxYz983XeVoboUEgBWgiQSzKJDooVwLFnKS
Sszcs6Z+TlRbDWPJELqxJuyKl2NAu89elPjmBWj19OAnIULWOmO6AaG5X2R8kcu0
tM8kuM1O3Lk7ctwan8uYcBPPVutShEuQ3mNtWwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFESKp30sbLPvpboCX9FTiGvu4NQiMB8GA1UdIwQYMBaAFA5mYaVijEUSkyGC
vb2n+ScnArjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RG1aaHBXS01SUktUSVlLOXZhZjVKeWNDdU9FLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mMy9hNWVjZDQtNjU3OS00YjI2LThmMTMtZGY0MDMzNTAyZDg4LzEv
UklxbmZTeHNzLS1sdWdKZjBWT0lhLTdnMUNJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9h
NWVjZDQtNjU3OS00YjI2LThmMTMtZGY0MDMzNTAyZDg4LzEvRG1aaHBXS01SUktU
SVlLOXZhZjVKeWNDdU9FLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZWMA0GCSqGSIb3DQEBCwUAA4IB
AQAsYpg1tCabCncAtkXR6etCn9B1NCdqT2SoXIyhClixr5h0zbOv9wQCelq+We67
198QnMdGjBO/Ku3ct8EqLL88PJOMpkfw84GPwHUJCQ1B/n6CbgrAySMMEsp0/52g
qNFh7sFPVUHlvFZXO8kD87Py9sdyI4hbb8FTFbQaT59MxWxmsC0uKjSUAneXJ/ZC
IsK0uF3mmlTQGg2J2/VXzOydt5tL7B/fibbyAumC6aQk0LhQTRNG41PmGCJK/Yb8
r1gHbrpapM7H2oTL16aIQ/HbydZjEOk+vG/k3kjf2rCfAT/6FWIvhe9WKM1/9Ikv
kXE4sb5i4yMb38E5SU0Juqcq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:32 2024 by rpki-client on console-fra.rpki-client.org