Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/veWnZatUTAwjlWXN_EMxAkpFusk.roa
File:                     veWnZatUTAwjlWXN_EMxAkpFusk.roa (raw, json)
Hash identifier:          K9EGHICsyuizfxmfC8xDOKOsvUCp2CBgcgZ4fYbP4EE=
Subject key identifier:   BD:E5:A7:65:AB:54:4C:0C:23:95:65:CD:FC:43:31:02:4A:45:BA:C9
Certificate issuer:       /CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Certificate serial:       093DBB49
Authority key identifier: FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/veWnZatUTAwjlWXN_EMxAkpFusk.roa
Signing time:             Sat 01 Jan 2022 09:53:06 +0000
ROA not before:           Sat 01 Jan 2022 09:53:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210796
IP address blocks:        91.188.255.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155040585 (0x93dbb49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
        Validity
            Not Before: Jan  1 09:53:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bde5a765ab544c0c239565cdfc4331024a45bac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:78:21:bf:27:9d:3e:74:13:14:ef:38:ba:eb:
                    5c:e3:8f:3b:73:e4:c1:44:f9:b2:3d:ab:b0:30:b2:
                    8a:79:e3:f3:d1:ad:ea:a5:b7:f1:cd:86:42:fb:06:
                    dd:45:ae:68:06:c9:f0:1a:85:15:1d:5b:7b:71:8c:
                    1f:7a:aa:2d:59:94:e7:52:2f:65:39:13:fb:5c:b1:
                    30:d9:c6:46:ec:43:f1:57:be:40:7d:15:27:27:09:
                    67:2d:6d:ee:db:62:5f:3b:a7:b8:33:4c:90:4f:71:
                    fe:e3:68:e8:c1:59:9f:27:f8:10:6a:a7:da:cd:dc:
                    f8:c8:81:be:43:b8:8f:2b:c4:4f:5e:00:c3:c8:2f:
                    45:6e:3d:30:0f:fa:a1:b5:bd:0d:dc:9f:2b:53:be:
                    db:41:4e:c1:26:b0:6d:d2:59:2b:80:95:4d:a7:c9:
                    32:b9:39:aa:b5:d0:a2:cc:4b:a6:e4:68:71:7f:ca:
                    80:1b:1c:5d:8e:a5:82:bc:09:87:70:34:32:07:1a:
                    ab:c5:f4:73:28:c3:44:b8:80:68:03:36:1b:c9:c9:
                    c2:92:6b:63:b7:01:a5:e4:19:94:59:1e:5c:84:ee:
                    0a:2a:8c:35:cc:39:39:15:80:14:e4:66:0f:41:23:
                    7b:41:0f:d3:01:58:c7:45:5a:0e:2b:21:55:a7:f4:
                    e9:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:E5:A7:65:AB:54:4C:0C:23:95:65:CD:FC:43:31:02:4A:45:BA:C9
            X509v3 Authority Key Identifier:
                keyid:FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/veWnZatUTAwjlWXN_EMxAkpFusk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/_zbtM3WmqJXK3Ung7NQplFSzuJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:8d:a0:c1:4b:c9:5a:fc:07:eb:03:83:14:88:4e:c3:d4:d6:
         1b:6f:d9:a2:9e:96:42:f8:b9:7a:23:99:a2:0f:49:ab:f8:69:
         8d:d1:7d:fa:93:27:63:cf:0c:ed:bc:05:33:42:4b:f8:9e:e2:
         97:db:62:2f:e9:eb:13:2f:37:af:cc:3f:9e:33:90:70:bc:9a:
         9b:bf:23:1d:a6:79:33:fe:e9:ec:40:ef:68:b3:fa:74:3b:2e:
         f6:b4:ce:a5:22:10:82:c6:d0:b5:3d:2f:a2:be:6f:ff:e6:e3:
         7e:1c:2f:d9:44:42:ad:0d:f0:3f:8a:39:c0:fd:25:38:68:1f:
         0f:e2:02:77:c9:2f:e1:ad:45:df:e0:94:12:d5:2f:17:3b:21:
         25:ca:6c:61:8a:d4:51:84:55:f1:ea:5e:6e:72:99:85:66:e9:
         4a:50:35:ed:a7:4b:ff:41:de:f4:7e:86:69:ce:45:fc:08:3a:
         90:a8:d2:4c:0f:60:62:75:f3:01:32:18:d8:50:87:8e:6e:3e:
         35:2a:fe:6a:8a:55:33:92:a1:6b:b0:7a:d1:ca:3f:d6:f5:76:
         cd:73:3e:33:42:03:b3:45:61:ec:7b:9c:7a:cd:85:af:dd:09:
         68:10:b0:35:a1:2f:28:85:69:1c:34:d3:ee:81:1a:b5:40:fb:
         51:41:a4:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECT27STANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjM2ZWQzMzc1YTZhODk1Y2FkZDQ5ZTBlY2Q0Mjk5NDU0YjNiODljMB4XDTIyMDEw
MTA5NTMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRlNWE3NjVhYjU0
NGMwYzIzOTU2NWNkZmM0MzMxMDI0YTQ1YmFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMF4Ib8nnT50ExTvOLrrXOOPO3PkwUT5sj2rsDCyinnj89Gt
6qW38c2GQvsG3UWuaAbJ8BqFFR1be3GMH3qqLVmU51IvZTkT+1yxMNnGRuxD8Ve+
QH0VJycJZy1t7ttiXzunuDNMkE9x/uNo6MFZnyf4EGqn2s3c+MiBvkO4jyvET14A
w8gvRW49MA/6obW9DdyfK1O+20FOwSawbdJZK4CVTafJMrk5qrXQosxLpuRocX/K
gBscXY6lgrwJh3A0Mgcaq8X0cyjDRLiAaAM2G8nJwpJrY7cBpeQZlFkeXITuCiqM
Ncw5ORWAFORmD0Eje0EP0wFYx0VaDishVaf06RMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS95adlq1RMDCOVZc38QzECSkW6yTAfBgNVHSMEGDAWgBT/Nu0zdaaolcrd
SeDs1CmUVLO4nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196YnRNM1dtcUpYSzNVbmc3TlFwbEZTenVKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvM2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8x
L3ZlV25aYXRVVEF3amxXWE5fRU14QWtwRnVzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
M2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8xL196YnRNM1dtcUpY
SzNVbmc3TlFwbEZTenVKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFu8/zANBgkqhkiG9w0BAQsFAAOC
AQEAVo2gwUvJWvwH6wODFIhOw9TWG2/Zop6WQvi5eiOZog9Jq/hpjdF9+pMnY88M
7bwFM0JL+J7il9tiL+nrEy83r8w/njOQcLyam78jHaZ5M/7p7EDvaLP6dDsu9rTO
pSIQgsbQtT0vor5v/+bjfhwv2URCrQ3wP4o5wP0lOGgfD+ICd8kv4a1F3+CUEtUv
FzshJcpsYYrUUYRV8epebnKZhWbpSlA17adL/0He9H6Gac5F/Ag6kKjSTA9gYnXz
ATIY2FCHjm4+NSr+aopVM5Kha7B60co/1vV2zXM+M0IDs0Vh7Huces2Fr90JaBCw
NaEvKIVpHDTT7oEatUD7UUGkQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:56 2024 by rpki-client on console-ams.rpki-client.org