Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/N98VY57q7H9mn1_iTJhkCEDDUkc.roa
File:                     N98VY57q7H9mn1_iTJhkCEDDUkc.roa (raw, json)
Hash identifier:          JYvqABUKSbgDReh1ykOZclub7p9subXkBD+ig0wp1ic=
Subject key identifier:   37:DF:15:63:9E:EA:EC:7F:66:9F:5F:E2:4C:98:64:08:40:C3:52:47
Certificate issuer:       /CN=bb9d4574a1473c54a60d6fabbe46025a0f1df800
Certificate serial:       020DEFB1
Authority key identifier: BB:9D:45:74:A1:47:3C:54:A6:0D:6F:AB:BE:46:02:5A:0F:1D:F8:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u51FdKFHPFSmDW-rvkYCWg8d-AA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/N98VY57q7H9mn1_iTJhkCEDDUkc.roa
Signing time:             Sat 01 Jan 2022 08:03:47 +0000
ROA not before:           Sat 01 Jan 2022 08:03:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210937
IP address blocks:        2a11::/29 maxlen: 128

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34467761 (0x20defb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb9d4574a1473c54a60d6fabbe46025a0f1df800
        Validity
            Not Before: Jan  1 08:03:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37df15639eeaec7f669f5fe24c98640840c35247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d5:2a:3d:40:ed:02:09:78:4e:9d:44:be:92:
                    9e:fb:29:da:c8:a4:9b:75:41:d0:37:b2:a6:7b:dd:
                    35:3c:e6:6b:52:b3:bd:80:e4:de:37:e1:02:72:77:
                    79:b8:fe:5f:c9:ad:54:97:3a:8b:bb:08:f3:a8:9e:
                    91:50:f0:6c:a8:f3:ac:7e:bd:a6:e0:24:dc:50:1c:
                    6b:8a:b4:f8:02:6f:7c:8c:72:f7:22:41:cd:06:8c:
                    6b:2c:ba:3a:ce:fd:15:37:05:cb:77:fd:ff:51:ec:
                    da:9b:9b:59:e9:d9:ed:17:8d:8e:77:b5:bb:14:48:
                    7a:34:a3:6d:a7:fe:92:c2:bd:a9:a7:11:f6:ad:d8:
                    68:5c:02:2b:b7:4b:9d:45:9f:b6:d5:cd:39:45:f6:
                    97:58:c6:bc:fc:94:f1:e0:ba:e5:36:6b:b6:db:4f:
                    44:b8:02:7b:68:b2:9d:8a:21:42:12:6c:94:56:20:
                    b1:77:9c:5f:e0:5c:fc:f6:6f:e3:42:58:04:40:48:
                    cf:cb:9f:44:3d:26:fd:80:4a:2f:51:7b:a4:c8:a2:
                    0a:a7:66:56:df:74:a1:d3:f0:d8:d2:0a:e6:0d:f1:
                    69:65:94:5d:f9:1c:b8:2d:18:cc:22:2e:8b:65:56:
                    10:2e:d1:7e:36:5b:8b:6d:ac:32:ac:10:ff:fa:25:
                    fe:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:DF:15:63:9E:EA:EC:7F:66:9F:5F:E2:4C:98:64:08:40:C3:52:47
            X509v3 Authority Key Identifier:
                keyid:BB:9D:45:74:A1:47:3C:54:A6:0D:6F:AB:BE:46:02:5A:0F:1D:F8:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u51FdKFHPFSmDW-rvkYCWg8d-AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/N98VY57q7H9mn1_iTJhkCEDDUkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/426ab9-ea35-477d-9a3a-e10c8a570b70/1/u51FdKFHPFSmDW-rvkYCWg8d-AA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:88:7d:ad:10:d0:65:41:04:f4:d8:59:02:1f:ba:ad:4d:9a:
         95:80:c3:13:e2:00:98:f4:d9:98:b7:45:62:e2:0d:17:f4:f9:
         9a:d6:89:b4:c0:2a:e2:ef:b0:a3:01:d2:da:9c:7d:13:ee:23:
         27:89:29:59:2a:26:68:f9:6b:65:c7:8a:61:0f:eb:e2:0d:87:
         a1:c8:4f:2d:36:2e:fa:0f:f3:5b:f3:03:77:49:fd:26:18:25:
         fd:a1:b3:00:3d:5e:75:65:78:9c:5b:42:f7:ea:88:18:44:10:
         dd:bb:c2:50:df:09:eb:89:58:d8:2f:44:76:bd:ea:38:b7:f9:
         a6:f4:ab:f5:62:70:b7:8b:42:26:0c:72:80:d5:b7:88:80:1e:
         09:28:5b:5c:4f:1c:41:37:c2:6f:2f:e7:79:b9:1d:cb:b1:57:
         2c:1b:12:de:c5:4d:79:fa:6b:86:51:93:9c:3d:02:00:97:6c:
         86:25:b1:0e:44:ec:a0:71:66:06:83:20:53:3a:5c:ed:6c:3a:
         45:56:ba:8c:cb:ba:dc:d0:d2:84:25:fd:a7:0d:69:72:27:42:
         7a:2a:94:67:0c:97:46:7e:5d:e9:2b:bd:ac:03:77:ef:4c:be:
         a5:81:1c:da:58:3a:2c:79:b3:34:0e:1c:4f:aa:69:9f:9e:e3:
         c0:fa:f7:59
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAg3vsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjlkNDU3NGExNDczYzU0YTYwZDZmYWJiZTQ2MDI1YTBmMWRmODAwMB4XDTIyMDEw
MTA4MDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdkZjE1NjM5ZWVh
ZWM3ZjY2OWY1ZmUyNGM5ODY0MDg0MGMzNTI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTVKj1A7QIJeE6dRL6Snvsp2sikm3VB0DeypnvdNTzma1Kz
vYDk3jfhAnJ3ebj+X8mtVJc6i7sI86iekVDwbKjzrH69puAk3FAca4q0+AJvfIxy
9yJBzQaMayy6Os79FTcFy3f9/1Hs2pubWenZ7ReNjne1uxRIejSjbaf+ksK9qacR
9q3YaFwCK7dLnUWfttXNOUX2l1jGvPyU8eC65TZrtttPRLgCe2iynYohQhJslFYg
sXecX+Bc/PZv40JYBEBIz8ufRD0m/YBKL1F7pMiiCqdmVt90odPw2NIK5g3xaWWU
XfkcuC0YzCIui2VWEC7RfjZbi22sMqwQ//ol/l8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQ33xVjnursf2afX+JMmGQIQMNSRzAfBgNVHSMEGDAWgBS7nUV0oUc8VKYN
b6u+RgJaDx34ADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U1MUZkS0ZIUEZTbURXLXJ2a1lDV2c4ZC1BQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvNDI2YWI5LWVhMzUtNDc3ZC05YTNhLWUxMGM4YTU3MGI3MC8x
L045OFZZNTdxN0g5bW4xX2lUSmhrQ0VERFVrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
NDI2YWI5LWVhMzUtNDc3ZC05YTNhLWUxMGM4YTU3MGI3MC8xL3U1MUZkS0ZIUEZT
bURXLXJ2a1lDV2c4ZC1BQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRAAAwDQYJKoZIhvcNAQELBQAD
ggEBABSIfa0Q0GVBBPTYWQIfuq1NmpWAwxPiAJj02Zi3RWLiDRf0+ZrWibTAKuLv
sKMB0tqcfRPuIyeJKVkqJmj5a2XHimEP6+INh6HITy02LvoP81vzA3dJ/SYYJf2h
swA9XnVleJxbQvfqiBhEEN27wlDfCeuJWNgvRHa96ji3+ab0q/VicLeLQiYMcoDV
t4iAHgkoW1xPHEE3wm8v53m5HcuxVywbEt7FTXn6a4ZRk5w9AgCXbIYlsQ5E7KBx
ZgaDIFM6XO1sOkVWuozLutzQ0oQl/acNaXInQnoqlGcMl0Z+XekrvawDd+9MvqWB
HNpYOix5szQOHE+qaZ+e48D691k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:04 2024 by rpki-client on console-fra.rpki-client.org