Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/wngtbFo9GYpo3PIKJRUKYjXDiS0.roa
File:                     wngtbFo9GYpo3PIKJRUKYjXDiS0.roa (raw, json)
Hash identifier:          b1PCJv8dcuA/rzu3ccr43qMqjRiHdHvxtesPzwqpf0k=
Subject key identifier:   C2:78:2D:6C:5A:3D:19:8A:68:DC:F2:0A:25:15:0A:62:35:C3:89:2D
Certificate issuer:       /CN=15a03a003b018763507529e60a2783e89ec61727
Certificate serial:       018D54CCBB032A2EE999B4913B298AC794F2
Authority key identifier: 15:A0:3A:00:3B:01:87:63:50:75:29:E6:0A:27:83:E8:9E:C6:17:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FaA6ADsBh2NQdSnmCieD6J7GFyc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/wngtbFo9GYpo3PIKJRUKYjXDiS0.roa
Signing time:             Mon 29 Jan 2024 10:38:39 +0000
ROA not before:           Mon 29 Jan 2024 10:38:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43607
IP address blocks:        2a07:2480::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:54:cc:bb:03:2a:2e:e9:99:b4:91:3b:29:8a:c7:94:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15a03a003b018763507529e60a2783e89ec61727
        Validity
            Not Before: Jan 29 10:38:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c2782d6c5a3d198a68dcf20a25150a6235c3892d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:19:d2:a5:71:97:ad:80:18:36:8b:9c:f7:fe:
                    7a:c7:1d:e7:34:c9:aa:ff:1c:a7:dd:17:b1:56:3e:
                    01:e3:c2:cf:f6:87:c8:f7:69:64:c5:05:a1:d2:d0:
                    79:c9:c8:51:1d:48:c6:1a:cc:19:71:96:78:e8:ef:
                    2f:8e:e1:80:7e:90:a2:3b:c2:c8:bb:94:63:e0:10:
                    ee:f6:a1:de:1c:b1:a6:40:45:ad:92:cc:3b:9f:b8:
                    9e:73:d6:f8:14:a2:76:5d:bb:00:be:58:f1:a9:9d:
                    45:31:65:30:da:65:8d:dc:e9:13:96:65:5c:86:bb:
                    f8:68:7b:21:2b:56:ba:4b:9e:d0:6c:e0:21:94:ba:
                    ee:bd:e0:69:65:ac:11:d2:3c:f7:d7:09:4b:95:72:
                    97:51:73:c7:ec:2d:b5:5a:72:1f:f5:47:08:09:0c:
                    db:ad:63:ec:e7:1d:26:56:e1:e8:62:89:38:6c:28:
                    d3:ca:21:fe:c7:c6:df:d9:01:00:ee:2a:fa:ea:c8:
                    cb:3f:2b:70:28:64:75:4f:7e:73:2a:bc:4c:1f:db:
                    9f:45:5c:09:00:78:48:0c:56:3f:8c:f6:96:24:86:
                    6b:3a:9d:f7:ec:37:29:27:98:f5:f2:63:3b:0f:77:
                    d6:36:2f:9e:6d:77:a1:3a:0d:65:8a:36:5f:7b:03:
                    ee:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:78:2D:6C:5A:3D:19:8A:68:DC:F2:0A:25:15:0A:62:35:C3:89:2D
            X509v3 Authority Key Identifier:
                keyid:15:A0:3A:00:3B:01:87:63:50:75:29:E6:0A:27:83:E8:9E:C6:17:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FaA6ADsBh2NQdSnmCieD6J7GFyc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/wngtbFo9GYpo3PIKJRUKYjXDiS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/FaA6ADsBh2NQdSnmCieD6J7GFyc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:2480::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:13:1c:c0:47:15:15:02:11:3d:d8:2d:e7:6b:a0:ba:3d:a8:
         bb:53:3d:65:fc:5b:98:41:7d:8c:67:23:60:6b:a3:1c:1f:07:
         a8:ae:69:d5:7f:88:30:82:1c:7c:2a:9b:29:98:ea:b6:26:17:
         d9:74:15:14:5a:ce:30:90:3f:6e:09:bb:59:30:00:33:88:57:
         26:dc:a8:22:6d:5b:2c:da:cc:4a:24:61:25:7e:33:ea:7d:24:
         4f:8a:45:0e:a0:98:a5:c0:24:78:96:57:e8:83:4d:7d:33:86:
         b7:87:43:31:d8:a0:44:d6:03:5e:02:bc:4b:41:a9:99:a2:09:
         80:48:38:d7:9d:c0:d9:56:ea:12:f7:cb:a1:8b:30:19:ff:c6:
         c5:ca:71:f1:42:1f:f9:f2:7b:95:6a:65:30:41:1c:92:cc:00:
         71:7d:c8:2a:30:1a:fe:a4:bb:bd:1f:a0:da:19:26:7f:64:bd:
         93:5a:67:ad:e6:15:41:16:0b:85:5d:cb:37:ad:f0:4e:2c:9b:
         ea:3b:8d:cb:36:28:44:f1:80:4a:e2:84:f6:30:f0:da:b1:67:
         c0:2c:ba:3c:ba:52:df:ae:ab:cf:25:c0:1e:aa:d6:3c:79:df:
         58:d8:cd:aa:dd:93:be:e4:5d:ed:aa:bf:e9:b6:93:c0:22:5f:
         da:93:ce:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1UzLsDKi7pmbSROymKx5TyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YTAzYTAwM2IwMTg3NjM1MDc1MjllNjBhMjc4M2U4OWVj
NjE3MjcwHhcNMjQwMTI5MTAzODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc4MmQ2YzVhM2QxOThhNjhkY2YyMGEyNTE1MGE2MjM1YzM4OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRnSpXGXrYAYNouc9/56xx3nNMmq
/xyn3RexVj4B48LP9ofI92lkxQWh0tB5ychRHUjGGswZcZZ46O8vjuGAfpCiO8LI
u5Rj4BDu9qHeHLGmQEWtksw7n7iec9b4FKJ2XbsAvljxqZ1FMWUw2mWN3OkTlmVc
hrv4aHshK1a6S57QbOAhlLruveBpZawR0jz31wlLlXKXUXPH7C21WnIf9UcICQzb
rWPs5x0mVuHoYok4bCjTyiH+x8bf2QEA7ir66sjLPytwKGR1T35zKrxMH9ufRVwJ
AHhIDFY/jPaWJIZrOp337DcpJ5j18mM7D3fWNi+ebXehOg1lijZfewPunwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMJ4LWxaPRmKaNzyCiUVCmI1w4ktMB8GA1UdIwQY
MBaAFBWgOgA7AYdjUHUp5gong+iexhcnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmFBNkFEc0JoMk5RZFNubUNpZUQ2SjdHRnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80OTQ4MzQtZjU1OS00MGZmLWFiMWYt
ZjcwM2Y0ZWJhNTUzLzEvd25ndGJGbzlHWXBvM1BJS0pSVUtZalhEaVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80OTQ4MzQtZjU1OS00MGZmLWFiMWYtZjcwM2Y0ZWJhNTUz
LzEvRmFBNkFEc0JoMk5RZFNubUNpZUQ2SjdHRnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgckgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZRMcwEcVFQIRPdgt52uguj2ou1M9ZfxbmEF9jGcj
YGujHB8HqK5p1X+IMIIcfCqbKZjqtiYX2XQVFFrOMJA/bgm7WTAAM4hXJtyoIm1b
LNrMSiRhJX4z6n0kT4pFDqCYpcAkeJZX6INNfTOGt4dDMdigRNYDXgK8S0GpmaIJ
gEg4153A2VbqEvfLoYswGf/Gxcpx8UIf+fJ7lWplMEEckswAcX3IKjAa/qS7vR+g
2hkmf2S9k1pnreYVQRYLhV3LN63wTiyb6juNyzYoRPGASuKE9jDw2rFnwCy6PLpS
366rzyXAHqrWPHnfWNjNqt2TvuRd7aq/6baTwCJf2pPOOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:35 2024 by rpki-client on console-ams.rpki-client.org