Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Mwq7qnbEa2EWuA9JBpeuSnpz2MQ.roa
File:                     Mwq7qnbEa2EWuA9JBpeuSnpz2MQ.roa (raw, json)
Hash identifier:          SMuI7NmUuKu70s91gHz28fBE/c8fLIridgik4cu/AH0=
Subject key identifier:   33:0A:BB:AA:76:C4:6B:61:16:B8:0F:49:06:97:AE:4A:7A:73:D8:C4
Certificate issuer:       /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial:       1828B3C4
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Mwq7qnbEa2EWuA9JBpeuSnpz2MQ.roa
Signing time:             Sat 16 Apr 2022 10:43:36 +0000
ROA not before:           Sat 16 Apr 2022 10:43:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211227
IP address blocks:        2a06:a005:1d::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405320644 (0x1828b3c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
        Validity
            Not Before: Apr 16 10:43:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=330abbaa76c46b6116b80f490697ae4a7a73d8c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:48:93:19:a4:f2:58:38:43:b6:ff:c0:8e:5e:
                    3c:a4:8e:75:23:52:6d:00:e0:e8:a6:72:be:69:81:
                    f6:f9:fb:a9:07:8d:69:dd:2d:20:c2:bb:f4:55:50:
                    f0:05:97:17:e5:39:92:68:ba:95:82:70:bb:51:23:
                    4b:1e:0c:63:2e:b9:cf:86:8e:cb:93:5f:b2:a9:d4:
                    8b:1f:22:9f:4c:6b:84:14:fe:70:0e:0c:a4:af:ce:
                    4a:c2:8e:ea:07:b6:de:31:26:98:f5:99:75:b7:57:
                    bf:13:41:0c:69:80:21:b4:2e:3f:f2:93:9e:66:8f:
                    01:91:42:b9:54:08:a5:5b:4f:ad:cb:c2:84:ca:39:
                    8d:3c:99:58:ba:65:67:cd:9f:42:02:60:55:07:43:
                    bf:64:e6:27:ff:f4:fd:88:1b:c2:a8:0f:87:5f:1e:
                    ad:a7:da:6c:c3:a0:18:f0:06:6e:76:35:e4:93:fc:
                    d5:fb:5a:1c:6c:a6:88:a1:eb:24:fb:d1:29:c4:33:
                    f4:ca:3c:eb:68:be:c2:f1:39:23:b3:71:aa:9d:54:
                    4e:bb:5c:f2:6c:fd:19:15:90:ec:b8:50:df:05:91:
                    84:5c:e0:74:37:88:05:a8:84:f4:82:9f:8f:dd:03:
                    cb:bf:b7:ab:7e:ad:93:f5:c0:3a:a4:36:96:d7:71:
                    e9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:0A:BB:AA:76:C4:6B:61:16:B8:0F:49:06:97:AE:4A:7A:73:D8:C4
            X509v3 Authority Key Identifier:
                keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Mwq7qnbEa2EWuA9JBpeuSnpz2MQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:11:df:0e:be:57:c6:36:94:12:87:d2:2c:19:4d:8c:39:39:
         8f:1a:87:b4:4e:7f:0a:b4:94:4c:75:49:56:c1:b5:66:8f:b5:
         d0:e5:31:89:f1:f9:3a:e4:e3:c8:2b:67:47:32:47:45:0b:c3:
         06:eb:d2:79:b8:f5:a0:90:dc:59:26:b4:69:11:c7:96:16:ee:
         ec:b7:cd:99:5c:99:72:37:b8:35:de:09:bd:b1:81:f4:61:cb:
         b9:2f:70:ed:f9:32:4c:b6:6d:d6:6b:13:d8:b4:c5:b9:1b:b8:
         c7:e4:c8:cf:e1:95:79:42:5e:ef:eb:77:51:c1:65:f7:3c:93:
         a5:5d:39:3e:6e:31:5e:9a:c8:79:00:26:92:0b:eb:f0:c2:c4:
         84:82:4b:eb:bc:7e:fb:36:c8:cf:f3:76:6d:e1:39:19:42:d6:
         d8:65:a0:5c:e7:fc:f5:3b:7d:90:3e:c4:0e:f6:c0:b0:4d:90:
         8a:f3:42:c0:a8:52:32:8a:3a:dd:27:a2:e2:1a:e7:c1:bb:99:
         d4:c5:77:1f:ee:f9:8e:07:48:cd:50:4c:44:bb:c7:b3:5e:c5:
         6c:39:e7:e3:5f:e0:e7:02:3d:25:bb:d7:b4:a7:f2:6b:6c:53:
         ed:d2:03:c8:96:12:85:4e:c6:92:0c:d2:58:40:0b:2f:cb:de:
         04:54:68:ae
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGCizxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDkxNDU0MWZkMWI5NWU3YzBhZmM4NzVmYmVmNzg3OTRmNTUzODZiMB4XDTIyMDQx
NjEwNDMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMwYWJiYWE3NmM0
NmI2MTE2YjgwZjQ5MDY5N2FlNGE3YTczZDhjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZIkxmk8lg4Q7b/wI5ePKSOdSNSbQDg6KZyvmmB9vn7qQeN
ad0tIMK79FVQ8AWXF+U5kmi6lYJwu1EjSx4MYy65z4aOy5NfsqnUix8in0xrhBT+
cA4MpK/OSsKO6ge23jEmmPWZdbdXvxNBDGmAIbQuP/KTnmaPAZFCuVQIpVtPrcvC
hMo5jTyZWLplZ82fQgJgVQdDv2TmJ//0/YgbwqgPh18erafabMOgGPAGbnY15JP8
1ftaHGymiKHrJPvRKcQz9Mo862i+wvE5I7Nxqp1UTrtc8mz9GRWQ7LhQ3wWRhFzg
dDeIBaiE9IKfj90Dy7+3q36tk/XAOqQ2ltdx6QECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQzCruqdsRrYRa4D0kGl65KenPYxDAfBgNVHSMEGDAWgBRUkUVB/RuV58Cv
yHX773h5T1U4azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZKRkZRZjBibGVmQXI4aDEtLTk0ZVU5Vk9Hcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNDY0NjMxLWNhOGUtNGM2YS1iMDkxLWQ5ZjZkOTY0MjUzNy8x
L013cTdxbmJFYTJFV3VBOUpCcGV1U25wejJNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NDY0NjMxLWNhOGUtNGM2YS1iMDkxLWQ5ZjZkOTY0MjUzNy8xL1ZKRkZRZjBibGVm
QXI4aDEtLTk0ZVU5Vk9Hcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGoAUAHTANBgkqhkiG9w0BAQsF
AAOCAQEAexHfDr5XxjaUEofSLBlNjDk5jxqHtE5/CrSUTHVJVsG1Zo+10OUxifH5
OuTjyCtnRzJHRQvDBuvSebj1oJDcWSa0aRHHlhbu7LfNmVyZcje4Nd4JvbGB9GHL
uS9w7fkyTLZt1msT2LTFuRu4x+TIz+GVeUJe7+t3UcFl9zyTpV05Pm4xXprIeQAm
kgvr8MLEhIJL67x++zbIz/N2beE5GULW2GWgXOf89Tt9kD7EDvbAsE2QivNCwKhS
Moo63Sei4hrnwbuZ1MV3H+75jgdIzVBMRLvHs17FbDnn41/g5wI9JbvXtKfya2xT
7dIDyJYShU7GkgzSWEALL8veBFRorg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:03 2023 by rpki-client on console.sobornost.net