Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/72500f-05f5-426b-88ce-c62a23af3f67/1/xO-s4Hb9AY_lsFZsZuCUJm77tLQ.roa
File:                     xO-s4Hb9AY_lsFZsZuCUJm77tLQ.roa (raw, json)
Hash identifier:          Y2zswv4tLqLzuSIB/ewYRWLXG37G42tsdy6kYI+mbFg=
Subject key identifier:   C4:EF:AC:E0:76:FD:01:8F:E5:B0:56:6C:66:E0:94:26:6E:FB:B4:B4
Certificate issuer:       /CN=fb50683383f8f3836633f4d4230ada73ccb215cd
Certificate serial:       018553921901AA3651AA4D41A5050547DC82
Authority key identifier: FB:50:68:33:83:F8:F3:83:66:33:F4:D4:23:0A:DA:73:CC:B2:15:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-1BoM4P484NmM_TUIwrac8yyFc0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/72500f-05f5-426b-88ce-c62a23af3f67/1/xO-s4Hb9AY_lsFZsZuCUJm77tLQ.roa
Signing time:             Tue 27 Dec 2022 12:32:41 +0000
ROA not before:           Tue 27 Dec 2022 12:32:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        91.241.164.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:53:92:19:01:aa:36:51:aa:4d:41:a5:05:05:47:dc:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb50683383f8f3836633f4d4230ada73ccb215cd
        Validity
            Not Before: Dec 27 12:32:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c4eface076fd018fe5b0566c66e094266efbb4b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:67:11:9f:c7:a4:65:cb:5e:9f:2f:9d:30:ce:
                    45:99:88:f3:ac:4a:32:07:ac:09:c8:c6:dc:f9:4a:
                    2a:bb:13:93:7d:fb:80:26:ab:ee:55:e7:db:eb:8d:
                    ee:fc:3f:e3:82:80:c1:ee:d8:05:03:bf:b5:fb:83:
                    06:08:75:75:f2:ee:bb:d2:4a:ea:df:e5:a1:15:93:
                    77:19:5b:c1:06:49:51:e9:c5:44:0b:85:42:c3:6a:
                    94:b2:dc:d2:e7:54:12:1e:e9:ca:f8:d0:a0:46:e5:
                    59:ca:04:00:37:8d:67:dc:49:5d:d2:0a:e5:80:b9:
                    e6:5f:93:6b:95:5d:29:0c:c6:4d:28:7f:59:aa:1d:
                    b9:84:ca:86:94:83:db:9b:a2:5c:ec:24:e9:08:c9:
                    c2:46:98:1f:29:f3:12:28:e9:95:ce:39:3f:3e:68:
                    88:87:7a:2e:65:e9:d5:56:00:01:45:59:39:67:2e:
                    ef:0f:6e:a3:af:1c:53:5e:42:2d:38:2c:d6:15:9e:
                    ee:45:a5:bf:44:94:68:5a:64:d3:f3:42:08:83:4d:
                    8f:0b:65:00:8d:fd:55:2a:f8:1a:63:b0:ce:ef:fa:
                    bf:45:41:4b:62:63:f5:93:49:a1:3c:98:f8:9d:87:
                    92:d9:26:a4:36:0a:b9:e2:95:ea:63:60:89:20:f3:
                    c8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:EF:AC:E0:76:FD:01:8F:E5:B0:56:6C:66:E0:94:26:6E:FB:B4:B4
            X509v3 Authority Key Identifier:
                keyid:FB:50:68:33:83:F8:F3:83:66:33:F4:D4:23:0A:DA:73:CC:B2:15:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-1BoM4P484NmM_TUIwrac8yyFc0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/72500f-05f5-426b-88ce-c62a23af3f67/1/xO-s4Hb9AY_lsFZsZuCUJm77tLQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/72500f-05f5-426b-88ce-c62a23af3f67/1/1-1BoM4P484NmM_TUIwrac8yyFc0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.241.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:03:b2:c3:3b:5d:1f:4c:80:c8:50:8c:3f:04:b7:f1:25:bb:
         1b:23:b8:ed:a6:48:6d:3a:92:c6:5e:2b:93:c5:14:b5:6d:98:
         10:cf:89:63:46:e5:29:76:3f:00:23:92:f1:be:52:ce:ae:5f:
         32:81:b6:45:65:cd:b6:d4:fa:cf:b1:c8:e1:05:7a:79:57:1e:
         d2:da:12:3e:3d:b6:ef:39:d4:3f:67:11:bb:f1:94:a4:e3:f0:
         79:60:85:b3:4d:a2:0a:56:c2:90:cc:ee:bf:df:c3:5f:53:37:
         f7:47:9a:df:26:f7:d2:af:f6:67:79:2b:49:29:97:11:55:80:
         13:62:b8:f5:53:5b:88:4e:35:32:d5:cb:80:ab:6b:15:a9:e3:
         ea:fa:44:eb:f1:c2:8c:6b:32:7c:b6:e0:1e:d7:db:4e:0b:52:
         1e:6e:b2:0c:be:ac:8a:8c:42:11:0e:bc:28:d8:67:94:80:be:
         8b:64:f6:7c:fd:23:50:a7:fd:62:38:31:2d:62:c1:4d:a8:38:
         96:ce:80:ab:a7:5c:95:f6:86:e7:d0:23:b4:26:ea:40:d6:f3:
         b3:e1:3e:ce:88:d5:81:32:d0:5b:d0:9c:15:65:36:02:b8:3a:
         a0:07:da:f9:49:c1:30:0a:d3:e3:21:1a:41:50:97:11:5d:3c:
         d1:1f:31:78
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVTkhkBqjZRqk1BpQUFR9yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNTA2ODMzODNmOGYzODM2NjMzZjRkNDIzMGFkYTczY2Ni
MjE1Y2QwHhcNMjIxMjI3MTIzMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGVmYWNlMDc2ZmQwMThmZTViMDU2NmM2NmUwOTQyNjZlZmJiNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWcRn8ekZcteny+dMM5FmYjzrEoy
B6wJyMbc+UoquxOTffuAJqvuVefb643u/D/jgoDB7tgFA7+1+4MGCHV18u670krq
3+WhFZN3GVvBBklR6cVEC4VCw2qUstzS51QSHunK+NCgRuVZygQAN41n3Eld0grl
gLnmX5NrlV0pDMZNKH9Zqh25hMqGlIPbm6Jc7CTpCMnCRpgfKfMSKOmVzjk/PmiI
h3ouZenVVgABRVk5Zy7vD26jrxxTXkItOCzWFZ7uRaW/RJRoWmTT80IIg02PC2UA
jf1VKvgaY7DO7/q/RUFLYmP1k0mhPJj4nYeS2SakNgq54pXqY2CJIPPIvwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMTvrOB2/QGP5bBWbGbglCZu+7S0MB8GA1UdIwQY
MBaAFPtQaDOD+PODZjP01CMK2nPMshXNMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xQm9NNFA0ODRObU1fVFVJd3JhYzh5eUZjMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvNzI1MDBmLTA1ZjUtNDI2Yi04OGNl
LWM2MmEyM2FmM2Y2Ny8xL3hPLXM0SGI5QVlfbHNGWnNadUNVSm03N3RMUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2MvNzI1MDBmLTA1ZjUtNDI2Yi04OGNlLWM2MmEyM2FmM2Y2
Ny8xLzEtMUJvTTRQNDg0Tm1NX1RVSXdyYWM4eXlGYzAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb8aQw
DQYJKoZIhvcNAQELBQADggEBADQDssM7XR9MgMhQjD8Et/EluxsjuO2mSG06ksZe
K5PFFLVtmBDPiWNG5Sl2PwAjkvG+Us6uXzKBtkVlzbbU+s+xyOEFenlXHtLaEj49
tu851D9nEbvxlKTj8HlghbNNogpWwpDM7r/fw19TN/dHmt8m99Kv9md5K0kplxFV
gBNiuPVTW4hONTLVy4CraxWp4+r6ROvxwoxrMny24B7X204LUh5usgy+rIqMQhEO
vCjYZ5SAvotk9nz9I1Cn/WI4MS1iwU2oOJbOgKunXJX2hufQI7Qm6kDW87PhPs6I
1YEy0FvQnBVlNgK4OqAH2vlJwTAK0+MhGkFQlxFdPNEfMXg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:34 2023 by rpki-client on console.sobornost.net