Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/5WgH_xCsZRb4adlvDXVIIpp6ocU.roa
File:                     5WgH_xCsZRb4adlvDXVIIpp6ocU.roa (raw, json)
Hash identifier:          nhYvKu4wxzAU7QoVtR8rkZcfAXnTNDoweg5cXyMvKNU=
Subject key identifier:   E5:68:07:FF:10:AC:65:16:F8:69:D9:6F:0D:75:48:22:9A:7A:A1:C5
Certificate issuer:       /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial:       01967BE2E8A58FA6DBD0A26C9E3AA9F70F5E
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/5WgH_xCsZRb4adlvDXVIIpp6ocU.roa
Signing time:             Mon 28 Apr 2025 10:13:10 +0000
ROA not before:           Mon 28 Apr 2025 10:13:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209641
IP address blocks:        2a0a:c380::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:e2:e8:a5:8f:a6:db:d0:a2:6c:9e:3a:a9:f7:0f:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
        Validity
            Not Before: Apr 28 10:13:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e56807ff10ac6516f869d96f0d7548229a7aa1c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f4:18:82:11:dd:d7:23:fd:bc:b8:37:a0:0d:
                    d1:54:75:03:a3:81:79:df:78:b0:85:b3:1f:a5:a8:
                    09:d4:93:ca:2b:ab:a4:64:c7:f3:5f:3f:d0:30:44:
                    e8:a4:55:a4:b6:92:77:b3:51:c8:b8:bd:a2:55:7d:
                    a8:a4:ee:ab:2b:03:03:41:74:b6:12:35:d3:73:e6:
                    de:24:3f:5d:e2:39:bb:18:19:01:3c:92:4d:5c:82:
                    cb:b7:7e:50:ec:4f:38:bc:3f:83:63:74:3f:75:5d:
                    4a:9c:17:ee:ad:b5:7b:5c:64:ac:ff:db:88:ee:37:
                    7e:3a:de:5d:76:28:e6:6b:ab:55:6c:ef:96:ac:bc:
                    11:f6:96:4a:69:1b:0f:6a:a7:9e:92:49:1e:5d:b3:
                    41:6b:4c:ec:0a:1b:a2:af:f4:b4:e3:8d:73:f6:86:
                    9d:cb:73:13:41:3a:20:d3:d3:47:6b:88:54:45:bc:
                    ce:df:88:26:a1:35:a4:9a:50:62:a9:25:be:30:05:
                    d2:6f:e6:28:51:99:aa:9e:f6:27:ab:86:df:c4:07:
                    7e:87:bd:36:52:16:c9:64:d1:0c:16:ae:5b:68:d6:
                    2b:f2:45:5a:89:72:94:0b:ca:c3:d6:9b:1e:50:e7:
                    b1:ac:ec:a6:4a:c0:63:3e:5e:9c:7e:b1:f9:e0:88:
                    c9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:68:07:FF:10:AC:65:16:F8:69:D9:6F:0D:75:48:22:9A:7A:A1:C5
            X509v3 Authority Key Identifier:
                keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/5WgH_xCsZRb4adlvDXVIIpp6ocU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:c380::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:75:77:f7:b6:b1:de:6f:5f:d0:27:ea:91:b0:77:2a:81:c5:
         28:8b:18:ba:ea:46:1b:68:cb:4f:69:1c:c8:3c:5f:be:ad:e0:
         90:3c:8c:81:e5:6d:4c:61:ca:58:b8:6f:0e:db:20:7c:10:cc:
         db:d2:c8:6b:88:6e:5c:27:48:45:f7:1e:b5:f1:d6:0a:62:e9:
         4e:4e:6f:ea:00:23:e6:7f:e6:cb:1a:ea:6a:83:ef:08:70:f8:
         74:14:f8:92:ea:73:bf:34:96:1b:02:47:cb:f0:aa:6a:c2:a9:
         e3:78:4f:23:af:e9:52:0e:cd:24:6a:90:2b:a3:85:6c:85:87:
         57:ed:79:4d:25:06:f0:f8:24:64:90:c5:cd:9b:e1:87:50:27:
         95:40:19:81:10:2b:7d:9e:9a:20:71:ac:d6:ef:1b:ab:d9:27:
         cf:76:fd:48:01:82:35:93:48:0f:f8:76:c8:1d:26:58:cc:b6:
         b9:d1:d7:a5:0d:ea:e7:9e:b2:d8:5f:2e:4e:73:cf:2e:03:b1:
         c5:84:47:d0:aa:0e:db:a2:b9:aa:f4:fb:43:40:7d:93:cd:8c:
         8c:9c:80:10:c1:88:7f:f7:db:1b:7e:11:bb:6b:f9:0c:40:1d:
         99:80:12:3c:1a:da:d8:c5:4a:c0:9a:90:ab:a3:78:78:a2:81:
         e4:42:7b:ef
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZ74uilj6bb0KJsnjqp9w9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDI4MTAxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY4MDdmZjEwYWM2NTE2Zjg2OWQ5NmYwZDc1NDgyMjlhN2FhMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPQYghHd1yP9vLg3oA3RVHUDo4F5
33iwhbMfpagJ1JPKK6ukZMfzXz/QMETopFWktpJ3s1HIuL2iVX2opO6rKwMDQXS2
EjXTc+beJD9d4jm7GBkBPJJNXILLt35Q7E84vD+DY3Q/dV1KnBfurbV7XGSs/9uI
7jd+Ot5ddijma6tVbO+WrLwR9pZKaRsPaqeekkkeXbNBa0zsChuir/S0441z9oad
y3MTQTog09NHa4hURbzO34gmoTWkmlBiqSW+MAXSb+YoUZmqnvYnq4bfxAd+h702
UhbJZNEMFq5baNYr8kVaiXKUC8rD1pseUOexrOymSsBjPl6cfrH54IjJJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOVoB/8QrGUW+GnZbw11SCKaeqHFMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvNVdnSF94Q3NaUmI0YWRsdkRYVklJcHA2b2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgrDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAdHV397ax3m9f0CfqkbB3KoHFKIsYuupGG2jLT2kc
yDxfvq3gkDyMgeVtTGHKWLhvDtsgfBDM29LIa4huXCdIRfcetfHWCmLpTk5v6gAj
5n/myxrqaoPvCHD4dBT4kupzvzSWGwJHy/CqasKp43hPI6/pUg7NJGqQK6OFbIWH
V+15TSUG8PgkZJDFzZvhh1AnlUAZgRArfZ6aIHGs1u8bq9knz3b9SAGCNZNID/h2
yB0mWMy2udHXpQ3q556y2F8uTnPPLgOxxYRH0KoO26K5qvT7Q0B9k82MjJyAEMGI
f/fbG34Ru2v5DEAdmYASPBra2MVKwJqQq6N4eKKB5EJ77w==
-----END CERTIFICATE-----
Generated at Tue Jun 17 18:59:35 2025 by rpki-client