Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5-oVLe8ds0sEkJIorbm-7h-45rE.roa
File:                     5-oVLe8ds0sEkJIorbm-7h-45rE.roa (raw, json)
Hash identifier:          ZBWbzyI/xFfje9JC/cDmnhEc3Rn2fLWN6Ke6ArAccmE=
Subject key identifier:   E7:EA:15:2D:EF:1D:B3:4B:04:90:92:28:AD:B9:BE:EE:1F:B8:E6:B1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189A29BD0853CB89535FECDD046AA8B6017
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5-oVLe8ds0sEkJIorbm-7h-45rE.roa
Signing time:             Sat 29 Jul 2023 17:04:27 +0000
ROA not before:           Sat 29 Jul 2023 17:04:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:189:a29b:a0fb/128 maxlen: 128
                          2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a2:9b:d0:85:3c:b8:95:35:fe:cd:d0:46:aa:8b:60:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 29 17:04:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7ea152def1db34b04909228adb9beee1fb8e6b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a2:03:3a:56:ba:6a:09:f3:b9:39:a6:ca:c5:
                    b6:6c:64:37:97:d2:e5:94:42:d1:4b:e7:4b:65:49:
                    02:0c:8d:e7:65:80:75:33:e2:5c:73:9a:31:58:e8:
                    dd:d0:6a:1d:7f:a8:f3:52:aa:e5:48:4d:c8:73:06:
                    a5:ea:e9:7d:03:49:66:6e:80:45:08:48:70:5b:35:
                    fe:14:a2:00:aa:98:ca:bb:8a:c2:c6:ec:8a:89:e8:
                    a6:c6:1c:35:68:1e:b6:18:27:c7:9f:52:09:5f:8f:
                    45:da:48:d3:3f:37:94:8e:a1:0a:3e:e9:b6:39:0b:
                    3e:23:ef:5e:fc:96:b1:67:a0:59:7a:51:aa:f5:9c:
                    a9:9b:60:a6:c8:24:e0:2b:fb:24:73:fc:bc:72:8c:
                    eb:81:c6:f1:13:2d:23:15:b4:02:ab:5d:84:46:70:
                    ba:5f:88:fb:d1:0a:a0:87:52:ca:dd:f9:b6:f1:0d:
                    81:97:56:fd:81:72:53:33:ec:98:02:3d:95:11:2a:
                    7f:70:e8:d6:d3:19:d8:35:90:da:f7:ff:bd:1c:65:
                    01:6e:c2:5c:fa:4c:df:4b:fd:68:4d:5c:fb:36:22:
                    bc:49:e7:ca:85:4f:4f:cc:cc:7b:ac:bd:88:71:d4:
                    e1:51:0b:ce:bf:4f:c5:9e:39:09:ae:b9:ac:2e:a4:
                    1d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:EA:15:2D:EF:1D:B3:4B:04:90:92:28:AD:B9:BE:EE:1F:B8:E6:B1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5-oVLe8ds0sEkJIorbm-7h-45rE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:23:35:22:af:02:94:90:93:0f:9e:bd:e2:07:a1:36:7b:bd:
         c7:16:13:11:fb:c6:7b:73:00:b0:d7:bb:ad:52:6e:8c:af:31:
         b6:62:13:b9:c2:a5:8a:e9:75:96:ec:c5:ff:e3:f4:16:56:50:
         31:22:4d:fa:91:cc:65:e0:f8:9b:20:76:31:fa:03:17:85:1d:
         ea:42:8a:76:ca:c2:f2:e6:37:a5:b0:63:48:43:4b:87:ae:74:
         01:4a:17:40:2e:2c:92:6f:cc:73:c8:b9:74:f7:48:6b:8a:d4:
         1f:b5:eb:6f:4c:98:ee:94:26:f7:db:69:e1:d2:fb:01:2d:e8:
         1e:b8:bd:53:f0:2b:5a:f7:5c:eb:40:36:33:82:e5:09:b2:5d:
         56:0d:2b:3e:98:2e:4f:0d:d7:20:b7:55:9d:a9:27:c6:30:81:
         de:22:53:45:a5:71:ff:19:71:ff:1a:79:b2:c0:9c:96:f5:4e:
         d0:f8:1c:a4:8f:75:6b:ba:07:db:c5:51:74:ec:46:63:d0:fa:
         de:a5:33:59:fa:0f:28:8c:bc:35:06:c0:ad:47:db:1b:69:9b:
         a7:d3:40:11:6f:41:93:f3:10:35:c7:dd:a9:7e:32:12:37:e5:
         8f:78:15:f6:8d:04:c4:49:d1:bc:ee:2c:dc:bf:f4:7d:09:49:
         53:c2:51:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmim9CFPLiVNf7N0Eaqi2AXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI5MTcwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VhMTUyZGVmMWRiMzRiMDQ5MDkyMjhhZGI5YmVlZTFmYjhlNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqIDOla6agnzuTmmysW2bGQ3l9Ll
lELRS+dLZUkCDI3nZYB1M+Jcc5oxWOjd0Godf6jzUqrlSE3Icwal6ul9A0lmboBF
CEhwWzX+FKIAqpjKu4rCxuyKieimxhw1aB62GCfHn1IJX49F2kjTPzeUjqEKPum2
OQs+I+9e/JaxZ6BZelGq9Zypm2CmyCTgK/skc/y8cozrgcbxEy0jFbQCq12ERnC6
X4j70Qqgh1LK3fm28Q2Bl1b9gXJTM+yYAj2VESp/cOjW0xnYNZDa9/+9HGUBbsJc
+kzfS/1oTVz7NiK8SefKhU9PzMx7rL2IcdThUQvOv0/FnjkJrrmsLqQd4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOfqFS3vHbNLBJCSKK25vu4fuOaxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNS1vVkxlOGRzMHNFa0pJb3JibS03aC00NXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK4jNSKvApSQkw+eveIH
oTZ7vccWExH7xntzALDXu61SboyvMbZiE7nCpYrpdZbsxf/j9BZWUDEiTfqRzGXg
+JsgdjH6AxeFHepCinbKwvLmN6WwY0hDS4eudAFKF0AuLJJvzHPIuXT3SGuK1B+1
629MmO6UJvfbaeHS+wEt6B64vVPwK1r3XOtANjOC5QmyXVYNKz6YLk8N1yC3VZ2p
J8Ywgd4iU0Wlcf8Zcf8aebLAnJb1TtD4HKSPdWu6B9vFUXTsRmPQ+t6lM1n6DyiM
vDUGwK1H2xtpm6fTQBFvQZPzEDXH3al+MhI35Y94FfaNBMRJ0bzuLNy/9H0JSVPC
UVg=
-----END CERTIFICATE-----
Generated at Fri May 2 13:52:11 2025 by rpki-client