Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EyyUNsahx0ddcgEZQGgis40WYpQ.roa
File:                     EyyUNsahx0ddcgEZQGgis40WYpQ.roa (raw, json)
Hash identifier:          64kw/IQB6axj+wu6FsI//yoJSKMrYn6gAOowU0q9IpY=
Subject key identifier:   13:2C:94:36:C6:A1:C7:47:5D:72:01:19:40:68:22:B3:8D:16:62:94
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       66B6A3EA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EyyUNsahx0ddcgEZQGgis40WYpQ.roa
Signing time:             Mon 31 Jan 2022 19:09:21 +0000
ROA not before:           Mon 31 Jan 2022 19:09:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1723245546 (0x66b6a3ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jan 31 19:09:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=132c9436c6a1c7475d720119406822b38d166294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a1:6c:ac:79:f9:af:d8:4f:2e:7a:c5:61:6e:
                    d7:fb:e6:30:d4:23:c1:5d:09:9e:a4:d4:e6:d6:cb:
                    81:01:0f:60:98:2a:58:2c:ef:0c:e7:8d:6d:5a:4a:
                    cd:36:cc:97:a3:01:67:68:08:e4:f4:a6:26:de:0f:
                    89:e8:a3:fd:d0:22:b5:ac:d4:ff:56:91:d9:24:84:
                    b0:de:a3:20:ec:a5:7f:4e:50:c2:28:c2:26:26:12:
                    7a:9a:54:ea:b8:1f:c0:6c:69:08:45:4f:c2:e1:29:
                    ff:81:99:87:aa:b2:26:39:0b:5c:4d:53:95:2d:3c:
                    e8:ca:a5:00:15:3f:e3:d0:a4:1a:d3:bf:1c:e3:6a:
                    34:61:fe:c4:66:e8:d9:8c:d0:3c:9d:a2:70:a0:54:
                    b4:57:86:c9:76:b6:c9:f2:8a:54:aa:a5:e5:c5:47:
                    76:24:de:0d:97:95:c2:c8:fe:c6:0a:41:c6:b7:f6:
                    37:2c:5d:22:e7:18:ec:c7:5e:9b:c6:f2:5a:a2:d4:
                    9c:a9:2e:c0:d5:8b:58:11:32:12:ae:0c:e3:05:66:
                    b8:ba:80:ff:9d:7e:1c:5d:02:04:3f:5f:1a:16:61:
                    77:72:b5:4a:8f:1f:16:df:9c:c2:fe:2c:83:02:83:
                    85:af:21:f0:83:d6:4e:38:13:c5:7b:64:2f:84:f7:
                    e1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:2C:94:36:C6:A1:C7:47:5D:72:01:19:40:68:22:B3:8D:16:62:94
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EyyUNsahx0ddcgEZQGgis40WYpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:f1:b6:1a:64:89:0b:f9:6a:2e:1f:da:b2:34:4c:cb:e5:9c:
         cc:54:87:df:f9:0e:fd:1e:e5:43:eb:56:3c:85:da:6e:c2:17:
         55:46:02:31:1c:93:e1:59:76:1a:e5:a3:9d:ef:d9:db:34:e4:
         84:f2:a4:55:dd:c0:33:ac:12:9f:12:18:7e:bd:1d:1a:13:07:
         4b:ae:0a:c4:b9:dc:7d:38:97:65:b5:e2:a2:56:8f:b1:bc:86:
         89:a7:a8:da:cb:b9:7d:b2:1e:73:d9:88:69:de:ac:06:1a:64:
         f4:44:f8:75:7d:3a:09:ea:84:22:13:84:5c:49:31:df:c3:d8:
         29:9b:78:77:11:fe:e0:93:6a:be:0b:b8:4c:41:ba:3e:f2:e7:
         0d:34:e7:c8:e3:3d:a1:e5:88:ad:ea:c5:56:c7:9e:a8:50:61:
         70:c6:68:1c:e4:9f:1d:4b:37:fd:fb:b5:de:61:95:34:a6:b4:
         76:f3:4e:86:ed:27:5d:01:68:e2:b4:65:00:ed:c3:0c:c4:fb:
         42:ed:50:89:fb:61:30:86:ad:9f:6d:38:f6:be:1f:ac:43:9f:
         6d:c7:54:cd:d8:60:c1:38:34:08:ce:ca:4e:0e:9d:aa:73:0b:
         8b:1d:00:0e:6c:29:c3:aa:e8:d3:02:84:20:29:11:7c:c6:9e:
         5f:da:39:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEZraj6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDEz
MTE5MDkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMyYzk0MzZjNmEx
Yzc0NzVkNzIwMTE5NDA2ODIyYjM4ZDE2NjI5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWhbKx5+a/YTy56xWFu1/vmMNQjwV0JnqTU5tbLgQEPYJgq
WCzvDOeNbVpKzTbMl6MBZ2gI5PSmJt4Pieij/dAitazU/1aR2SSEsN6jIOylf05Q
wijCJiYSeppU6rgfwGxpCEVPwuEp/4GZh6qyJjkLXE1TlS086MqlABU/49CkGtO/
HONqNGH+xGbo2YzQPJ2icKBUtFeGyXa2yfKKVKql5cVHdiTeDZeVwsj+xgpBxrf2
NyxdIucY7Mdem8byWqLUnKkuwNWLWBEyEq4M4wVmuLqA/51+HF0CBD9fGhZhd3K1
So8fFt+cwv4sgwKDha8h8IPWTjgTxXtkL4T34VkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQTLJQ2xqHHR11yARlAaCKzjRZilDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0V5eVVOc2FoeDBkZGNnRVpRR2dpczQwV1lwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAn8bYaZIkL+WouH9qyNEzL5ZzMVIff+Q79HuVD
61Y8hdpuwhdVRgIxHJPhWXYa5aOd79nbNOSE8qRV3cAzrBKfEhh+vR0aEwdLrgrE
udx9OJdlteKiVo+xvIaJp6jay7l9sh5z2Yhp3qwGGmT0RPh1fToJ6oQiE4RcSTHf
w9gpm3h3Ef7gk2q+C7hMQbo+8ucNNOfI4z2h5Yit6sVWx56oUGFwxmgc5J8dSzf9
+7XeYZU0prR2806G7SddAWjitGUA7cMMxPtC7VCJ+2Ewhq2fbTj2vh+sQ59tx1TN
2GDBODQIzspODp2qcwuLHQAObCnDqujTAoQgKRF8xp5f2jmL
-----END CERTIFICATE-----
Generated at Fri May 2 00:40:10 2025 by rpki-client