Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa
File:                     NHqiKKKFBVe1WErURYW8fWXG74g.roa (raw, json)
Hash identifier:          UJz+xnzcF6Vk9OyqSZ83rPAggwV0sbVrbb92MNEJglU=
Subject key identifier:   34:7A:A2:28:A2:85:05:57:B5:58:4A:D4:45:85:BC:7D:65:C6:EF:88
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0182A84B2C8398BD21EF97582AC3B64CCF3D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa
Signing time:             Tue 16 Aug 2022 20:14:35 +0000
ROA not before:           Tue 16 Aug 2022 20:14:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
                          2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a8:4b:2c:83:98:bd:21:ef:97:58:2a:c3:b6:4c:cf:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 16 20:14:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=347aa228a2850557b5584ad44585bc7d65c6ef88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:53:b6:3d:d2:6d:32:ff:c9:c5:46:d1:32:cf:
                    21:4e:ff:7b:cd:e5:bb:57:0c:59:ea:3e:a0:37:6d:
                    05:98:8b:ad:f1:ee:8a:75:e9:cc:cc:a3:38:7b:1e:
                    36:79:ce:10:fa:86:7d:1f:46:c8:57:fc:9f:d0:68:
                    a2:a6:cf:b5:d8:3d:dd:7d:4f:f8:7d:39:b9:dd:1b:
                    51:43:0d:45:06:d3:b8:71:27:c5:d0:34:4a:bf:6b:
                    dd:30:58:a5:22:88:9c:68:f2:82:89:15:8a:5c:d1:
                    4d:84:91:b8:5d:40:e6:0a:bf:78:97:cf:dc:e4:9e:
                    54:01:f2:eb:8c:ff:d9:28:37:f3:03:6d:19:bc:d7:
                    41:ad:42:89:98:7e:8d:26:04:b4:58:b1:f9:68:ee:
                    89:96:ed:66:9c:f2:c1:83:93:a8:4d:ad:c1:64:3b:
                    51:c7:d8:94:e6:a9:3c:d2:5c:99:4a:74:0d:60:ff:
                    6d:d9:17:be:cd:ee:14:94:27:c2:c1:a9:9b:79:27:
                    f7:a6:b8:b4:78:4d:5f:43:34:83:97:57:ae:76:23:
                    b7:d0:b3:83:fe:28:ee:e3:f1:4a:71:12:ba:f1:41:
                    7c:15:54:26:7d:03:6c:d0:a5:46:da:31:dc:cb:1d:
                    39:1d:a3:1f:a6:3f:09:cb:1a:38:90:b9:70:41:e0:
                    7d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:7A:A2:28:A2:85:05:57:B5:58:4A:D4:45:85:BC:7D:65:C6:EF:88
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:41:68:0c:c0:de:64:71:36:b8:c7:81:72:c0:1f:60:83:7b:
         cb:12:cd:8a:2e:a3:6c:68:e9:6b:75:14:2c:4c:67:f2:8f:28:
         b9:4d:57:3b:d0:9e:6b:6f:d1:b9:cd:60:42:b3:b3:9a:d1:ef:
         d4:59:e7:29:11:eb:ce:65:98:59:f0:5b:f4:2d:3f:bb:86:2a:
         13:34:1b:c6:9b:03:80:59:56:de:4e:b6:48:c8:12:2a:69:73:
         85:c0:c3:9f:2c:da:be:cf:41:fa:78:66:f0:52:7f:b9:bd:1e:
         75:00:70:9b:ef:e7:c7:6b:2a:68:68:14:c7:fc:91:24:08:97:
         ef:54:fc:06:c0:00:0c:83:5d:38:0a:06:51:ce:f0:37:fb:24:
         b9:06:17:59:df:5d:51:d3:ea:e0:92:bc:e2:36:d9:d1:f3:90:
         b3:00:e9:82:be:c7:ce:9c:89:26:9e:ae:36:2d:a3:aa:0d:5c:
         e9:6a:9c:27:f7:0f:95:42:da:3c:98:89:32:53:36:45:44:62:
         b1:69:85:dd:23:97:79:41:6d:c4:db:be:6a:b4:32:7f:07:89:
         7f:8c:d7:82:5b:40:14:01:f4:5e:56:90:5e:29:b5:1f:28:14:
         77:6b:5c:61:a3:ea:21:47:56:e6:e8:68:b5:1c:9a:29:0f:84:
         7e:39:a5:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKoSyyDmL0h75dYKsO2TM89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODE2MjAxNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdhYTIyOGEyODUwNTU3YjU1ODRhZDQ0NTg1YmM3ZDY1YzZlZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lO2PdJtMv/JxUbRMs8hTv97zeW7
VwxZ6j6gN20FmIut8e6KdenMzKM4ex42ec4Q+oZ9H0bIV/yf0Giips+12D3dfU/4
fTm53RtRQw1FBtO4cSfF0DRKv2vdMFilIoicaPKCiRWKXNFNhJG4XUDmCr94l8/c
5J5UAfLrjP/ZKDfzA20ZvNdBrUKJmH6NJgS0WLH5aO6Jlu1mnPLBg5OoTa3BZDtR
x9iU5qk80lyZSnQNYP9t2Re+ze4UlCfCwambeSf3pri0eE1fQzSDl1eudiO30LOD
/iju4/FKcRK68UF8FVQmfQNs0KVG2jHcyx05HaMfpj8Jyxo4kLlwQeB9GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDR6oiiihQVXtVhK1EWFvH1lxu+IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTkhxaUtLS0ZCVmUxV0VyVVJZVzhmV1hHNzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVBaAzA3mRxNrjHgXLA
H2CDe8sSzYouo2xo6Wt1FCxMZ/KPKLlNVzvQnmtv0bnNYEKzs5rR79RZ5ykR685l
mFnwW/QtP7uGKhM0G8abA4BZVt5OtkjIEippc4XAw58s2r7PQfp4ZvBSf7m9HnUA
cJvv58drKmhoFMf8kSQIl+9U/AbAAAyDXTgKBlHO8Df7JLkGF1nfXVHT6uCSvOI2
2dHzkLMA6YK+x86ciSaerjYto6oNXOlqnCf3D5VC2jyYiTJTNkVEYrFphd0jl3lB
bcTbvmq0Mn8HiX+M14JbQBQB9F5WkF4ptR8oFHdrXGGj6iFHVuboaLUcmikPhH45
pTA=
-----END CERTIFICATE-----
Generated at Thu May 1 23:59:42 2025 by rpki-client