Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RAdAahJoLACFyI6MRR-kt1lAgB4.roa
File:                     RAdAahJoLACFyI6MRR-kt1lAgB4.roa (raw, json)
Hash identifier:          w6ZUpr2W20TJrPrBrXB4T3EoLlY16xiYmYULh+y9rB4=
Subject key identifier:   44:07:40:6A:12:68:2C:00:85:C8:8E:8C:45:1F:A4:B7:59:40:80:1E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018853AC0EE776813447BEE21D2AF1E2AB05
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RAdAahJoLACFyI6MRR-kt1lAgB4.roa
Signing time:             Thu 25 May 2023 16:09:24 +0000
ROA not before:           Thu 25 May 2023 16:09:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:53:ac:0e:e7:76:81:34:47:be:e2:1d:2a:f1:e2:ab:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 25 16:09:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4407406a12682c0085c88e8c451fa4b75940801e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f5:6b:b2:42:41:20:e9:ff:e6:7c:ed:65:21:
                    fe:47:7d:46:de:ab:8c:d2:75:20:e2:bc:b4:4b:c0:
                    c3:13:d8:d6:b7:f5:f7:ac:2c:57:54:35:bc:ff:5e:
                    63:e8:91:f6:a1:3c:4f:95:e3:ad:ed:0f:26:bb:7f:
                    c2:c1:45:bc:65:77:73:54:a4:40:93:0e:6a:02:cb:
                    70:31:c0:82:ab:1f:84:43:7e:86:0f:de:d1:79:fa:
                    0f:82:4c:97:c8:50:98:ad:72:83:e1:03:7c:d2:d1:
                    f2:43:cc:61:43:bd:db:0f:28:24:65:c1:ec:b8:9a:
                    08:36:22:af:6c:7f:0b:c2:d5:4d:02:b8:c5:56:e6:
                    9d:3f:74:32:5d:ac:94:80:1e:78:92:aa:b8:7e:da:
                    71:a1:c4:38:4b:01:20:fd:c8:49:1f:97:d8:a6:b0:
                    30:3a:e2:6a:58:7a:1c:3a:e2:9f:c3:a2:b0:02:19:
                    e5:14:d7:01:7a:1e:0d:01:36:e6:9b:53:6a:0d:de:
                    40:07:fe:72:4c:cc:e5:fb:1e:ee:1a:43:38:46:a9:
                    28:5f:4a:6d:5d:56:fc:bd:01:96:39:16:27:82:1c:
                    ed:53:5f:1e:c0:cc:9d:34:f0:a6:5b:4e:f8:0e:49:
                    77:69:e0:b9:62:e7:93:a2:ee:45:b4:e1:da:b7:5d:
                    1e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:07:40:6A:12:68:2C:00:85:C8:8E:8C:45:1F:A4:B7:59:40:80:1E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RAdAahJoLACFyI6MRR-kt1lAgB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:0c:d2:e1:64:24:d2:50:15:f5:db:1e:0f:c9:6e:f0:2d:68:
         b6:b3:ee:eb:f9:a5:64:83:8f:dd:33:fb:e7:f6:c3:d9:40:9f:
         74:77:5a:dc:a7:d7:66:25:99:88:7a:49:1f:53:a3:36:d4:ba:
         6d:a7:01:48:16:91:19:a6:b1:3d:01:e0:87:0c:0f:01:26:5c:
         39:60:87:ef:1f:54:d8:99:92:b3:35:4e:a0:12:bf:51:fe:49:
         00:f5:38:b0:50:85:a8:aa:ba:a1:ff:2e:1d:4c:30:71:14:cd:
         00:12:3c:03:c3:2b:a1:f5:2a:83:5b:03:ec:37:32:87:db:96:
         34:5c:bc:5f:06:58:bd:51:34:8a:ac:c7:da:a8:ba:fa:69:27:
         37:b2:4f:c6:b1:c8:59:23:cb:e0:42:f9:5e:1a:80:bd:9c:49:
         98:7a:b1:3e:a6:7e:c0:29:1b:45:f9:85:46:b7:22:d5:05:ab:
         3f:33:fb:ae:0d:59:2d:10:06:46:4c:5b:0b:c0:5b:b5:40:76:
         a5:ad:13:90:22:42:81:c9:03:be:a2:ac:82:d8:db:01:80:20:
         a5:50:1c:73:d4:6a:86:e5:8f:03:c1:3f:b2:cf:b4:40:a2:70:
         10:a0:08:b4:8a:ef:cd:f6:de:26:a2:5c:b8:29:02:58:c7:fa:
         3f:28:88:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhTrA7ndoE0R77iHSrx4qsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI1MTYwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDA3NDA2YTEyNjgyYzAwODVjODhlOGM0NTFmYTRiNzU5NDA4MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfVrskJBIOn/5nztZSH+R31G3quM
0nUg4ry0S8DDE9jWt/X3rCxXVDW8/15j6JH2oTxPleOt7Q8mu3/CwUW8ZXdzVKRA
kw5qAstwMcCCqx+EQ36GD97RefoPgkyXyFCYrXKD4QN80tHyQ8xhQ73bDygkZcHs
uJoINiKvbH8LwtVNArjFVuadP3QyXayUgB54kqq4ftpxocQ4SwEg/chJH5fYprAw
OuJqWHocOuKfw6KwAhnlFNcBeh4NATbmm1NqDd5AB/5yTMzl+x7uGkM4RqkoX0pt
XVb8vQGWORYnghztU18ewMydNPCmW074Dkl3aeC5YueTou5FtOHat10eSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEQHQGoSaCwAhciOjEUfpLdZQIAeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUkFkQWFoSm9MQUNGeUk2TVJSLWt0MWxBZ0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFQM0uFkJNJQFfXbHg/J
bvAtaLaz7uv5pWSDj90z++f2w9lAn3R3Wtyn12YlmYh6SR9TozbUum2nAUgWkRmm
sT0B4IcMDwEmXDlgh+8fVNiZkrM1TqASv1H+SQD1OLBQhaiquqH/Lh1MMHEUzQAS
PAPDK6H1KoNbA+w3MofbljRcvF8GWL1RNIqsx9qouvppJzeyT8axyFkjy+BC+V4a
gL2cSZh6sT6mfsApG0X5hUa3ItUFqz8z+64NWS0QBkZMWwvAW7VAdqWtE5AiQoHJ
A76irILY2wGAIKVQHHPUaobljwPBP7LPtECicBCgCLSK78323iaiXLgpAljH+j8o
iL8=
-----END CERTIFICATE-----
Generated at Fri May 2 00:08:09 2025 by rpki-client