Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa
File:                     Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa (raw, json)
Hash identifier:          lLUnOrXJvlTzRUpcJhvFsIotfuWhGcwKOAssLe280Kw=
Subject key identifier:   66:8F:DD:DF:E5:E7:DC:B7:37:34:A4:58:A5:8F:54:BA:12:6E:52:7D
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       7759121D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa
Signing time:             Thu 31 Mar 2022 23:09:56 +0000
ROA not before:           Thu 31 Mar 2022 23:09:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2002326045 (0x7759121d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 31 23:09:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=668fdddfe5e7dcb73734a458a58f54ba126e527d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d2:43:37:4f:54:4b:67:d9:a8:d3:60:0f:a0:
                    c9:f9:8c:52:d4:b6:c2:e1:32:d7:d8:8e:5f:d1:b3:
                    76:f2:e3:a7:2f:7f:7d:08:c4:07:e2:4d:57:ea:4d:
                    f0:c5:f5:9d:00:9c:27:c3:07:97:06:4e:d8:a3:48:
                    b0:9b:03:be:36:53:5e:96:23:8a:53:4d:07:b1:b8:
                    69:54:b4:8b:3b:93:bd:22:52:77:d1:70:39:32:09:
                    2c:1b:ea:69:5a:76:5a:31:27:ff:2c:83:b7:ba:b5:
                    d0:db:de:a6:40:af:71:9d:8c:e8:ae:57:fc:7e:8c:
                    7c:a8:1c:e5:e1:de:ee:ff:a6:a4:0b:49:4c:55:82:
                    3f:a1:a2:b9:98:98:f0:e3:81:be:a6:a5:33:bb:1d:
                    c6:88:8e:4c:57:b9:b5:92:b7:dd:18:d1:54:dc:f8:
                    3f:c6:ac:5a:1c:57:22:b1:5a:9f:39:9d:96:c8:83:
                    e8:47:ea:92:60:3a:c1:f8:87:13:37:4b:c4:df:e4:
                    cb:9f:3c:bb:5e:6a:69:fc:86:ad:83:f1:38:33:cf:
                    07:c1:74:de:d9:19:10:96:33:d8:f0:df:2e:e1:c7:
                    55:5c:94:44:a8:58:ca:aa:18:d6:78:b3:ef:4b:a1:
                    67:74:30:db:c5:cc:af:c2:63:09:a4:69:e4:36:e3:
                    62:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:8F:DD:DF:E5:E7:DC:B7:37:34:A4:58:A5:8F:54:BA:12:6E:52:7D
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:36:bd:42:89:90:64:e7:20:26:12:3d:bd:a6:9c:b9:b2:6a:
         40:03:ae:40:59:ed:d5:b7:07:5b:4a:80:6d:e4:b5:a7:d0:4d:
         00:a8:47:02:74:d7:55:8e:1c:a7:92:69:d7:d3:c2:a1:0b:64:
         97:ef:ae:87:b0:70:18:a3:41:f9:49:3d:50:67:d5:d1:e4:62:
         e8:fc:6f:1c:e9:05:5e:7b:54:e6:26:0a:f5:f8:d8:51:e5:ee:
         b6:40:ab:50:bc:a0:b9:ea:7f:e8:23:cd:0a:86:03:c3:4a:d6:
         3b:53:24:d7:5d:a5:37:ae:f6:a3:05:08:1c:7e:ce:6b:df:0a:
         25:18:ad:af:ad:41:5e:ad:e9:be:41:6a:c4:93:13:2e:b6:83:
         f0:f1:aa:aa:40:9d:66:46:7a:27:09:66:c1:8b:6f:09:a0:fb:
         10:b6:2f:d3:15:f9:ef:fd:95:79:ec:83:be:cc:87:3e:b4:34:
         a1:0a:ff:2f:20:b2:80:ec:79:66:78:8e:5f:89:13:81:4f:3a:
         33:67:ff:3a:9f:c1:16:38:6c:09:e4:54:01:e3:4c:6d:49:bd:
         a4:c5:0a:6c:95:69:d9:0b:21:67:9e:67:df:d0:10:7d:85:ac:
         a1:a5:9c:eb:43:ba:93:7d:ea:cb:f0:8f:0f:06:e3:fb:72:ca:
         16:69:50:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd1kSHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMz
MTIzMDk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4ZmRkZGZlNWU3
ZGNiNzM3MzRhNDU4YTU4ZjU0YmExMjZlNTI3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3SQzdPVEtn2ajTYA+gyfmMUtS2wuEy19iOX9GzdvLjpy9/
fQjEB+JNV+pN8MX1nQCcJ8MHlwZO2KNIsJsDvjZTXpYjilNNB7G4aVS0izuTvSJS
d9FwOTIJLBvqaVp2WjEn/yyDt7q10NvepkCvcZ2M6K5X/H6MfKgc5eHe7v+mpAtJ
TFWCP6GiuZiY8OOBvqalM7sdxoiOTFe5tZK33RjRVNz4P8asWhxXIrFanzmdlsiD
6EfqkmA6wfiHEzdLxN/ky588u15qafyGrYPxODPPB8F03tkZEJYz2PDfLuHHVVyU
RKhYyqoY1niz70uhZ3Qw28XMr8JjCaRp5DbjYu0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRmj93f5efctzc0pFilj1S6Em5SfTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1pvX2QzLVhuM0xjM05LUllwWTlVdWhKdVVuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBhNr1CiZBk5yAmEj29ppy5smpAA65AWe3Vtwdb
SoBt5LWn0E0AqEcCdNdVjhynkmnX08KhC2SX766HsHAYo0H5ST1QZ9XR5GLo/G8c
6QVee1TmJgr1+NhR5e62QKtQvKC56n/oI80KhgPDStY7UyTXXaU3rvajBQgcfs5r
3wolGK2vrUFerem+QWrEkxMutoPw8aqqQJ1mRnonCWbBi28JoPsQti/TFfnv/ZV5
7IO+zIc+tDShCv8vILKA7HlmeI5fiROBTzozZ/86n8EWOGwJ5FQB40xtSb2kxQps
lWnZCyFnnmff0BB9hayhpZzrQ7qTferL8I8PBuP7csoWaVAo
-----END CERTIFICATE-----
Generated at Thu May 1 23:31:37 2025 by rpki-client