Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa
File:                     a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa (raw, json)
Hash identifier:          mzoOycn1vcd18TWm/boromNXg8mKhYM+n+kCyCpr7h0=
Subject key identifier:   6B:54:12:E0:C6:5E:7F:05:7B:60:C0:04:6E:94:3F:17:0A:B3:F5:8F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018724E986A2CFC55B3A9FAB703F7CD76112
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa
Signing time:             Mon 27 Mar 2023 21:11:36 +0000
ROA not before:           Mon 27 Mar 2023 21:11:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:24:e9:86:a2:cf:c5:5b:3a:9f:ab:70:3f:7c:d7:61:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 27 21:11:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b5412e0c65e7f057b60c0046e943f170ab3f58f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f1:ab:1e:84:34:d7:42:de:b4:5e:dd:e8:a0:
                    bf:cd:4c:fb:7f:61:99:21:93:b4:9c:7c:34:13:6f:
                    0f:7e:26:45:1d:35:af:13:be:f8:f6:45:30:2f:cd:
                    9a:95:d7:97:53:4e:3e:53:ec:bc:b4:08:85:63:b5:
                    4c:bf:42:a6:69:93:ca:03:7c:74:ae:a4:d9:01:1f:
                    30:13:26:48:64:bc:f2:1d:20:a4:8a:94:20:bd:57:
                    55:cc:66:51:b0:59:fe:f2:76:03:df:b6:dd:5b:f3:
                    9a:55:2e:e2:0e:42:04:d7:ac:47:8f:fd:ab:5b:5d:
                    a3:fe:e1:29:bb:fc:b4:14:4e:4c:33:f2:5d:1e:58:
                    6e:91:35:87:ee:9a:1d:3a:ed:f3:44:be:b4:ad:ba:
                    58:93:3a:1b:34:1d:81:93:62:37:73:c3:bf:e4:34:
                    14:6c:ab:d2:22:e9:3b:8e:57:3c:2a:b0:51:20:a2:
                    7b:34:73:95:ad:02:02:47:12:61:18:e8:00:a4:2a:
                    60:db:40:1e:35:cc:8c:0a:7e:20:18:9a:d3:05:13:
                    29:c2:10:a8:75:f7:2d:53:8b:30:03:fe:fb:91:1a:
                    61:64:49:a1:16:03:b7:35:34:fe:9e:6d:22:41:2e:
                    3c:ee:36:5f:37:27:65:63:3a:50:22:a7:10:f5:36:
                    67:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:54:12:E0:C6:5E:7F:05:7B:60:C0:04:6E:94:3F:17:0A:B3:F5:8F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:85:c7:a3:b0:1b:75:66:be:52:ee:c9:f3:14:13:94:31:5b:
         94:27:f4:c0:7c:d5:0d:a1:ea:18:0d:98:95:19:03:10:78:64:
         47:b8:a2:bf:29:71:73:d8:21:aa:89:12:7d:b5:70:da:4c:58:
         cb:f6:c7:56:38:cc:b0:60:29:3b:37:c8:e7:02:11:21:dd:ec:
         6f:a3:05:87:05:61:81:a9:c7:2b:19:c1:6c:01:fa:4b:e4:22:
         2c:7e:d9:ac:41:13:ce:79:7f:31:e2:30:6d:df:c4:7f:4e:f7:
         05:33:d6:1d:72:52:9c:46:99:79:a1:fb:09:e4:d9:9f:38:f0:
         bd:c4:8d:97:96:c8:44:4c:4a:a0:bc:27:37:1f:6f:cf:2e:1e:
         64:40:34:c7:f2:4e:39:66:89:2e:10:a9:c4:bf:0c:e4:73:1c:
         51:43:a3:0a:06:c1:01:ea:2c:82:56:95:d2:51:76:c4:2b:e8:
         70:51:43:80:bc:07:58:45:8b:18:da:e1:45:54:bd:9a:12:8c:
         10:4e:a9:59:79:48:3a:6a:70:41:df:8c:3f:09:4b:5d:e7:4f:
         ca:b5:61:e8:6e:81:77:59:fc:4a:c8:fa:02:4b:b9:35:12:c9:
         8b:1a:b0:ac:74:29:33:d8:c9:fd:34:80:0e:3f:3b:a5:00:03:
         56:69:fc:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYck6Yaiz8VbOp+rcD9812ESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI3MjExMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU0MTJlMGM2NWU3ZjA1N2I2MGMwMDQ2ZTk0M2YxNzBhYjNmNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/GrHoQ010LetF7d6KC/zUz7f2GZ
IZO0nHw0E28PfiZFHTWvE7749kUwL82aldeXU04+U+y8tAiFY7VMv0KmaZPKA3x0
rqTZAR8wEyZIZLzyHSCkipQgvVdVzGZRsFn+8nYD37bdW/OaVS7iDkIE16xHj/2r
W12j/uEpu/y0FE5MM/JdHlhukTWH7podOu3zRL60rbpYkzobNB2Bk2I3c8O/5DQU
bKvSIuk7jlc8KrBRIKJ7NHOVrQICRxJhGOgApCpg20AeNcyMCn4gGJrTBRMpwhCo
dfctU4swA/77kRphZEmhFgO3NTT+nm0iQS487jZfNydlYzpQIqcQ9TZnvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGtUEuDGXn8Fe2DABG6UPxcKs/WPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYTFRUzRNWmVmd1Y3WU1BRWJwUV9Gd3F6OVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmFx6OwG3VmvlLuyfMU
E5QxW5Qn9MB81Q2h6hgNmJUZAxB4ZEe4or8pcXPYIaqJEn21cNpMWMv2x1Y4zLBg
KTs3yOcCESHd7G+jBYcFYYGpxysZwWwB+kvkIix+2axBE855fzHiMG3fxH9O9wUz
1h1yUpxGmXmh+wnk2Z848L3EjZeWyERMSqC8Jzcfb88uHmRANMfyTjlmiS4QqcS/
DORzHFFDowoGwQHqLIJWldJRdsQr6HBRQ4C8B1hFixja4UVUvZoSjBBOqVl5SDpq
cEHfjD8JS13nT8q1YehugXdZ/ErI+gJLuTUSyYsasKx0KTPYyf00gA4/O6UAA1Zp
/CY=
-----END CERTIFICATE-----
Generated at Fri May 2 05:34:32 2025 by rpki-client