Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa
File:                     bJDkmXjThifSjMgpZWxTUty1Rnk.roa (raw, json)
Hash identifier:          acBbmnjka0He6TyS8B2y+DOHpFwlKjaQBgwFBWGZySo=
Subject key identifier:   6C:90:E4:99:78:D3:86:27:D2:8C:C8:29:65:6C:53:52:DC:B5:46:79
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       86E4608F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa
Signing time:             Tue 24 May 2022 17:10:13 +0000
ROA not before:           Tue 24 May 2022 17:10:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
                          2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
                          2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
                          2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
                          2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2263113871 (0x86e4608f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 24 17:10:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c90e49978d38627d28cc829656c5352dcb54679
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:01:c0:7c:64:21:ed:3c:0f:8e:99:31:8b:0f:
                    e8:a6:00:db:a0:06:ee:f5:80:96:f5:0f:56:cc:95:
                    32:0a:d2:f8:14:2b:2e:ce:86:fb:82:a6:34:d4:74:
                    cb:9e:ad:63:2c:cc:ad:d5:c7:df:4b:47:88:c6:f5:
                    40:04:1d:e5:50:74:08:3d:98:c7:4b:bf:8f:23:24:
                    55:85:ed:d5:fa:89:7a:82:5e:cd:39:21:6e:cc:12:
                    f3:ce:db:2c:cc:1b:63:10:3d:1e:62:fa:60:ce:33:
                    e6:0c:11:52:f3:c4:f2:25:d2:8e:54:8b:5c:aa:40:
                    c8:e0:be:84:5b:ae:9a:fb:9a:71:f2:09:a2:a7:42:
                    6a:57:0b:65:0e:d5:18:db:04:b9:52:a4:b8:a8:17:
                    72:ca:df:1c:60:05:be:e7:14:89:0c:c2:b8:63:2d:
                    77:3a:3e:04:26:28:cb:26:8b:50:c0:dc:1b:13:fb:
                    ee:0f:ad:7f:a0:9a:52:e0:d5:a9:9a:f1:ab:27:44:
                    b9:08:8c:ef:7f:42:f9:7b:dd:5e:25:6b:94:b5:88:
                    f0:11:40:8f:ab:3a:b3:fd:89:b4:d0:11:60:98:9b:
                    e7:cb:f8:f6:fb:fe:95:45:4e:34:e6:9c:3b:65:9e:
                    3e:6f:5c:96:e8:16:04:bc:7e:6e:41:0a:95:3a:f8:
                    0c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:90:E4:99:78:D3:86:27:D2:8C:C8:29:65:6C:53:52:DC:B5:46:79
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:c2:84:3e:d2:3d:01:43:13:d8:6f:00:47:91:f4:28:3b:d7:
         83:28:98:e0:9f:77:1c:1e:c4:74:e5:ca:b1:d0:47:62:30:e3:
         2b:6f:d3:96:2c:8b:51:bc:99:18:2c:62:b0:e0:a9:9b:56:8f:
         f4:61:04:9e:64:a4:23:58:45:3f:d1:37:3f:6c:12:73:d0:c1:
         05:45:81:2b:1c:b4:b8:3b:ce:c7:a7:f5:a6:79:35:19:90:3e:
         e7:0d:30:25:c8:21:a3:ec:3e:4d:2f:f0:05:df:eb:ba:8f:72:
         b5:50:67:5a:c9:c3:70:6e:79:92:1d:f4:79:51:b2:fe:d7:72:
         28:35:b6:6f:7a:f4:91:42:b0:61:47:c0:49:65:29:35:1c:1b:
         fd:67:d6:ef:ce:6a:45:e5:4f:ad:c0:96:7c:f9:67:5d:e7:db:
         99:80:c2:cd:9c:76:25:dd:0f:81:07:2b:e6:54:30:c8:ed:e0:
         4a:55:9a:8a:40:68:b4:0e:01:51:67:b2:36:00:40:c8:4f:12:
         0b:4a:2d:91:69:d5:56:81:ba:68:1d:3c:33:63:65:4c:78:1d:
         ad:bb:e5:45:55:b7:40:d0:69:af:78:a2:aa:a1:12:62:75:94:
         cc:f2:6a:d5:5a:ef:73:3f:4b:e8:b0:d8:2f:6d:c1:ac:bb:90:
         4d:f4:40:8e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIbkYI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjQxNzEwMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZjOTBlNDk5Nzhk
Mzg2MjdkMjhjYzgyOTY1NmM1MzUyZGNiNTQ2NzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUAcB8ZCHtPA+OmTGLD+imANugBu71gJb1D1bMlTIK0vgU
Ky7OhvuCpjTUdMuerWMszK3Vx99LR4jG9UAEHeVQdAg9mMdLv48jJFWF7dX6iXqC
Xs05IW7MEvPO2yzMG2MQPR5i+mDOM+YMEVLzxPIl0o5Ui1yqQMjgvoRbrpr7mnHy
CaKnQmpXC2UO1RjbBLlSpLioF3LK3xxgBb7nFIkMwrhjLXc6PgQmKMsmi1DA3BsT
++4PrX+gmlLg1ama8asnRLkIjO9/Qvl73V4la5S1iPARQI+rOrP9ibTQEWCYm+fL
+Pb7/pVFTjTmnDtlnj5vXJboFgS8fm5BCpU6+AzpAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUbJDkmXjThifSjMgpZWxTUty1RnkwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9iSkRrbVhqVGhpZlNqTWdwWld4VFV0eTFSbmsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAZ8KEPtI9AUMT2G8AR5H0KDvXgyiY4J93HB7E
dOXKsdBHYjDjK2/TliyLUbyZGCxisOCpm1aP9GEEnmSkI1hFP9E3P2wSc9DBBUWB
Kxy0uDvOx6f1pnk1GZA+5w0wJcgho+w+TS/wBd/ruo9ytVBnWsnDcG55kh30eVGy
/tdyKDW2b3r0kUKwYUfASWUpNRwb/WfW785qReVPrcCWfPlnXefbmYDCzZx2Jd0P
gQcr5lQwyO3gSlWaikBotA4BUWeyNgBAyE8SC0otkWnVVoG6aB08M2NlTHgdrbvl
RVW3QNBpr3iiqqESYnWUzPJq1Vrvcz9L6LDYL23BrLuQTfRAjg==
-----END CERTIFICATE-----
Generated at Fri May 2 00:08:20 2025 by rpki-client