Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa
File:                     i2gmhmGJkhBwDuj7ueqvBEySqf8.roa (raw, json)
Hash identifier:          AzwoIIQUmoXCJQ1RQ7x77vVZlkQC8TExd1Gc9iOAtjI=
Subject key identifier:   8B:68:26:86:61:89:92:10:70:0E:E8:FB:B9:EA:AF:04:4C:92:A9:FF
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0185A9BEB5F1C5B6A82E0A178AD56FEDF445
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa
Signing time:             Fri 13 Jan 2023 06:08:45 +0000
ROA not before:           Fri 13 Jan 2023 06:08:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a9:be:b5:f1:c5:b6:a8:2e:0a:17:8a:d5:6f:ed:f4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jan 13 06:08:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b68268661899210700ee8fbb9eaaf044c92a9ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:66:9f:c9:1b:a2:15:43:20:56:95:b3:42:9d:
                    13:dd:b7:e9:14:61:cc:54:e3:6a:c6:9c:53:86:de:
                    84:df:3c:fb:fe:f8:64:1b:60:58:ed:58:92:b1:51:
                    68:2f:ea:10:3a:ba:81:1c:e3:a8:66:91:6d:e5:e4:
                    26:5d:88:3d:31:3f:bd:c6:91:0a:20:63:14:33:1c:
                    80:7b:58:40:4b:c5:25:2e:05:97:ab:22:45:1b:0b:
                    ca:7e:c4:ff:93:da:70:b7:f6:88:55:30:26:70:00:
                    e0:99:6c:dc:2b:d9:57:e3:3c:89:2d:37:43:25:41:
                    24:b0:5f:7b:cc:ce:3a:9a:39:1b:c6:69:f8:ff:64:
                    10:86:6e:8c:b2:3e:1a:c4:57:8a:6d:c4:65:b6:ff:
                    22:5f:00:86:02:0d:85:02:0b:4e:65:58:43:89:50:
                    a0:dd:a5:30:67:38:ba:0b:0d:b3:e6:5a:d6:ce:4d:
                    fa:cc:a0:5a:ab:cc:76:17:31:42:ee:20:3b:cc:ae:
                    27:f8:9d:5a:8d:cd:80:1e:1f:a0:16:5a:53:7c:de:
                    6e:64:06:07:12:00:94:41:6a:62:2b:44:73:48:ee:
                    cb:da:03:4d:74:f2:41:ed:3e:36:dd:62:79:9c:00:
                    07:82:b6:8e:6d:bf:f3:cc:d6:43:8e:78:ab:1b:b1:
                    e3:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:68:26:86:61:89:92:10:70:0E:E8:FB:B9:EA:AF:04:4C:92:A9:FF
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:0a:b9:81:cb:94:18:e1:e5:d3:d7:d1:02:ec:29:68:dc:69:
         c9:dc:c6:d0:b7:2f:dc:ac:12:fe:68:9c:c6:85:46:01:54:2f:
         2b:53:fb:14:35:b8:cf:b2:d1:37:0e:39:04:c1:8c:24:cf:4f:
         15:51:13:9b:74:10:ac:f8:44:12:03:50:b7:a1:45:b9:34:52:
         7b:ee:0e:2b:73:41:ba:5e:f0:8e:08:7c:be:7b:40:fb:34:05:
         10:86:e4:8a:3c:72:c6:ed:23:5a:67:76:35:98:08:32:14:0a:
         2c:28:da:26:ae:b4:2b:6f:bd:41:03:61:23:f5:3d:e9:a9:78:
         24:11:cb:e2:4c:d3:b4:63:24:a2:0b:f8:2d:e3:61:73:d0:36:
         49:95:62:0a:a2:55:1b:a0:e2:c1:ac:5e:9f:8b:7f:34:0a:c5:
         c0:06:b7:06:5c:ea:6f:d6:3c:ca:9d:e8:87:68:cd:77:88:02:
         a7:2d:32:87:ed:19:0a:fd:d0:a8:3b:8d:fd:27:cf:98:81:c1:
         11:a3:1c:ea:8f:cb:49:66:53:ba:13:38:cd:c1:a2:0d:38:94:
         97:58:90:85:b4:64:97:d1:ff:f2:62:77:70:af:54:81:e8:d6:
         05:2a:25:43:be:a4:1d:ff:78:5a:68:4a:c3:ce:62:f3:23:6b:
         00:11:da:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWpvrXxxbaoLgoXitVv7fRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEzMDYwODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY4MjY4NjYxODk5MjEwNzAwZWU4ZmJiOWVhYWYwNDRjOTJhOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGafyRuiFUMgVpWzQp0T3bfpFGHM
VONqxpxTht6E3zz7/vhkG2BY7ViSsVFoL+oQOrqBHOOoZpFt5eQmXYg9MT+9xpEK
IGMUMxyAe1hAS8UlLgWXqyJFGwvKfsT/k9pwt/aIVTAmcADgmWzcK9lX4zyJLTdD
JUEksF97zM46mjkbxmn4/2QQhm6Msj4axFeKbcRltv8iXwCGAg2FAgtOZVhDiVCg
3aUwZzi6Cw2z5lrWzk36zKBaq8x2FzFC7iA7zK4n+J1ajc2AHh+gFlpTfN5uZAYH
EgCUQWpiK0RzSO7L2gNNdPJB7T423WJ5nAAHgraObb/zzNZDjnirG7HjFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFItoJoZhiZIQcA7o+7nqrwRMkqn/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaTJnbWhtR0praEJ3RHVqN3VlcXZCRXlTcWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwKuYHLlBjh5dPX0QLs
KWjcacncxtC3L9ysEv5onMaFRgFULytT+xQ1uM+y0TcOOQTBjCTPTxVRE5t0EKz4
RBIDULehRbk0UnvuDitzQbpe8I4IfL57QPs0BRCG5Io8csbtI1pndjWYCDIUCiwo
2iautCtvvUEDYSP1PempeCQRy+JM07RjJKIL+C3jYXPQNkmVYgqiVRug4sGsXp+L
fzQKxcAGtwZc6m/WPMqd6IdozXeIAqctMoftGQr90Kg7jf0nz5iBwRGjHOqPy0lm
U7oTOM3Bog04lJdYkIW0ZJfR//Jid3CvVIHo1gUqJUO+pB3/eFpoSsPOYvMjawAR
2lw=
-----END CERTIFICATE-----
Generated at Fri May 2 02:35:31 2025 by rpki-client