Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvMo8mhjB-PGinfBp1zh_8bfh9Q.roa
File:                     uvMo8mhjB-PGinfBp1zh_8bfh9Q.roa (raw, json)
Hash identifier:          zEPborQD7IoqZ5D6wjpRLN7HAhagCt3HeHlGtNZa7AY=
Subject key identifier:   BA:F3:28:F2:68:63:07:E3:C6:8A:77:C1:A7:5C:E1:FF:C6:DF:87:D4
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01852A134E5ECF655ECA3FA31B7150A1D3B9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvMo8mhjB-PGinfBp1zh_8bfh9Q.roa
Signing time:             Mon 19 Dec 2022 11:09:46 +0000
ROA not before:           Mon 19 Dec 2022 11:09:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2a:13:4e:5e:cf:65:5e:ca:3f:a3:1b:71:50:a1:d3:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Dec 19 11:09:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=baf328f2686307e3c68a77c1a75ce1ffc6df87d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:55:ca:1f:ff:c2:05:15:f6:ae:77:20:f2:cf:
                    cb:22:18:2f:79:73:8f:62:be:0f:20:69:45:ba:17:
                    dd:4c:d6:09:e1:fb:fa:74:9c:56:00:e3:42:ef:c7:
                    3d:16:63:f4:e0:2a:7c:ac:20:67:d3:2a:2a:e5:9a:
                    4f:ff:f4:03:c1:f3:02:af:51:78:76:4e:1f:c1:01:
                    26:ab:50:8d:a1:5c:11:f0:cc:a7:3b:7f:03:b7:d8:
                    9c:10:ed:7e:e2:93:54:49:fc:cb:9a:5e:6e:15:1a:
                    88:c9:66:69:6e:41:ae:02:c9:bc:6c:2d:88:dc:36:
                    f9:fb:a7:d0:59:27:02:3b:3a:a6:37:9e:61:e2:e9:
                    d9:38:80:c2:4b:90:8d:10:c7:9b:f4:fb:65:a6:b6:
                    c1:59:9b:d8:9a:b1:74:d6:c4:29:c3:63:16:37:23:
                    12:a9:e8:91:9c:30:3f:24:20:55:42:db:02:b1:32:
                    79:23:87:0a:78:cd:31:d4:fc:38:8a:da:41:5d:c2:
                    04:5e:21:53:27:f5:84:cb:d2:85:4a:de:00:c4:89:
                    d3:a4:ed:1d:74:81:0e:b4:dd:ec:db:88:fe:77:bd:
                    7f:74:2f:f0:04:ce:1d:7a:d9:a9:e2:61:29:18:1f:
                    7b:04:5f:5e:c3:b3:94:b2:04:20:3f:90:c8:e6:91:
                    75:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F3:28:F2:68:63:07:E3:C6:8A:77:C1:A7:5C:E1:FF:C6:DF:87:D4
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvMo8mhjB-PGinfBp1zh_8bfh9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         3e:3d:92:80:af:e6:04:26:73:23:d9:d3:50:a7:10:21:13:47:
         d7:8d:30:b5:01:33:07:d1:93:b3:39:a4:7e:f0:e6:46:e2:77:
         ee:f1:3e:09:60:45:b7:27:cf:c0:ac:38:2b:f0:73:6a:b6:c3:
         26:6c:29:dc:fc:5d:1b:ca:5e:52:34:eb:27:0a:dd:cf:ff:25:
         c2:a5:16:c1:77:c5:d3:5e:8a:90:f0:58:52:e6:9b:be:4e:1d:
         42:ac:32:f6:c4:0a:42:db:c8:ae:0f:2d:2e:e0:98:fe:73:7c:
         52:e5:31:71:91:a4:b3:45:5e:78:7d:89:17:cb:da:94:13:e8:
         fd:cc:2f:95:c8:66:cc:63:47:5c:5d:60:d8:23:a3:15:2f:44:
         24:41:e2:c1:1d:ef:b1:64:61:4b:48:26:2c:3e:ce:9b:bc:77:
         01:05:2f:02:ec:ed:43:37:3c:d9:bb:c7:0f:44:b1:59:db:cf:
         07:ff:eb:37:a1:80:97:c7:cc:fa:0c:84:3c:9c:bd:68:1d:f1:
         d2:1b:a7:f2:1a:e6:04:43:ba:80:9d:fc:37:e7:8c:1c:c0:83:
         04:83:ec:e6:6e:06:38:ff:b1:97:d1:65:bf:41:4a:ab:8d:12:
         8a:00:2b:b8:4f:c8:8f:8b:18:0b:e0:6e:c4:f9:5e:41:9d:89:
         63:7f:a8:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUqE05ez2Veyj+jG3FQodO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE5MTEwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWYzMjhmMjY4NjMwN2UzYzY4YTc3YzFhNzVjZTFmZmM2ZGY4N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVXKH//CBRX2rncg8s/LIhgveXOP
Yr4PIGlFuhfdTNYJ4fv6dJxWAONC78c9FmP04Cp8rCBn0yoq5ZpP//QDwfMCr1F4
dk4fwQEmq1CNoVwR8MynO38Dt9icEO1+4pNUSfzLml5uFRqIyWZpbkGuAsm8bC2I
3Db5+6fQWScCOzqmN55h4unZOIDCS5CNEMeb9PtlprbBWZvYmrF01sQpw2MWNyMS
qeiRnDA/JCBVQtsCsTJ5I4cKeM0x1Pw4itpBXcIEXiFTJ/WEy9KFSt4AxInTpO0d
dIEOtN3s24j+d71/dC/wBM4detmp4mEpGB97BF9ew7OUsgQgP5DI5pF17QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrzKPJoYwfjxop3wadc4f/G34fUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdXZNbzhtaGpCLVBHaW5mQnAxemhfOGJmaDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD49koCv5gQmcyPZ01Cn
ECETR9eNMLUBMwfRk7M5pH7w5kbid+7xPglgRbcnz8CsOCvwc2q2wyZsKdz8XRvK
XlI06ycK3c//JcKlFsF3xdNeipDwWFLmm75OHUKsMvbECkLbyK4PLS7gmP5zfFLl
MXGRpLNFXnh9iRfL2pQT6P3ML5XIZsxjR1xdYNgjoxUvRCRB4sEd77FkYUtIJiw+
zpu8dwEFLwLs7UM3PNm7xw9EsVnbzwf/6zehgJfHzPoMhDycvWgd8dIbp/Ia5gRD
uoCd/DfnjBzAgwSD7OZuBjj/sZfRZb9BSquNEooAK7hPyI+LGAvgbsT5XkGdiWN/
qNk=
-----END CERTIFICATE-----
Generated at Fri May 2 00:39:53 2025 by rpki-client