Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa
File:                     1l1IJAekOO519VcTxHwn6-u9zQc.roa (raw, json)
Hash identifier:          V/l7+bTYZdTN60PUFHtM93VO4WfYcmdKe/NrUSsgjJc=
Subject key identifier:   D6:5D:48:24:07:A4:38:EE:75:F5:57:13:C4:7C:27:EB:EB:BD:CD:07
Certificate issuer:       /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial:       019602D5D313F6C0363592CCF98B58CA7B06
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa
Signing time:             Fri 04 Apr 2025 22:04:49 +0000
ROA not before:           Fri 04 Apr 2025 22:04:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:196:2d5:3ffa/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:02:d5:d3:13:f6:c0:36:35:92:cc:f9:8b:58:ca:7b:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
        Validity
            Not Before: Apr  4 22:04:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d65d482407a438ee75f55713c47c27ebebbdcd07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:4c:65:50:1f:48:12:85:55:3e:6e:b5:dc:
                    f6:a6:1c:4a:65:6a:a9:db:4a:45:b3:2a:1e:08:bc:
                    19:93:48:e1:f9:39:fa:cb:90:6d:e1:0b:0f:2a:31:
                    4e:b8:ec:da:28:40:0f:38:87:0f:4c:f5:7c:5e:f2:
                    a5:21:fd:7c:7b:22:d2:ec:2c:63:9b:8c:94:b6:36:
                    44:97:64:bd:aa:e3:8c:ad:b0:7c:42:6a:7c:e1:3e:
                    81:83:24:05:35:cb:31:87:65:e3:c3:58:a2:a7:5e:
                    2a:4d:ce:e1:3d:4a:19:43:45:e5:01:a9:b3:f8:a3:
                    1a:fe:1a:79:6e:aa:18:d8:d7:c4:71:1f:68:dd:b3:
                    67:9a:b3:b0:0b:a6:01:2f:3d:cf:ba:31:55:86:1c:
                    99:9a:27:c9:1b:1f:9f:29:36:16:ff:10:0c:19:d9:
                    34:9f:5c:ed:37:77:12:c8:24:da:27:b8:41:44:c8:
                    0e:b7:dd:01:07:2b:63:3c:8d:3f:b5:77:ff:b4:81:
                    db:4f:7b:f5:9a:f9:48:f6:a8:44:46:1c:c9:ef:56:
                    bc:b6:1a:2a:7d:b5:cf:fb:d0:2b:d2:91:90:43:a1:
                    e2:a8:1e:e4:d7:3a:fd:b4:14:af:f7:bd:a9:36:e6:
                    05:17:38:5d:11:84:09:0f:29:37:68:db:ee:da:cc:
                    dc:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5D:48:24:07:A4:38:EE:75:F5:57:13:C4:7C:27:EB:EB:BD:CD:07
            X509v3 Authority Key Identifier:
                keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:196:2d5:3ffa/128

    Signature Algorithm: sha256WithRSAEncryption
         44:a6:eb:6a:00:4b:36:3d:88:f1:44:10:1f:fc:d6:f8:0d:90:
         5b:e8:58:ec:4f:29:0b:c2:f7:60:7f:2c:c2:6f:20:66:94:37:
         cc:cb:40:49:5a:88:cc:1a:ce:25:69:78:d8:f7:6e:d4:18:bf:
         89:f2:3c:36:0a:a6:6f:af:1f:72:11:ac:db:1f:62:c8:9e:24:
         da:fb:9a:93:c6:f2:6f:6f:43:71:7c:ed:1f:9a:0e:92:47:82:
         71:4b:94:cc:b8:fb:ab:d6:f7:c5:ab:b6:52:e0:1b:24:19:bd:
         3e:3d:7a:7e:ad:3e:5f:2e:23:db:94:4a:01:13:ad:7d:28:fd:
         8c:f3:97:8d:6c:d5:64:9f:85:7b:4c:23:15:a2:d7:e5:82:fd:
         71:c7:4c:85:d7:21:b9:48:e9:8c:a7:97:26:02:3d:01:cb:b7:
         2d:59:42:35:fb:81:2f:ef:74:8e:30:13:8e:41:c5:5b:26:22:
         6c:7b:29:ab:49:54:59:74:e3:12:2c:b9:20:2c:70:1d:9f:e5:
         e1:53:cb:eb:a0:f5:ad:e4:88:ad:ca:92:34:f7:80:d1:7f:77:
         eb:b5:66:a5:e4:bd:09:40:5d:d8:ef:0e:5f:f5:34:cc:89:ba:
         13:90:2b:78:06:e8:41:ab:8a:b3:f7:a5:9c:3a:be:05:ad:bf:
         86:a3:37:71
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYC1dMT9sA2NZLM+YtYynsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDA0MjIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVkNDgyNDA3YTQzOGVlNzVmNTU3MTNjNDdjMjdlYmViYmRjZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRhMZVAfSBKFVT5utdz2phxKZWqp
20pFsyoeCLwZk0jh+Tn6y5Bt4QsPKjFOuOzaKEAPOIcPTPV8XvKlIf18eyLS7Cxj
m4yUtjZEl2S9quOMrbB8Qmp84T6BgyQFNcsxh2Xjw1iip14qTc7hPUoZQ0XlAamz
+KMa/hp5bqoY2NfEcR9o3bNnmrOwC6YBLz3PujFVhhyZmifJGx+fKTYW/xAMGdk0
n1ztN3cSyCTaJ7hBRMgOt90BBytjPI0/tXf/tIHbT3v1mvlI9qhERhzJ71a8thoq
fbXP+9Ar0pGQQ6HiqB7k1zr9tBSv972pNuYFFzhdEYQJDyk3aNvu2szcawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNZdSCQHpDjudfVXE8R8J+vrvc0HMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMWwxSUpBZWtPTzUxOVZjVHhId242LXU5elFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWAtU/+jANBgkqhkiG9w0BAQsFAAOCAQEARKbragBLNj2I8UQQH/zW+A2Q
W+hY7E8pC8L3YH8swm8gZpQ3zMtASVqIzBrOJWl42Pdu1Bi/ifI8Ngqmb68fchGs
2x9iyJ4k2vuak8byb29DcXztH5oOkkeCcUuUzLj7q9b3xau2UuAbJBm9Pj16fq0+
Xy4j25RKAROtfSj9jPOXjWzVZJ+Fe0wjFaLX5YL9ccdMhdchuUjpjKeXJgI9Acu3
LVlCNfuBL+90jjATjkHFWyYibHspq0lUWXTjEiy5ICxwHZ/l4VPL66D1reSIrcqS
NPeA0X9367VmpeS9CUBd2O8OX/U0zIm6E5AreAboQauKs/elnDq+Ba2/hqM3cQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:12:27 2025 by rpki-client