Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa
File:                     teZRdAMXcvvdSk1lMz-ou2-DOqo.roa (raw, json)
Hash identifier:          cHFG8WtP08Qp/mxS3LUuBSdf6Ty/4H3J36F3DyRk4ow=
Subject key identifier:   B5:E6:51:74:03:17:72:FB:DD:4A:4D:65:33:3F:A8:BB:6F:83:3A:AA
Certificate issuer:       /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial:       018EEF3007001E5105036DCD1889BDEBB2F2
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa
Signing time:             Thu 18 Apr 2024 03:11:25 +0000
ROA not before:           Thu 18 Apr 2024 03:11:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ef:30:07:00:1e:51:05:03:6d:cd:18:89:bd:eb:b2:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
        Validity
            Not Before: Apr 18 03:11:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b5e65174031772fbdd4a4d65333fa8bb6f833aaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2f:d7:07:83:3f:bc:ce:c2:f3:b3:3c:c8:f2:
                    aa:e7:19:7d:ad:25:38:14:e6:f6:05:56:93:3d:32:
                    bb:80:88:06:25:ff:7a:bb:bb:23:1d:d3:06:e6:f5:
                    48:00:a6:79:ba:45:a5:30:c1:ff:5f:d2:14:86:cf:
                    65:ec:c7:89:23:a0:c0:42:6a:9c:51:60:0d:db:df:
                    12:a3:44:1b:87:d2:d4:df:e2:b3:3a:da:ff:8d:2a:
                    8d:1c:08:42:6e:2c:ca:81:fa:8b:e4:25:0b:c5:98:
                    13:48:fe:84:09:19:fe:0f:3d:b3:db:3c:80:f0:96:
                    54:c4:9f:d9:ed:f1:29:30:e1:c4:0b:c1:61:87:75:
                    82:48:ce:b2:13:39:34:81:5c:f7:16:b9:34:08:e5:
                    f4:ff:eb:e9:bd:c7:da:15:1e:d1:90:ba:12:1b:13:
                    e2:82:0b:54:16:da:00:54:72:84:a9:94:dc:fa:48:
                    2b:62:4e:06:15:25:97:e6:54:b4:3c:67:d4:a9:f2:
                    04:40:e1:a7:fa:93:ad:b6:0c:04:34:e1:91:ef:59:
                    7d:41:36:14:b6:5e:21:ba:a5:1b:84:a1:03:4b:c3:
                    c9:d1:7e:42:69:3a:5c:4e:78:19:fd:c7:bb:7c:2b:
                    db:85:15:65:d5:c2:4a:6e:70:25:2e:b0:31:f2:e2:
                    90:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:E6:51:74:03:17:72:FB:DD:4A:4D:65:33:3F:A8:BB:6F:83:3A:AA
            X509v3 Authority Key Identifier:
                keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         18:c9:59:e0:2d:35:cd:97:70:5e:a6:e7:67:d6:4b:42:78:06:
         be:dc:5a:a7:52:83:81:db:5f:7b:8e:4f:26:8b:f5:59:93:17:
         85:7b:0f:22:aa:f1:5e:1b:97:d9:ac:26:35:c0:8c:0d:ac:eb:
         cc:4b:fa:6b:2f:b2:93:f7:bd:a4:0c:73:f7:8e:b1:85:94:e7:
         7d:6a:8e:77:ad:fa:80:fb:29:bb:db:cf:93:f2:0e:cf:58:50:
         01:16:e8:33:e7:a1:6c:10:68:b5:a3:7a:0e:bf:2a:00:a7:cd:
         34:9f:c0:72:81:98:a7:e9:60:51:4b:63:a8:91:ed:24:65:f0:
         3c:75:dd:d2:57:0b:e2:73:43:f3:5f:ba:d0:59:7a:1e:27:16:
         6e:f2:99:09:6e:73:86:a6:4f:d4:59:9b:a7:59:bb:fc:69:5a:
         84:6d:d8:e9:84:e0:3b:67:ff:d3:05:16:d6:e1:81:b9:01:54:
         9c:cd:ab:bd:c4:72:04:31:ee:4c:e2:30:6e:33:db:28:43:b8:
         5e:41:6b:58:90:1a:a5:77:75:c9:8e:8d:3d:c0:3c:c5:c2:64:
         fb:2f:72:fe:4f:72:88:53:f5:c0:6b:c5:a8:bc:5a:d3:f9:bb:
         fc:ed:0e:43:a9:5e:ff:a9:74:54:3b:cf:a2:45:df:00:5e:bc:
         66:aa:6b:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7vMAcAHlEFA23NGIm967LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDMxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU2NTE3NDAzMTc3MmZiZGQ0YTRkNjUzMzNmYThiYjZmODMzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi/XB4M/vM7C87M8yPKq5xl9rSU4
FOb2BVaTPTK7gIgGJf96u7sjHdMG5vVIAKZ5ukWlMMH/X9IUhs9l7MeJI6DAQmqc
UWAN298So0Qbh9LU3+KzOtr/jSqNHAhCbizKgfqL5CULxZgTSP6ECRn+Dz2z2zyA
8JZUxJ/Z7fEpMOHEC8Fhh3WCSM6yEzk0gVz3Frk0COX0/+vpvcfaFR7RkLoSGxPi
ggtUFtoAVHKEqZTc+kgrYk4GFSWX5lS0PGfUqfIEQOGn+pOttgwENOGR71l9QTYU
tl4huqUbhKEDS8PJ0X5CaTpcTngZ/ce7fCvbhRVl1cJKbnAlLrAx8uKQhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXmUXQDF3L73UpNZTM/qLtvgzqqMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvdGVaUmRBTVhjdnZkU2sxbE16LW91Mi1ET3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjJWeAtNc2XcF6m52fW
S0J4Br7cWqdSg4HbX3uOTyaL9VmTF4V7DyKq8V4bl9msJjXAjA2s68xL+msvspP3
vaQMc/eOsYWU531qjnet+oD7Kbvbz5PyDs9YUAEW6DPnoWwQaLWjeg6/KgCnzTSf
wHKBmKfpYFFLY6iR7SRl8Dx13dJXC+JzQ/NfutBZeh4nFm7ymQluc4amT9RZm6dZ
u/xpWoRt2OmE4Dtn/9MFFtbhgbkBVJzNq73EcgQx7kziMG4z2yhDuF5Ba1iQGqV3
dcmOjT3APMXCZPsvcv5PcohT9cBrxai8WtP5u/ztDkOpXv+pdFQ7z6JF3wBevGaq
ayQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:50:33 2025 by rpki-client