Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS47272.roa
File:                     AS47272.roa (raw, json)
Hash identifier:          5ZuHPzgnHuncWFbkOaNrXOzk2/gnybgFLhx/mJvzaZg=
Subject key identifier:   CB:BC:E8:F5:50:52:A4:B3:07:BF:1A:5F:BA:4F:4F:1F:87:A8:89:FC
Certificate issuer:       /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial:       0277B541B74909937F3BDFCE50B5350C20BA2555
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS47272.roa
Signing time:             Wed 02 Jul 2025 16:17:36 +0000
ROA not before:           Wed 02 Jul 2025 16:12:36 +0000
ROA not after:            Wed 01 Jul 2026 16:17:36 +0000
asID:                     47272
IP address blocks:        2a05:dfc3:f500::/40 maxlen: 48
                          2a05:dfc3:fd24::/48 maxlen: 48
                          2a06:1281:1000::/36 maxlen: 36
                          2a09:54c6::/36 maxlen: 36
                          2a0a:6044:10::/48 maxlen: 48
                          2a0f:6280:a::/48 maxlen: 48
                          2a0f:6280:10::/48 maxlen: 128
                          2a0f:6280:11::/48 maxlen: 128
                          2a0f:6280:12::/48 maxlen: 128
                          2a0f:6280:13::/48 maxlen: 128
                          2a0f:6280:14::/48 maxlen: 48
                          2a0f:6280:15::/48 maxlen: 128
                          2a0f:6280:16::/48 maxlen: 128
                          2a0f:6280:17::/48 maxlen: 128
                          2a0f:6280:18::/48 maxlen: 128
                          2a0f:6280:19::/48 maxlen: 128
                          2a0f:6280:1a::/48 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:77:b5:41:b7:49:09:93:7f:3b:df:ce:50:b5:35:0c:20:ba:25:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
        Validity
            Not Before: Jul  2 16:12:36 2025 GMT
            Not After : Jul  1 16:17:36 2026 GMT
        Subject: CN=CBBCE8F55052A4B307BF1A5FBA4F4F1F87A889FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fd:d0:27:47:cb:61:d2:70:00:1f:5f:bb:e5:
                    9d:30:15:96:2d:b9:c5:b5:bf:52:8a:71:3d:35:a2:
                    f9:b7:dc:cf:d3:03:77:64:51:86:8e:77:56:f3:38:
                    25:8d:49:97:51:97:df:92:96:cd:af:11:d4:02:13:
                    43:35:bf:18:76:8f:4a:c9:0d:db:e7:83:5e:f1:34:
                    da:e2:71:8c:86:52:20:43:24:5d:aa:d0:b4:c4:dd:
                    29:8c:10:f7:67:05:5b:b3:d5:ec:38:1f:bd:4c:11:
                    01:dc:4f:d1:49:ea:32:13:2d:ef:52:17:5a:50:1e:
                    86:80:3b:97:92:5c:53:fd:a3:84:7b:0a:5f:40:b8:
                    31:cb:65:e9:9d:13:3e:82:a6:7d:cb:6d:88:fa:cd:
                    af:15:80:58:86:92:e4:81:05:98:0d:af:05:7a:51:
                    5d:59:f2:f2:87:1f:37:eb:ac:76:ee:d8:72:71:1b:
                    00:fd:5e:5d:e5:06:b2:d4:60:c1:6e:42:b7:23:97:
                    6e:f1:15:38:1c:d9:e6:c3:20:cc:15:14:8e:bd:34:
                    90:ea:0f:92:72:b1:d6:f5:21:09:9a:c5:42:d2:c6:
                    cf:71:9d:e5:5c:1c:28:b5:f1:20:44:0e:19:e4:c7:
                    d1:85:ae:f8:c6:75:8e:fe:a1:d5:20:56:7a:41:72:
                    2a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:BC:E8:F5:50:52:A4:B3:07:BF:1A:5F:BA:4F:4F:1F:87:A8:89:FC
            X509v3 Authority Key Identifier:
                keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS47272.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc3:f500::/40
                  2a05:dfc3:fd24::/48
                  2a06:1281:1000::/36
                  2a09:54c6::/36
                  2a0a:6044:10::/48
                  2a0f:6280:a::/48
                  2a0f:6280:10::-2a0f:6280:1a:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a6:b5:7a:6d:39:2e:2b:71:3d:79:e3:b0:86:7d:97:c5:10:e2:
         7c:5a:00:6e:01:05:c8:ae:1c:bb:63:cd:06:59:f7:5b:8d:73:
         ba:96:b8:10:aa:85:87:57:2b:94:0a:a7:33:ee:4b:23:1b:36:
         4a:e1:56:de:a8:82:15:64:a3:ef:89:27:e4:58:ec:e1:d1:19:
         bd:18:6a:e6:16:1a:b4:42:f5:09:a4:06:fd:c1:dc:41:75:45:
         34:0b:50:f4:a2:8a:75:8d:f1:07:6d:24:52:41:5a:b2:81:25:
         ea:76:6c:fa:4b:4d:3e:f9:24:7b:0d:24:d6:69:42:73:76:74:
         a7:10:70:fe:0e:96:6e:41:69:fd:fe:c1:78:6d:c5:68:9d:83:
         e9:e5:21:5e:b8:0b:82:75:9a:2f:33:43:85:e9:85:99:99:99:
         c0:d2:e1:49:03:cc:d3:0c:05:51:3e:c0:e6:20:2b:4b:6b:91:
         ca:7f:c2:39:cd:20:7b:c7:4c:59:52:20:dc:ef:74:02:ef:ef:
         46:98:8c:51:c3:1c:27:7b:34:0d:57:18:d1:35:cf:c3:6e:cb:
         c9:b5:a0:3c:1d:9c:dd:d9:01:26:ad:6e:c4:5e:1d:0e:bb:0b:
         e5:b2:b0:c1:fd:56:36:08:b9:c8:46:e1:33:0e:12:10:fb:21:
         e7:fb:75:b0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUAne1QbdJCZN/O9/OULU1DCC6JVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA3MDIxNjEyMzZaFw0yNjA3MDExNjE3MzZaMDMxMTAvBgNV
BAMTKENCQkNFOEY1NTA1MkE0QjMwN0JGMUE1RkJBNEY0RjFGODdBODg5RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT/dAnR8th0nAAH1+75Z0wFZYt
ucW1v1KKcT01ovm33M/TA3dkUYaOd1bzOCWNSZdRl9+Sls2vEdQCE0M1vxh2j0rJ
Ddvng17xNNricYyGUiBDJF2q0LTE3SmMEPdnBVuz1ew4H71MEQHcT9FJ6jITLe9S
F1pQHoaAO5eSXFP9o4R7Cl9AuDHLZemdEz6Cpn3LbYj6za8VgFiGkuSBBZgNrwV6
UV1Z8vKHHzfrrHbu2HJxGwD9Xl3lBrLUYMFuQrcjl27xFTgc2ebDIMwVFI69NJDq
D5Jysdb1IQmaxULSxs9xneVcHCi18SBEDhnkx9GFrvjGdY7+odUgVnpBciqHAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUy7zo9VBSpLMHvxpfuk9PH4eoifwwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y3OTQ4NzM4LTMyNTUt
NDlmOS05YjZjLTljOWYzODk4OTk1ZC8zL0FTNDcyNzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYAYIKwYBBQUHAQcBAf8EUTBPME0EAgACMEcDBgAqBd/D
9QMHACoF38P9JAMGBCoGEoEQAwYEKglUxgADBwAqCmBEABADBwAqD2KAAAowEgMH
BCoPYoAAEAMHACoPYoAAGjANBgkqhkiG9w0BAQsFAAOCAQEAprV6bTkuK3E9eeOw
hn2XxRDifFoAbgEFyK4cu2PNBln3W41zupa4EKqFh1crlAqnM+5LIxs2SuFW3qiC
FWSj74kn5Fjs4dEZvRhq5hYatEL1CaQG/cHcQXVFNAtQ9KKKdY3xB20kUkFasoEl
6nZs+ktNPvkkew0k1mlCc3Z0pxBw/g6WbkFp/f7BeG3FaJ2D6eUhXrgLgnWaLzND
hemFmZmZwNLhSQPM0wwFUT7A5iArS2uRyn/COc0ge8dMWVIg3O90Au/vRpiMUcMc
J3s0DVcY0TXPw27LybWgPB2c3dkBJq1uxF4dDrsL5bKwwf1WNgi5yEbhMw4SEPsh
5/t1sA==
-----END CERTIFICATE-----