Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-cwnhpeWkVf2wMiYN2E9D0ew6Sk.roa
File:                     1-cwnhpeWkVf2wMiYN2E9D0ew6Sk.roa (raw, json)
Hash identifier:          xkEJsVxZuaNt+cmULfRivPw7x3rSJowbwXLs8gw9VA0=
Subject key identifier:   F9:CC:27:86:97:96:91:57:F6:C0:C8:98:37:61:3D:0F:47:B0:E9:29
Certificate issuer:       /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial:       09297646
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-cwnhpeWkVf2wMiYN2E9D0ew6Sk.roa
Signing time:             Sat 01 Jan 2022 12:58:43 +0000
ROA not before:           Sat 01 Jan 2022 12:58:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31483
IP address blocks:        2a02:2698:a002::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153712198 (0x9297646)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
        Validity
            Not Before: Jan  1 12:58:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f9cc278697969157f6c0c89837613d0f47b0e929
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:1d:48:7d:58:ec:17:06:6d:62:49:a7:1c:8f:
                    ab:3b:88:5e:ed:e4:4a:92:55:64:3d:29:8c:e8:e0:
                    fa:8a:9d:5b:28:83:65:d6:d6:98:e9:4f:26:17:6d:
                    9f:df:56:c0:03:71:95:8e:13:16:a0:17:1f:a6:42:
                    f5:7d:f6:8a:6a:7d:5a:82:8e:3b:31:32:6e:25:1c:
                    18:03:cf:e8:9e:69:eb:c5:c9:f9:d6:f8:b3:fa:15:
                    ec:c4:c9:53:86:cd:21:01:21:4f:0c:f7:52:b7:f3:
                    f8:39:69:85:28:1a:4f:df:19:4a:4d:43:59:37:9e:
                    fb:55:19:2e:32:f0:3b:2a:8a:96:7f:22:81:92:df:
                    0f:6d:fe:a3:54:0d:b0:af:7c:29:19:ff:4e:4c:f3:
                    f2:34:48:36:da:f6:85:67:3d:0b:ad:7e:36:8d:59:
                    6b:d6:24:da:70:d1:d4:24:17:66:11:3e:88:bc:fe:
                    ab:cc:bc:d1:a1:85:d3:6a:41:d6:1a:37:e8:46:5b:
                    c4:c4:cd:7f:c4:09:3c:bf:ae:00:d0:f9:91:27:90:
                    e1:22:f6:03:17:6f:01:74:7f:8e:a0:82:75:4b:32:
                    64:f8:7a:7e:db:77:94:b4:c2:c3:cd:2f:8f:a7:32:
                    71:6d:14:c1:c2:56:bd:2a:0f:59:6b:58:f0:34:84:
                    f8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:CC:27:86:97:96:91:57:F6:C0:C8:98:37:61:3D:0F:47:B0:E9:29
            X509v3 Authority Key Identifier:
                keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-cwnhpeWkVf2wMiYN2E9D0ew6Sk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:2698:a002::/48

    Signature Algorithm: sha256WithRSAEncryption
         b2:aa:62:f5:2c:2e:05:54:7d:49:37:85:c7:5b:92:fe:bb:9b:
         fb:f2:81:a4:42:c9:09:3a:83:d2:e2:ab:c5:b1:cc:70:ef:1a:
         4b:4a:5a:7b:3c:89:2a:76:5b:7b:a5:4b:f4:0f:65:b5:d4:b8:
         a0:37:d0:99:c1:19:a6:36:3c:87:af:8e:a6:d8:79:10:71:e7:
         b5:61:30:91:16:05:da:10:db:b7:55:35:38:3b:5c:9f:cc:c7:
         2f:1a:6f:38:49:55:47:bc:ef:41:ce:b2:ec:1e:af:7f:25:94:
         6a:2e:15:81:57:76:72:28:de:ec:52:05:f9:7b:14:77:d1:8b:
         56:6d:ec:5d:d1:13:9b:00:75:8a:70:47:00:d7:71:61:38:56:
         c9:c3:df:14:5e:7b:ec:e4:3c:e3:bd:9a:a5:f1:70:53:52:8e:
         1e:b5:e3:ae:db:21:5e:7a:b8:50:2f:b1:af:61:37:25:0a:bc:
         97:7f:43:cf:f9:e7:23:d1:10:5d:74:15:95:6c:43:de:5f:a4:
         14:ea:d9:94:98:5d:db:b6:9c:c6:d8:12:11:31:6f:ae:27:d4:
         65:d0:e2:ee:b5:9a:c0:c5:d3:36:69:f2:e1:d2:08:76:23:f4:
         90:19:9c:b4:14:36:2d:dc:3b:43:29:03:57:4c:c8:04:d9:77:
         09:45:b0:f5
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIECSl2RjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjljYzI3ODY5Nzk2
OTE1N2Y2YzBjODk4Mzc2MTNkMGY0N2IwZTkyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcdSH1Y7BcGbWJJpxyPqzuIXu3kSpJVZD0pjOjg+oqdWyiD
ZdbWmOlPJhdtn99WwANxlY4TFqAXH6ZC9X32imp9WoKOOzEybiUcGAPP6J5p68XJ
+db4s/oV7MTJU4bNIQEhTwz3Urfz+DlphSgaT98ZSk1DWTee+1UZLjLwOyqKln8i
gZLfD23+o1QNsK98KRn/Tkzz8jRINtr2hWc9C61+No1Za9Yk2nDR1CQXZhE+iLz+
q8y80aGF02pB1ho36EZbxMTNf8QJPL+uAND5kSeQ4SL2AxdvAXR/jqCCdUsyZPh6
ftt3lLTCw80vj6cycW0UwcJWvSoPWWtY8DSE+LkCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT5zCeGl5aRV/bAyJg3YT0PR7DpKTAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
LzEtY3duaHBlV2tWZjJ3TWlZTjJFOUQwZXc2U2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0
LzEwZTk2NS03NDA5LTQ0ZDgtOTUwMi1jZjBhYTNlY2FkMjgvMS9DQUs1WE9Zam5W
SnNOYTU2aml6clNLNjRLMTguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqAiaYoAIwDQYJKoZIhvcNAQEL
BQADggEBALKqYvUsLgVUfUk3hcdbkv67m/vygaRCyQk6g9Liq8WxzHDvGktKWns8
iSp2W3ulS/QPZbXUuKA30JnBGaY2PIevjqbYeRBx57VhMJEWBdoQ27dVNTg7XJ/M
xy8abzhJVUe870HOsuwer38llGouFYFXdnIo3uxSBfl7FHfRi1Zt7F3RE5sAdYpw
RwDXcWE4VsnD3xRee+zkPOO9mqXxcFNSjh61467bIV56uFAvsa9hNyUKvJd/Q8/5
5yPREF10FZVsQ95fpBTq2ZSYXdu2nMbYEhExb64n1GXQ4u61msDF0zZp8uHSCHYj
9JAZnLQUNi3cO0MpA1dMyATZdwlFsPU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:50 2025 by rpki-client