Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-O1ECFU6_XHIpr7gVredadTyO4s.roa
File:                     1-O1ECFU6_XHIpr7gVredadTyO4s.roa (raw, json)
Hash identifier:          eDnh5FL8H7vr/CxDMZ76gUk/XELZYSBD7wHmA2JQh38=
Subject key identifier:   F8:ED:44:08:55:3A:FD:71:C8:A6:BE:E0:56:B7:9D:69:D4:F2:3B:8B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E4F8AB320C6BD89A4683A00069C63E70
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-O1ECFU6_XHIpr7gVredadTyO4s.roa
Signing time:             Wed 15 Mar 2023 11:12:27 +0000
ROA not before:           Wed 15 Mar 2023 11:12:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e4:f8:ab:32:0c:6b:d8:9a:46:83:a0:00:69:c6:3e:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 15 11:12:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8ed4408553afd71c8a6bee056b79d69d4f23b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:66:90:66:71:24:76:c5:77:9c:b1:fa:92:c9:
                    5b:63:e0:f4:28:79:19:17:72:96:cc:ee:fa:c8:b6:
                    e4:8c:44:2b:6f:d5:1a:98:4f:1b:68:ab:18:0b:44:
                    96:f8:91:1b:64:81:ae:f9:87:2e:a7:7e:9e:c0:02:
                    0c:7f:b1:11:3d:72:4b:50:ec:f4:6a:6d:22:bc:7d:
                    a9:b2:10:4c:64:3d:6b:d2:61:62:d7:ac:c9:1b:9c:
                    21:22:a0:af:f6:c0:54:9c:9a:b4:e0:75:cd:ef:ce:
                    a5:ac:00:ec:f1:d8:67:04:5c:da:3e:70:0e:7d:4d:
                    17:41:c8:27:76:ea:3f:7f:db:6f:3f:1c:87:f9:21:
                    51:22:27:6d:70:2f:03:aa:27:00:f5:15:24:33:0e:
                    cd:30:e5:2e:fb:9d:a4:86:dd:fb:76:ba:8a:b9:26:
                    84:c2:d7:9b:90:81:b4:42:9e:0a:43:b5:21:6b:c4:
                    43:f7:d4:d8:2c:b8:c7:3e:97:ef:7a:a2:d3:d6:10:
                    b5:41:25:3d:8c:b9:56:d4:54:5a:1f:db:b7:27:ed:
                    17:8c:52:94:a0:b9:69:bb:8f:5e:f9:dc:cb:24:13:
                    f0:58:44:ba:fd:c6:3a:04:f8:71:83:ee:b7:91:d7:
                    10:20:ea:d1:a5:69:40:36:a4:b7:3f:17:4d:ee:bd:
                    84:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:ED:44:08:55:3A:FD:71:C8:A6:BE:E0:56:B7:9D:69:D4:F2:3B:8B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-O1ECFU6_XHIpr7gVredadTyO4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:62:a5:f9:50:83:66:0b:c8:b5:13:cc:9f:d1:13:52:56:92:
         3b:7e:fc:7d:93:2e:a0:8d:6b:be:c1:f7:fd:2e:be:b1:4e:51:
         0f:35:2b:4e:99:78:c6:1e:c1:19:cd:ea:69:1d:72:25:bb:51:
         51:ca:60:07:e2:39:4e:e1:65:80:22:31:23:84:80:40:87:5b:
         97:b4:0e:89:76:da:7d:52:70:21:ca:b8:5a:60:82:91:33:56:
         d6:16:45:0b:5c:99:75:04:56:d2:e4:dc:2f:2a:da:eb:ad:05:
         46:26:90:2e:92:23:0b:8e:f4:ee:4c:73:3e:d2:4c:14:c9:ab:
         86:50:34:de:10:16:35:59:85:67:f9:27:43:75:43:56:e4:a2:
         e6:92:aa:8c:10:6e:07:2c:00:be:ca:9c:c9:f0:f4:d1:21:97:
         33:92:e3:50:1a:eb:d5:1f:f5:23:45:ff:30:83:b6:39:79:80:
         3a:1d:96:f0:7e:41:4d:17:e4:9d:1b:9d:07:82:b5:a0:8f:37:
         bb:af:e2:ba:1c:a5:06:65:7b:3b:3b:60:3b:25:b6:50:18:db:
         46:9c:6e:d6:24:4b:96:2c:55:51:01:42:59:23:93:dd:0b:be:
         e1:bf:01:7c:70:62:4c:36:09:4e:da:3c:ea:54:ca:85:08:6b:
         8c:7d:14:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbk+KsyDGvYmkaDoABpxj5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE1MTExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVkNDQwODU1M2FmZDcxYzhhNmJlZTA1NmI3OWQ2OWQ0ZjIzYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2aQZnEkdsV3nLH6kslbY+D0KHkZ
F3KWzO76yLbkjEQrb9UamE8baKsYC0SW+JEbZIGu+Ycup36ewAIMf7ERPXJLUOz0
am0ivH2pshBMZD1r0mFi16zJG5whIqCv9sBUnJq04HXN786lrADs8dhnBFzaPnAO
fU0XQcgnduo/f9tvPxyH+SFRIidtcC8DqicA9RUkMw7NMOUu+52kht37drqKuSaE
wtebkIG0Qp4KQ7Uha8RD99TYLLjHPpfveqLT1hC1QSU9jLlW1FRaH9u3J+0XjFKU
oLlpu49e+dzLJBPwWES6/cY6BPhxg+63kdcQIOrRpWlANqS3PxdN7r2E3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPjtRAhVOv1xyKa+4Fa3nWnU8juLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1PMUVDRlU2X1hISXByN2dWcmVkYWRUeU80cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCoYqX5UINmC8i1E8yf
0RNSVpI7fvx9ky6gjWu+wff9Lr6xTlEPNStOmXjGHsEZzeppHXIlu1FRymAH4jlO
4WWAIjEjhIBAh1uXtA6Jdtp9UnAhyrhaYIKRM1bWFkULXJl1BFbS5NwvKtrrrQVG
JpAukiMLjvTuTHM+0kwUyauGUDTeEBY1WYVn+SdDdUNW5KLmkqqMEG4HLAC+ypzJ
8PTRIZczkuNQGuvVH/UjRf8wg7Y5eYA6HZbwfkFNF+SdG50HgrWgjze7r+K6HKUG
ZXs7O2A7JbZQGNtGnG7WJEuWLFVRAUJZI5PdC77hvwF8cGJMNglO2jzqVMqFCGuM
fRQY
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:05:07 2025 by rpki-client