Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kkbNi-zWUCfxoAVSiCjhGb-6fs.roa
File:                     1kkbNi-zWUCfxoAVSiCjhGb-6fs.roa (raw, json)
Hash identifier:          dJT/zrzhbkc/F9NRrpAWIJ4XLOvYeHvElKWNo/ZxxVg=
Subject key identifier:   D6:49:1B:36:2F:B3:59:40:9F:C6:80:15:4A:20:A3:84:66:FE:E9:FB
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01850D84A281563366AA27D2B22973ED173A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kkbNi-zWUCfxoAVSiCjhGb-6fs.roa
Signing time:             Tue 13 Dec 2022 22:04:34 +0000
ROA not before:           Tue 13 Dec 2022 22:04:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:185:d84:491f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0d:84:a2:81:56:33:66:aa:27:d2:b2:29:73:ed:17:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Dec 13 22:04:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d6491b362fb359409fc680154a20a38466fee9fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a9:a8:8b:1b:f3:33:22:91:e3:e0:c6:9f:63:
                    d4:d6:eb:6c:fb:ac:b8:b3:b3:b6:79:da:ed:81:17:
                    95:4b:cc:c7:b6:4f:3e:92:66:16:01:a3:6f:97:67:
                    21:ea:fb:1c:7a:5d:a0:12:32:4f:77:d3:f1:d5:66:
                    dd:92:4f:21:71:ce:3d:d5:ad:fd:37:b2:5b:73:37:
                    76:6a:5b:41:63:58:24:4c:75:c8:a1:80:ea:5b:c6:
                    51:b2:00:33:0c:58:39:c8:5a:ce:f8:bf:e1:24:cd:
                    ff:9d:fd:6b:52:7e:ba:8c:79:2e:ba:ac:5b:4c:95:
                    b9:d4:77:58:09:ce:3b:53:68:48:c6:7f:e2:71:d6:
                    ef:d6:bf:bd:a3:8b:92:76:2f:42:99:01:0f:a8:58:
                    7d:7f:25:2f:d1:9b:30:4f:03:94:09:76:ae:7d:64:
                    1e:0d:cc:cc:5f:7f:64:f0:e9:d8:6a:44:0a:f2:cc:
                    56:d7:e5:84:68:84:ce:e6:d6:db:81:e9:a2:41:81:
                    bc:d2:0d:08:80:89:56:eb:b9:c1:2a:d0:c3:f5:93:
                    cc:2f:b2:97:35:a3:8e:6c:1c:a6:a8:b8:7e:cc:47:
                    05:5a:84:67:65:83:f1:ba:fe:56:55:a6:a1:64:c1:
                    e8:ff:96:ea:fc:9c:53:30:8c:3a:0d:92:3f:f7:d7:
                    e8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:49:1B:36:2F:B3:59:40:9F:C6:80:15:4A:20:A3:84:66:FE:E9:FB
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kkbNi-zWUCfxoAVSiCjhGb-6fs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:17:7e:4e:21:6e:54:9b:c3:b3:b0:9b:d1:f9:43:c7:ce:8d:
         5b:d3:04:1e:04:8e:9d:62:58:6c:85:d1:2f:71:e6:6e:a2:db:
         05:22:9b:3e:5f:3e:6d:94:ba:9d:d6:be:e8:a4:c5:e6:ec:92:
         dc:9c:bb:99:20:19:ac:b2:48:8a:dd:9d:99:55:9c:01:ad:30:
         c2:16:a8:c3:76:6e:3b:61:3b:9d:2b:bb:5e:a7:94:f7:b4:f3:
         24:79:3a:8c:1d:ec:52:20:1e:07:a1:96:96:84:52:62:d2:1b:
         94:11:45:83:96:a3:de:aa:73:78:88:27:ed:6d:d1:46:fc:4d:
         66:7f:c9:ec:b1:f1:ae:44:0f:ad:72:09:20:2e:cb:76:ce:48:
         57:e0:27:2a:5d:9c:f6:81:a7:15:d7:f8:03:83:30:89:3a:ce:
         b5:92:9e:1d:56:08:e0:89:a0:12:9f:ca:5b:85:94:76:cb:2e:
         7b:20:7c:00:fb:b9:a7:b4:26:52:49:39:75:4f:a1:e1:e1:8a:
         7e:46:1a:f8:77:62:b8:5b:72:e1:f2:4b:c0:8d:30:d7:54:c3:
         40:49:db:28:b6:60:99:7c:44:af:f6:e4:20:7b:96:87:7a:50:
         57:26:10:a0:15:a4:52:d3:47:05:9b:7d:6d:3d:c6:c0:49:79:
         ad:fe:36:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUNhKKBVjNmqifSsilz7Rc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMjIwNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ5MWIzNjJmYjM1OTQwOWZjNjgwMTU0YTIwYTM4NDY2ZmVlOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlamoixvzMyKR4+DGn2PU1uts+6y4
s7O2edrtgReVS8zHtk8+kmYWAaNvl2ch6vscel2gEjJPd9Px1Wbdkk8hcc491a39
N7Jbczd2altBY1gkTHXIoYDqW8ZRsgAzDFg5yFrO+L/hJM3/nf1rUn66jHkuuqxb
TJW51HdYCc47U2hIxn/icdbv1r+9o4uSdi9CmQEPqFh9fyUv0ZswTwOUCXaufWQe
DczMX39k8OnYakQK8sxW1+WEaITO5tbbgemiQYG80g0IgIlW67nBKtDD9ZPML7KX
NaOObBymqLh+zEcFWoRnZYPxuv5WVaahZMHo/5bq/JxTMIw6DZI/99fo5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZJGzYvs1lAn8aAFUogo4Rm/un7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMWtrYk5pLXpXVUNmeG9BVlNpQ2poR2ItNmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAsXfk4hblSbw7Owm9H5
Q8fOjVvTBB4Ejp1iWGyF0S9x5m6i2wUimz5fPm2Uup3Wvuikxebsktycu5kgGayy
SIrdnZlVnAGtMMIWqMN2bjthO50ru16nlPe08yR5Oowd7FIgHgehlpaEUmLSG5QR
RYOWo96qc3iIJ+1t0Ub8TWZ/yeyx8a5ED61yCSAuy3bOSFfgJypdnPaBpxXX+AOD
MIk6zrWSnh1WCOCJoBKfyluFlHbLLnsgfAD7uae0JlJJOXVPoeHhin5GGvh3Yrhb
cuHyS8CNMNdUw0BJ2yi2YJl8RK/25CB7lod6UFcmEKAVpFLTRwWbfW09xsBJea3+
NpY=
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:15:22 2025 by rpki-client