Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa
File:                     3_2DURoj1jgwzjnvQjDzTi0N-YM.roa (raw, json)
Hash identifier:          6fS/Trq1WVmccUPYD8e/XAGFlEd3h3D6mdXkUroh1yM=
Subject key identifier:   DF:FD:83:51:1A:23:D6:38:30:CE:39:EF:42:30:F3:4E:2D:0D:F9:83
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       871E51AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa
Signing time:             Wed 25 May 2022 16:09:13 +0000
ROA not before:           Wed 25 May 2022 16:09:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2266911149 (0x871e51ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 25 16:09:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dffd83511a23d63830ce39ef4230f34e2d0df983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:29:01:de:c1:97:71:6a:48:26:61:48:37:f5:
                    02:5d:31:19:08:ba:01:34:35:f8:f0:ef:63:e1:6a:
                    c1:5b:bb:46:04:ba:80:ef:29:b7:98:b3:f1:01:94:
                    0a:4f:a6:21:bd:c5:9f:04:5f:dd:5f:1d:39:73:27:
                    1e:45:29:c1:c3:bb:b9:10:83:16:3e:64:2e:ec:8f:
                    99:78:20:99:1c:6e:3d:0d:a8:4a:03:1a:bb:e6:f1:
                    0b:52:28:6e:9d:38:64:f5:0b:4d:54:e3:8f:34:49:
                    23:05:fc:8c:ec:b5:e8:fb:26:70:47:e4:17:ad:ee:
                    b2:76:68:5a:85:bd:d6:3e:68:cc:6b:f0:fd:ea:00:
                    7e:45:aa:b2:c8:d7:6f:2b:5f:17:37:61:2e:e2:1b:
                    33:be:6a:ec:83:a6:71:9a:6b:41:bd:40:42:a6:50:
                    69:29:b9:82:85:d5:c9:54:54:d2:4d:d8:37:da:56:
                    fa:7b:bc:a7:55:0f:0e:5e:56:fa:b8:1c:e0:05:a1:
                    5b:9f:ec:dc:9b:da:c1:3d:91:f1:f5:aa:2b:3c:4d:
                    30:82:43:4b:2d:4e:d8:9a:4b:b7:2f:b3:00:c7:e3:
                    a9:ac:bc:7b:88:17:db:11:a0:3b:2d:30:15:ed:b9:
                    51:a0:43:be:59:20:66:b3:69:b4:83:94:aa:25:30:
                    ee:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:FD:83:51:1A:23:D6:38:30:CE:39:EF:42:30:F3:4E:2D:0D:F9:83
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:8d:8c:e7:c5:e3:b9:52:c0:96:c7:db:7e:3b:69:99:fb:c5:
         03:6e:9e:65:15:11:e1:af:84:17:b5:3a:5c:34:9b:0f:a7:dc:
         b0:75:16:8f:86:ec:ff:c3:1c:3d:57:78:74:c1:17:17:96:1d:
         2a:90:c5:90:de:40:6a:59:55:ba:4b:7a:dd:4c:1b:cb:a9:bb:
         70:f9:48:e4:e1:fc:24:a1:ee:44:99:67:12:31:06:b3:9b:ed:
         ef:68:ed:7f:ae:07:0a:2f:14:f4:df:9b:13:26:83:3e:e5:23:
         86:54:a4:66:a5:76:d2:4e:43:bd:1f:18:6c:20:c9:5a:c7:3c:
         ee:65:74:86:47:39:8c:2d:b2:46:3e:96:87:1b:f5:3a:96:21:
         e3:79:7a:f5:93:00:e8:1f:b0:ae:dd:40:b7:58:9f:7c:4f:f2:
         96:ac:79:69:c8:4d:10:ed:30:a3:6c:ca:23:5c:f1:29:4a:a5:
         9d:a3:37:db:c2:34:d1:78:71:75:57:fd:4b:85:5a:a9:32:fb:
         b6:6b:2a:f4:f4:5d:c0:ed:16:4b:9e:cb:81:47:98:c0:8b:34:
         52:59:99:21:af:06:7f:c1:46:07:75:79:71:3b:05:96:de:85:
         f6:64:df:4b:f4:44:97:0e:85:2b:92:28:db:db:0e:22:46:b6:
         c5:e5:ee:01
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIceUa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjUxNjA5MTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGRmZmQ4MzUxMWEy
M2Q2MzgzMGNlMzllZjQyMzBmMzRlMmQwZGY5ODMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4KQHewZdxakgmYUg39QJdMRkIugE0Nfjw72PhasFbu0YE
uoDvKbeYs/EBlApPpiG9xZ8EX91fHTlzJx5FKcHDu7kQgxY+ZC7sj5l4IJkcbj0N
qEoDGrvm8QtSKG6dOGT1C01U4480SSMF/Izstej7JnBH5Bet7rJ2aFqFvdY+aMxr
8P3qAH5FqrLI128rXxc3YS7iGzO+auyDpnGaa0G9QEKmUGkpuYKF1clUVNJN2Dfa
Vvp7vKdVDw5eVvq4HOAFoVuf7Nyb2sE9kfH1qis8TTCCQ0stTtiaS7cvswDH46ms
vHuIF9sRoDstMBXtuVGgQ75ZIGazabSDlKolMO7fAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU3/2DURoj1jgwzjnvQjDzTi0N+YMwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8zXzJEVVJvajFqZ3d6am52UWpEelRpME4tWU0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAL42M58XjuVLAlsfbfjtpmfvFA26eZRUR4a+E
F7U6XDSbD6fcsHUWj4bs/8McPVd4dMEXF5YdKpDFkN5AallVukt63Uwby6m7cPlI
5OH8JKHuRJlnEjEGs5vt72jtf64HCi8U9N+bEyaDPuUjhlSkZqV20k5DvR8YbCDJ
Wsc87mV0hkc5jC2yRj6Whxv1OpYh43l69ZMA6B+wrt1At1iffE/ylqx5achNEO0w
o2zKI1zxKUqlnaM328I00XhxdVf9S4VaqTL7tmsq9PRdwO0WS57LgUeYwIs0UlmZ
Ia8Gf8FGB3V5cTsFlt6F9mTfS/RElw6FK5Io29sOIka2xeXuAQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:41:22 2025 by rpki-client