Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5hUfVNSmzMOAnilXUf5RyTX-RXA.roa
File:                     5hUfVNSmzMOAnilXUf5RyTX-RXA.roa (raw, json)
Hash identifier:          tH6TB/EYKQ6psm2dtpDtwAG0ZfprOMHJRSFB3WU8if4=
Subject key identifier:   E6:15:1F:54:D4:A6:CC:C3:80:9E:29:57:51:FE:51:C9:35:FE:45:70
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01882CD989FBE108227A5833405D2622AFC8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5hUfVNSmzMOAnilXUf5RyTX-RXA.roa
Signing time:             Thu 18 May 2023 03:13:54 +0000
ROA not before:           Thu 18 May 2023 03:13:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2c:d9:89:fb:e1:08:22:7a:58:33:40:5d:26:22:af:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 18 03:13:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6151f54d4a6ccc3809e295751fe51c935fe4570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a8:3e:8b:44:30:8e:55:4c:8c:0d:a9:2e:47:
                    5c:54:7a:86:be:fd:0c:31:c9:35:a2:ee:a9:c5:7d:
                    00:c2:d3:34:7d:32:66:26:bf:d5:3b:c3:1f:02:2f:
                    b2:49:84:f1:69:1c:b7:ee:90:ff:1b:5d:74:ec:36:
                    01:e0:c6:d2:74:3a:0a:b5:40:6a:bf:e2:6f:29:71:
                    19:50:97:9e:f3:7e:80:dd:53:9f:66:4a:58:1d:d0:
                    cd:b5:80:9a:00:cd:16:21:8a:8e:17:b9:45:e9:30:
                    25:82:f7:e3:b9:9e:98:3b:22:1b:66:5f:1f:d1:94:
                    df:ea:fe:ce:f8:d0:6e:53:fc:fe:04:f3:52:2e:2c:
                    4c:08:8f:b1:ca:dc:be:ff:99:66:92:3c:73:f6:c8:
                    34:4e:1c:5f:57:54:73:17:35:b2:99:35:02:59:36:
                    cd:12:b4:83:31:cf:a1:c8:a8:df:49:12:3d:02:4d:
                    62:a1:fc:dc:81:8d:7a:e3:e1:7e:ee:72:6a:a9:21:
                    56:d3:55:97:54:98:4d:9f:f6:0b:e0:96:c7:34:4f:
                    35:f2:ff:29:f5:6c:13:fe:44:42:ab:c7:c8:5a:e8:
                    f9:79:f3:31:57:a7:07:ac:68:6e:81:7d:60:9a:84:
                    96:d4:b9:0a:ba:23:49:dd:37:be:0d:56:99:a1:d9:
                    4a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:15:1F:54:D4:A6:CC:C3:80:9E:29:57:51:FE:51:C9:35:FE:45:70
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5hUfVNSmzMOAnilXUf5RyTX-RXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:97:72:5b:16:5a:d1:71:5e:56:6a:1d:7b:82:07:55:b7:4d:
         64:1a:9a:dd:a3:70:fb:e6:86:01:25:7c:c6:97:58:e0:a0:a4:
         23:74:81:4f:24:f7:ac:2a:b6:59:3e:c3:66:34:25:82:fd:2f:
         f4:6d:fa:86:9d:75:ca:1b:fe:18:b1:9e:c5:75:6a:46:8a:c8:
         ec:7d:aa:09:5e:2f:5b:46:fa:ed:14:1d:74:81:9b:52:37:6b:
         da:15:12:c3:3d:e7:83:51:17:6f:9c:7f:a5:4b:8b:c4:41:b2:
         0e:5a:d5:ee:8e:65:6c:84:40:2e:c0:53:36:bb:e3:ae:4f:b3:
         e2:e9:5e:bd:9c:23:7f:7a:62:71:f1:c5:c5:6c:9e:66:d4:05:
         f9:80:03:e9:3e:ec:c4:99:d9:8b:4f:bc:cd:1f:e3:f2:12:15:
         e2:5d:15:5d:d5:bb:a0:3a:58:2c:d8:11:0b:12:70:0a:19:d3:
         83:95:8f:2e:e1:0f:4d:2d:37:b2:f9:a7:72:ff:d9:d1:23:07:
         02:06:01:9b:f5:9d:a1:82:42:a1:c3:e3:a0:37:34:3e:cb:54:
         f5:8c:a1:e7:02:11:1a:24:aa:60:49:95:cd:17:76:33:fd:41:
         48:61:5c:e6:ae:05:1d:28:73:ec:38:68:48:ae:74:3f:64:85:
         95:84:e7:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgs2Yn74QgielgzQF0mIq/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE4MDMxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE1MWY1NGQ0YTZjY2MzODA5ZTI5NTc1MWZlNTFjOTM1ZmU0NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqg+i0QwjlVMjA2pLkdcVHqGvv0M
Mck1ou6pxX0AwtM0fTJmJr/VO8MfAi+ySYTxaRy37pD/G1107DYB4MbSdDoKtUBq
v+JvKXEZUJee836A3VOfZkpYHdDNtYCaAM0WIYqOF7lF6TAlgvfjuZ6YOyIbZl8f
0ZTf6v7O+NBuU/z+BPNSLixMCI+xyty+/5lmkjxz9sg0ThxfV1RzFzWymTUCWTbN
ErSDMc+hyKjfSRI9Ak1iofzcgY164+F+7nJqqSFW01WXVJhNn/YL4JbHNE818v8p
9WwT/kRCq8fIWuj5efMxV6cHrGhugX1gmoSW1LkKuiNJ3Te+DVaZodlKSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOYVH1TUpszDgJ4pV1H+Uck1/kVwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNWhVZlZOU216TU9BbmlsWFVmNVJ5VFgtUlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACOXclsWWtFxXlZqHXuC
B1W3TWQamt2jcPvmhgElfMaXWOCgpCN0gU8k96wqtlk+w2Y0JYL9L/Rt+oaddcob
/hixnsV1akaKyOx9qgleL1tG+u0UHXSBm1I3a9oVEsM954NRF2+cf6VLi8RBsg5a
1e6OZWyEQC7AUza7465Ps+LpXr2cI396YnHxxcVsnmbUBfmAA+k+7MSZ2YtPvM0f
4/ISFeJdFV3Vu6A6WCzYEQsScAoZ04OVjy7hD00tN7L5p3L/2dEjBwIGAZv1naGC
QqHD46A3ND7LVPWMoecCERokqmBJlc0XdjP9QUhhXOauBR0oc+w4aEiudD9khZWE
5+c=
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:55:27 2025 by rpki-client