Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8RZs1u6YRhbLISmVM9YeCZBejew.roa
File:                     8RZs1u6YRhbLISmVM9YeCZBejew.roa (raw, json)
Hash identifier:          66SWZunWhN49cXFcvX5YGDa8rbWCb4Ej7+IC9daChOo=
Subject key identifier:   F1:16:6C:D6:EE:98:46:16:CB:21:29:95:33:D6:1E:09:90:5E:8D:EC
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       77F5A3DE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8RZs1u6YRhbLISmVM9YeCZBejew.roa
Signing time:             Sun 03 Apr 2022 03:11:19 +0000
ROA not before:           Sun 03 Apr 2022 03:11:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2012586974 (0x77f5a3de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  3 03:11:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1166cd6ee984616cb21299533d61e09905e8dec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:87:d3:4c:ac:cd:e1:25:be:aa:14:b5:ef:24:
                    70:7b:71:44:ef:ac:90:c2:28:dd:b1:7d:66:80:bb:
                    57:76:e1:9e:d7:02:fa:b4:b4:43:28:aa:30:8e:27:
                    d1:d6:34:64:68:b7:e0:7b:c7:e6:1d:91:b7:ca:cd:
                    1a:28:10:75:19:ec:ab:26:27:12:0b:e0:a8:72:60:
                    1d:68:37:76:c5:63:0f:10:50:a2:06:57:30:b3:8a:
                    35:93:6a:21:b6:86:c5:00:85:0e:ed:85:2f:90:56:
                    95:a6:a5:b8:e8:00:2f:38:49:27:01:62:d8:21:ca:
                    45:68:55:39:e8:03:c4:b7:56:ec:c6:2f:9f:0d:61:
                    7e:2e:82:ad:76:ae:e5:67:19:a4:36:80:07:25:a7:
                    3a:59:57:ef:c0:1c:e1:55:ce:de:b6:6c:c3:a0:07:
                    e4:8b:d6:be:b1:2d:b8:ba:12:92:91:4b:3e:9d:36:
                    0b:8e:5a:e0:d7:53:fe:0b:5c:68:70:cf:5a:24:49:
                    92:5e:c4:35:2f:39:91:ed:4f:4e:24:92:60:88:fd:
                    bb:e7:46:04:a2:6a:6e:c7:0f:01:4d:e2:7a:26:b4:
                    5e:72:c1:44:1d:59:e7:d3:27:3f:b4:24:0a:1b:f2:
                    20:53:60:50:ae:18:1b:09:bf:6b:7b:01:fb:9b:67:
                    f0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:16:6C:D6:EE:98:46:16:CB:21:29:95:33:D6:1E:09:90:5E:8D:EC
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8RZs1u6YRhbLISmVM9YeCZBejew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:44:bc:08:91:53:20:7e:aa:0a:06:48:df:6f:34:e0:f4:8e:
         4f:cb:cb:f7:ae:e7:bc:bb:de:89:ec:e2:5c:c3:ae:1a:72:6c:
         5c:81:f0:13:61:f9:ca:fd:cc:8d:c4:71:19:18:a2:ff:9f:df:
         4a:bc:8a:a2:7c:2c:e2:a4:b0:6f:05:f8:3f:ae:30:aa:c8:ff:
         82:fb:e9:c8:35:88:87:35:d7:f3:b1:e7:56:93:da:e2:67:f6:
         bc:53:51:05:dc:6f:26:9a:61:eb:34:a7:3d:c8:26:00:28:0f:
         c5:9c:54:a4:43:ef:d1:3b:e6:78:b6:d6:23:9e:c3:9e:fd:72:
         6c:df:f1:c8:52:f1:eb:da:ac:9d:9a:29:e6:e7:2d:80:a0:54:
         38:f3:33:ad:9b:fd:5a:ae:26:87:83:6a:d5:bd:6d:ba:09:25:
         3f:d3:e9:84:a8:f4:58:08:c4:40:46:2d:43:79:ab:df:dc:43:
         e9:0e:db:57:4c:28:f7:3a:31:2e:44:28:e6:d2:c4:71:ab:3d:
         6f:4e:6f:f0:ad:8d:a8:7e:91:09:c8:66:db:02:99:ef:12:bb:
         8e:7b:73:40:9e:a6:a2:c9:d3:a3:9f:36:c3:80:33:6e:a3:ec:
         6a:27:b7:23:9b:03:5a:4b:bc:1f:3e:08:af:2a:91:2d:a8:10:
         62:3f:91:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd/Wj3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
MzAzMTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjExNjZjZDZlZTk4
NDYxNmNiMjEyOTk1MzNkNjFlMDk5MDVlOGRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuH00yszeElvqoUte8kcHtxRO+skMIo3bF9ZoC7V3bhntcC
+rS0QyiqMI4n0dY0ZGi34HvH5h2Rt8rNGigQdRnsqyYnEgvgqHJgHWg3dsVjDxBQ
ogZXMLOKNZNqIbaGxQCFDu2FL5BWlaaluOgALzhJJwFi2CHKRWhVOegDxLdW7MYv
nw1hfi6CrXau5WcZpDaAByWnOllX78Ac4VXO3rZsw6AH5IvWvrEtuLoSkpFLPp02
C45a4NdT/gtcaHDPWiRJkl7ENS85ke1PTiSSYIj9u+dGBKJqbscPAU3ieia0XnLB
RB1Z59MnP7QkChvyIFNgUK4YGwm/a3sB+5tn8DECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTxFmzW7phGFsshKZUz1h4JkF6N7DAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzhSWnMxdTZZUmhiTElTbVZNOVllQ1pCZWpldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAeRLwIkVMgfqoKBkjfbzTg9I5Py8v3rue8u96J
7OJcw64acmxcgfATYfnK/cyNxHEZGKL/n99KvIqifCzipLBvBfg/rjCqyP+C++nI
NYiHNdfzsedWk9riZ/a8U1EF3G8mmmHrNKc9yCYAKA/FnFSkQ+/RO+Z4ttYjnsOe
/XJs3/HIUvHr2qydminm5y2AoFQ48zOtm/1ariaHg2rVvW26CSU/0+mEqPRYCMRA
Ri1Deavf3EPpDttXTCj3OjEuRCjm0sRxqz1vTm/wrY2ofpEJyGbbApnvEruOe3NA
nqaiydOjnzbDgDNuo+xqJ7cjmwNaS7wfPgivKpEtqBBiP5G7
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:11:00 2025 by rpki-client