Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8tFCyCmssHgz2jZBGQti8J_VfGw.roa
File:                     8tFCyCmssHgz2jZBGQti8J_VfGw.roa (raw, json)
Hash identifier:          rv3T2GcioLWidUBXe054FAaHo5vPMUkyMAcxcH1XUq0=
Subject key identifier:   F2:D1:42:C8:29:AC:B0:78:33:DA:36:41:19:0B:62:F0:9F:D5:7C:6C
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018996A1B5D8814B28EAC04607B67F685EDE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8tFCyCmssHgz2jZBGQti8J_VfGw.roa
Signing time:             Thu 27 Jul 2023 09:15:27 +0000
ROA not before:           Thu 27 Jul 2023 09:15:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:96:a1:b5:d8:81:4b:28:ea:c0:46:07:b6:7f:68:5e:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 27 09:15:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2d142c829acb07833da3641190b62f09fd57c6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4c:73:8d:11:e1:62:b0:c4:5e:32:d2:5a:b2:
                    0f:4d:41:89:97:a2:7f:3e:53:16:cb:58:b4:df:df:
                    d8:ab:c3:5d:a6:2d:19:6e:80:33:e2:db:ef:14:fb:
                    47:80:ae:7a:f3:80:3e:18:2b:d8:b1:27:58:1a:63:
                    56:dd:3d:e5:fc:e7:bf:5b:c6:c6:8e:d1:37:0a:dd:
                    4b:69:9e:75:c8:62:1c:a6:e5:ef:55:d3:48:97:bf:
                    d4:af:ff:c5:06:1b:1b:3f:90:4d:04:70:8c:10:82:
                    85:b1:f1:d2:b8:6a:0e:f0:2c:85:f0:92:ba:1e:f1:
                    67:30:83:48:6e:73:b1:32:1a:5d:01:75:57:78:b3:
                    81:83:f3:e8:9a:23:b2:3a:7b:4a:47:7c:1e:9e:2f:
                    56:4c:55:3b:d0:12:4c:80:5b:7d:3c:7a:34:d0:41:
                    9d:59:6f:27:d1:f6:7d:3b:25:2c:7e:f1:37:44:70:
                    7d:fc:52:af:69:1d:82:4c:a9:04:fd:da:0a:db:9b:
                    8a:21:5d:07:e7:67:b8:af:9f:ab:e1:23:57:ae:96:
                    44:f5:23:88:71:12:28:47:a5:d4:b6:80:d0:73:d6:
                    e2:9f:37:8a:55:25:7f:b9:98:2f:d7:fa:27:f0:24:
                    65:28:7d:15:e5:11:6b:2b:66:c8:5d:12:5c:ac:90:
                    d5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:D1:42:C8:29:AC:B0:78:33:DA:36:41:19:0B:62:F0:9F:D5:7C:6C
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8tFCyCmssHgz2jZBGQti8J_VfGw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:2e:79:4d:90:98:5e:cf:0f:e0:0f:3d:32:62:0c:6a:ce:e7:
         5e:5e:b8:8b:6c:21:84:e2:b9:7b:ac:da:a1:3e:fb:5c:de:03:
         a7:e9:3c:a8:17:4c:89:74:61:a2:e2:a7:a2:a7:9a:fc:2a:70:
         a9:fd:ca:1c:96:27:6e:67:95:f2:28:4a:cd:12:9c:a5:e0:d8:
         8d:0e:44:8e:02:f7:4e:4a:91:bc:0f:4f:ad:76:9a:5e:4e:47:
         a3:85:db:ee:e4:5e:9f:e9:8d:25:57:7c:77:0c:28:26:6f:94:
         f8:a5:6e:36:a7:c7:91:ca:14:60:3d:7b:e8:dd:a2:8c:dd:2f:
         16:91:93:76:5d:4b:cd:4f:47:ad:37:de:3b:3d:c6:b4:c4:d5:
         52:d4:dd:9b:d8:99:9c:d6:7c:51:ea:43:63:bc:0a:75:ce:24:
         90:0c:7a:95:6a:38:5d:5a:29:67:67:ab:d5:64:5b:6b:b1:6f:
         87:4b:c9:8d:fd:63:6c:b6:3e:ca:ad:43:fc:ee:d8:d5:e9:82:
         9a:de:e8:12:c9:d7:97:91:3a:57:b7:ba:8d:c1:1a:78:32:c5:
         d2:ea:09:0f:65:ab:1e:0b:d0:1e:4d:7a:6a:81:9e:8a:f2:38:
         d5:41:fd:e3:a1:a0:3c:49:32:23:93:21:fb:fe:a8:0c:45:c9:
         16:3c:b5:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmWobXYgUso6sBGB7Z/aF7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI3MDkxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQxNDJjODI5YWNiMDc4MzNkYTM2NDExOTBiNjJmMDlmZDU3YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0xzjRHhYrDEXjLSWrIPTUGJl6J/
PlMWy1i039/Yq8Ndpi0ZboAz4tvvFPtHgK5684A+GCvYsSdYGmNW3T3l/Oe/W8bG
jtE3Ct1LaZ51yGIcpuXvVdNIl7/Ur//FBhsbP5BNBHCMEIKFsfHSuGoO8CyF8JK6
HvFnMINIbnOxMhpdAXVXeLOBg/PomiOyOntKR3weni9WTFU70BJMgFt9PHo00EGd
WW8n0fZ9OyUsfvE3RHB9/FKvaR2CTKkE/doK25uKIV0H52e4r5+r4SNXrpZE9SOI
cRIoR6XUtoDQc9binzeKVSV/uZgv1/on8CRlKH0V5RFrK2bIXRJcrJDVfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPLRQsgprLB4M9o2QRkLYvCf1XxsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOHRGQ3lDbXNzSGd6MmpaQkdRdGk4Sl9WZkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAueU2QmF7PD+APPTJi
DGrO515euItsIYTiuXus2qE++1zeA6fpPKgXTIl0YaLip6KnmvwqcKn9yhyWJ25n
lfIoSs0SnKXg2I0ORI4C905KkbwPT612ml5OR6OF2+7kXp/pjSVXfHcMKCZvlPil
bjanx5HKFGA9e+jdoozdLxaRk3ZdS81PR6033js9xrTE1VLU3ZvYmZzWfFHqQ2O8
CnXOJJAMepVqOF1aKWdnq9VkW2uxb4dLyY39Y2y2PsqtQ/zu2NXpgpre6BLJ15eR
Ole3uo3BGngyxdLqCQ9lqx4L0B5NemqBnoryONVB/eOhoDxJMiOTIfv+qAxFyRY8
tXs=
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:46:26 2025 by rpki-client