Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AMYr5bNzx3Q6iDo71POFLN24fT0.roa
File:                     AMYr5bNzx3Q6iDo71POFLN24fT0.roa (raw, json)
Hash identifier:          cgjsg+zYS8ngipyyTd7EAmrGd8vQvcZccqZgOwVzUAg=
Subject key identifier:   00:C6:2B:E5:B3:73:C7:74:3A:88:3A:3B:D4:F3:85:2C:DD:B8:7D:3D
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018883BE6225646AC6C5AAB46F7B96EB3CAB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AMYr5bNzx3Q6iDo71POFLN24fT0.roa
Signing time:             Sun 04 Jun 2023 00:11:12 +0000
ROA not before:           Sun 04 Jun 2023 00:11:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:83:be:62:25:64:6a:c6:c5:aa:b4:6f:7b:96:eb:3c:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  4 00:11:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00c62be5b373c7743a883a3bd4f3852cddb87d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6e:3a:c1:0a:6c:29:44:09:7c:52:42:88:85:
                    22:75:5c:f9:36:19:3e:8a:53:21:b9:fa:94:22:70:
                    3a:1b:01:61:45:8f:81:99:27:45:a6:41:a8:f5:89:
                    e1:e3:52:ad:d0:ad:7f:a8:ce:4c:dc:78:f7:d5:13:
                    15:b8:a3:0b:d0:c7:c1:90:31:8f:a1:f1:30:f8:98:
                    f8:f7:60:2d:5e:1f:54:2e:21:c8:84:85:9b:b6:60:
                    c5:72:c3:36:5f:b2:a3:a5:60:d0:5c:e1:fd:3f:2c:
                    3f:a0:0f:60:d2:df:d3:06:54:2d:f1:7a:c7:03:d2:
                    62:d4:28:7c:a4:1c:b3:8d:3a:42:ec:8f:60:ef:1b:
                    28:45:4e:fd:d3:bb:c3:97:52:10:27:ea:af:9f:66:
                    c0:2b:e5:b5:6e:38:ea:1a:a5:30:06:a6:b3:14:e3:
                    b3:7a:bd:7b:d1:8b:ea:d2:db:44:a6:c1:87:5f:04:
                    d5:db:3b:43:f0:55:d1:72:26:87:fc:67:73:98:96:
                    84:29:f6:9c:96:1e:9a:ef:53:6f:77:9c:f3:79:c7:
                    bd:71:97:57:3c:06:07:bd:72:c7:87:f2:ed:4a:69:
                    ec:24:c4:dd:a6:47:24:46:bf:d7:80:97:bb:dd:e2:
                    dc:ad:b2:fe:5a:6b:b7:2b:1f:8e:f6:24:11:8d:61:
                    b1:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:C6:2B:E5:B3:73:C7:74:3A:88:3A:3B:D4:F3:85:2C:DD:B8:7D:3D
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AMYr5bNzx3Q6iDo71POFLN24fT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:ee:cd:0c:fa:21:d7:42:85:04:82:8f:99:62:50:55:8d:74:
         e6:2c:1e:cc:99:25:40:0d:fa:a1:0a:e6:f6:9b:b6:23:2b:0c:
         b5:d6:8c:94:31:d1:87:4b:e2:10:ed:3a:bb:6e:d8:55:18:9d:
         2b:0e:bb:a4:0c:7e:f9:6b:14:4e:7c:65:60:ec:0c:4a:d0:1e:
         cc:e1:fc:b5:6f:b0:05:c4:89:13:7d:8a:a4:39:d3:3c:a7:85:
         80:1f:19:6e:f7:2f:28:3a:9e:25:20:d4:52:be:96:36:d9:6b:
         64:7b:87:55:dc:fd:0a:d4:6b:77:dd:35:2b:85:17:5a:50:6d:
         07:6f:fb:6a:e9:ea:60:3d:8a:98:78:0c:af:7c:27:15:ac:92:
         7f:5e:8f:05:5e:58:38:9c:c0:5d:72:5c:1c:aa:ed:32:5c:de:
         d6:c7:ed:e8:88:41:84:bb:29:e0:d6:7b:31:16:3f:52:00:84:
         29:86:b9:ba:58:26:76:72:20:5d:d6:be:35:76:b4:a9:45:e0:
         9c:ff:bd:1f:81:4c:25:c4:03:71:93:f2:53:20:2e:0f:3c:24:
         6b:b3:d2:12:60:13:e6:a4:1b:0b:d4:e9:db:a8:b4:b6:cb:2f:
         52:bf:1f:03:ba:d4:d6:06:2a:23:f0:13:04:e9:ba:27:3f:26:
         ca:a5:2a:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiDvmIlZGrGxaq0b3uW6zyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA0MDAxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM2MmJlNWIzNzNjNzc0M2E4ODNhM2JkNGYzODUyY2RkYjg3ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm46wQpsKUQJfFJCiIUidVz5Nhk+
ilMhufqUInA6GwFhRY+BmSdFpkGo9Ynh41Kt0K1/qM5M3Hj31RMVuKML0MfBkDGP
ofEw+Jj492AtXh9ULiHIhIWbtmDFcsM2X7KjpWDQXOH9Pyw/oA9g0t/TBlQt8XrH
A9Ji1Ch8pByzjTpC7I9g7xsoRU7907vDl1IQJ+qvn2bAK+W1bjjqGqUwBqazFOOz
er170Yvq0ttEpsGHXwTV2ztD8FXRciaH/GdzmJaEKfaclh6a71Nvd5zzece9cZdX
PAYHvXLHh/LtSmnsJMTdpkckRr/XgJe73eLcrbL+Wmu3Kx+O9iQRjWGxFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFADGK+Wzc8d0Oog6O9TzhSzduH09MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQU1ZcjViTnp4M1E2aURvNzFQT0ZMTjI0ZlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIjuzQz6IddChQSCj5li
UFWNdOYsHsyZJUAN+qEK5vabtiMrDLXWjJQx0YdL4hDtOrtu2FUYnSsOu6QMfvlr
FE58ZWDsDErQHszh/LVvsAXEiRN9iqQ50zynhYAfGW73Lyg6niUg1FK+ljbZa2R7
h1Xc/QrUa3fdNSuFF1pQbQdv+2rp6mA9iph4DK98JxWskn9ejwVeWDicwF1yXByq
7TJc3tbH7eiIQYS7KeDWezEWP1IAhCmGubpYJnZyIF3WvjV2tKlF4Jz/vR+BTCXE
A3GT8lMgLg88JGuz0hJgE+akGwvU6duotLbLL1K/HwO61NYGKiPwEwTpuic/Jsql
Kh4=
-----END CERTIFICATE-----
Generated at Fri Jun 13 12:44:50 2025 by rpki-client