Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa
File:                     Be8FupufTejolcj8skIDwbh5y2A.roa (raw, json)
Hash identifier:          2tRJnokUTZYhVbronc33h02pnv0PNKUB+rDMaN8JrT4=
Subject key identifier:   05:EF:05:BA:9B:9F:4D:E8:E8:95:C8:FC:B2:42:03:C1:B8:79:CB:60
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188440121A339CC8BA8A67F628E341972BF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa
Signing time:             Mon 22 May 2023 15:08:24 +0000
ROA not before:           Mon 22 May 2023 15:08:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:44:01:21:a3:39:cc:8b:a8:a6:7f:62:8e:34:19:72:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 22 15:08:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05ef05ba9b9f4de8e895c8fcb24203c1b879cb60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6b:ec:aa:f6:d6:51:2d:1b:77:b1:99:cc:8f:
                    ff:d5:d7:dc:e3:f2:44:70:7c:aa:b3:a1:67:8f:8f:
                    f4:60:d7:8c:37:09:70:ee:ea:07:70:1f:cc:62:ed:
                    6a:2c:27:3f:18:ed:85:6e:d4:2d:f9:f6:9f:a9:16:
                    a5:e3:8c:9b:20:4f:b6:5f:cc:9e:a6:2a:19:e3:ad:
                    b6:b9:ae:d5:7e:4b:88:7e:ce:c4:ca:26:47:96:e2:
                    22:77:d9:50:87:e5:b5:58:a8:d5:ce:ac:c6:10:6e:
                    6c:7b:46:bf:87:19:19:d7:8a:74:39:fb:7a:8f:22:
                    61:4b:fa:ed:ba:0d:07:0f:36:2e:fa:2c:02:6b:10:
                    34:3e:08:fa:70:37:17:f5:cc:f3:29:89:b2:5f:55:
                    40:07:19:25:2b:94:0d:de:fe:a6:24:b5:bc:6d:75:
                    83:fe:70:a2:be:1b:d2:14:05:4a:4f:82:1b:2e:8a:
                    b8:d9:92:30:72:3c:ae:44:ee:fd:19:e8:18:ad:cb:
                    b7:94:f7:99:7c:a4:ac:48:cd:17:a8:1f:dc:8e:f9:
                    ee:46:e5:59:33:91:df:2d:6d:ef:b4:21:f3:3f:85:
                    12:b2:31:72:23:9d:33:e0:6e:58:7a:21:b9:cf:df:
                    12:c0:ca:da:47:a1:a6:4b:7b:c2:8d:4d:ae:b8:67:
                    dc:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:EF:05:BA:9B:9F:4D:E8:E8:95:C8:FC:B2:42:03:C1:B8:79:CB:60
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:a6:06:9a:a9:34:b5:93:b1:93:ab:45:b0:a0:1a:24:f5:fa:
         b2:81:99:40:d4:41:2d:02:77:53:a6:9a:2b:86:f4:e3:c1:e5:
         59:35:92:99:6b:f9:aa:af:07:1e:77:3c:ea:36:4e:f8:7a:8a:
         9c:12:77:d5:e1:47:b8:b4:ff:03:c1:bc:a7:39:8f:9c:04:0c:
         42:33:88:2e:eb:00:4e:7b:50:9e:6a:14:43:6f:4b:2f:32:e8:
         1e:0e:d6:b3:33:a9:15:72:04:7c:e9:c3:c1:5e:1d:b7:c6:44:
         de:06:9f:4a:06:4c:ba:ec:0d:5c:50:3a:e1:d7:46:b5:1a:4b:
         f6:ed:17:50:43:7e:00:a7:ff:e5:48:90:3a:c5:99:31:db:ca:
         60:27:6b:59:9c:38:dc:b1:21:b2:1c:09:f8:2a:41:9c:46:ab:
         53:41:12:64:3d:f7:b7:bc:68:70:b3:17:87:2b:1c:5b:30:8f:
         f5:5e:fb:da:a1:8c:2a:09:b7:fa:5c:43:c7:21:e7:06:7b:5a:
         b6:ff:31:dd:7f:31:8f:5b:9b:ee:d0:f1:81:f1:fc:18:94:a0:
         14:f5:f1:f7:33:26:03:a1:d7:fe:2f:ec:e8:b7:91:3f:9f:3a:
         7e:18:99:a5:f2:78:4b:1c:ad:8b:8f:f3:81:36:ce:68:2f:ec:
         4e:8f:d6:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhEASGjOcyLqKZ/Yo40GXK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIyMTUwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVmMDViYTliOWY0ZGU4ZTg5NWM4ZmNiMjQyMDNjMWI4NzljYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2vsqvbWUS0bd7GZzI//1dfc4/JE
cHyqs6Fnj4/0YNeMNwlw7uoHcB/MYu1qLCc/GO2FbtQt+fafqRal44ybIE+2X8ye
pioZ4622ua7VfkuIfs7EyiZHluIid9lQh+W1WKjVzqzGEG5se0a/hxkZ14p0Oft6
jyJhS/rtug0HDzYu+iwCaxA0Pgj6cDcX9czzKYmyX1VABxklK5QN3v6mJLW8bXWD
/nCivhvSFAVKT4IbLoq42ZIwcjyuRO79GegYrcu3lPeZfKSsSM0XqB/cjvnuRuVZ
M5HfLW3vtCHzP4USsjFyI50z4G5YeiG5z98SwMraR6GmS3vCjU2uuGfcxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXvBbqbn03o6JXI/LJCA8G4ectgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmU4RnVwdWZUZWpvbGNqOHNrSUR3Ymg1eTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIymBpqpNLWTsZOrRbCg
GiT1+rKBmUDUQS0Cd1OmmiuG9OPB5Vk1kplr+aqvBx53POo2Tvh6ipwSd9XhR7i0
/wPBvKc5j5wEDEIziC7rAE57UJ5qFENvSy8y6B4O1rMzqRVyBHzpw8FeHbfGRN4G
n0oGTLrsDVxQOuHXRrUaS/btF1BDfgCn/+VIkDrFmTHbymAna1mcONyxIbIcCfgq
QZxGq1NBEmQ997e8aHCzF4crHFswj/Ve+9qhjCoJt/pcQ8ch5wZ7Wrb/Md1/MY9b
m+7Q8YHx/BiUoBT18fczJgOh1/4v7Oi3kT+fOn4YmaXyeEscrYuP84E2zmgv7E6P
1gs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 02:23:17 2025 by rpki-client