Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1Yob6PuDsi22jtSftv23UE4q0M.roa
File:                     G1Yob6PuDsi22jtSftv23UE4q0M.roa (raw, json)
Hash identifier:          0utGqwt+4qp72VSFhPL9k1TnbgbDU4gdIBQF6MHfG0I=
Subject key identifier:   1B:56:28:6F:A3:EE:0E:C8:B6:DA:3B:52:7E:DB:F6:DD:41:38:AB:43
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018867D88B8B7725EC7C7411D3CC8595C881
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1Yob6PuDsi22jtSftv23UE4q0M.roa
Signing time:             Mon 29 May 2023 14:10:24 +0000
ROA not before:           Mon 29 May 2023 14:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:67:d8:8b:8b:77:25:ec:7c:74:11:d3:cc:85:95:c8:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 29 14:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b56286fa3ee0ec8b6da3b527edbf6dd4138ab43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:73:a2:a2:58:ac:50:ad:77:fd:ec:dc:ce:37:
                    35:9c:32:84:77:47:5e:d6:50:86:08:6d:06:2d:ad:
                    16:47:88:60:36:65:d2:37:6f:8f:40:98:3e:d4:20:
                    18:3f:7c:1b:8d:40:ec:26:77:ea:4e:42:c7:20:89:
                    4f:23:53:11:f7:ae:1e:6c:17:ec:0c:d1:75:6d:b6:
                    af:22:08:e5:05:7a:85:21:ef:b2:87:d3:e4:df:48:
                    8c:0a:63:ac:59:1e:6c:c9:03:ce:5b:6f:44:1e:b6:
                    88:72:33:7e:9f:a2:b3:13:37:95:5b:a8:5e:37:50:
                    31:e6:18:f8:8b:42:c5:17:54:a8:f3:7b:1c:51:d7:
                    b1:5d:24:a8:b9:5c:6a:39:69:e2:e0:af:d0:cb:b8:
                    04:5d:7b:33:ba:aa:2a:9a:13:84:3f:29:e0:5b:f8:
                    23:7d:7a:08:94:ce:fc:8e:f7:52:71:ef:cd:c3:f6:
                    3f:8f:ba:cb:f0:d1:c2:07:1a:3e:0c:b1:e0:c4:5e:
                    ec:65:71:22:1d:10:dc:8b:4c:37:55:bf:37:f8:2c:
                    c1:49:72:99:b1:60:e8:58:5e:3d:53:b9:7f:f9:75:
                    c9:b0:35:6a:9d:b2:87:a5:8c:8b:45:44:40:66:b2:
                    00:98:63:c1:86:63:7f:7a:1a:2e:04:bc:5c:ae:29:
                    e9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:56:28:6F:A3:EE:0E:C8:B6:DA:3B:52:7E:DB:F6:DD:41:38:AB:43
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1Yob6PuDsi22jtSftv23UE4q0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:cd:d5:50:48:52:e6:03:7e:df:a2:41:69:f7:a4:3b:3b:a4:
         d8:bb:66:9e:17:88:11:77:3d:89:4b:e7:38:03:99:65:f4:af:
         cd:4f:13:87:e9:bc:74:4b:02:73:62:6f:75:2e:5c:f1:de:76:
         c9:1b:33:5e:e0:3c:4a:fe:54:f8:06:a0:7b:59:a7:c0:45:a4:
         b4:e5:9e:9d:b9:be:9a:cb:5b:6a:e2:64:11:de:05:5a:6d:b7:
         1e:76:99:5a:27:6b:d3:00:2d:20:1a:93:a8:6e:a1:44:5e:68:
         d5:f6:21:17:92:09:c3:75:18:cd:c4:37:8e:b9:78:06:3d:d9:
         ec:b1:19:2a:ff:d1:b4:5b:fd:ad:66:bd:0e:28:63:65:97:f2:
         30:3d:19:f3:d2:5b:01:5c:f9:f2:16:18:33:04:4b:46:87:1b:
         dc:68:6b:c6:86:8e:29:83:5e:1d:e0:00:27:e5:8c:2a:bf:ef:
         30:2d:a3:3f:55:f7:3b:e2:9b:96:55:70:f2:e4:51:62:43:fe:
         73:49:6d:ba:f2:a9:4f:72:a7:a1:82:db:61:f8:40:d5:94:5e:
         3b:df:ea:4a:20:e9:dd:6b:41:7b:2d:02:0b:7a:25:09:82:80:
         61:22:3c:50:e1:2a:96:e9:03:8b:92:65:89:6e:bc:8b:8c:4a:
         25:b4:ac:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhn2IuLdyXsfHQR08yFlciBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI5MTQxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU2Mjg2ZmEzZWUwZWM4YjZkYTNiNTI3ZWRiZjZkZDQxMzhhYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXOiolisUK13/ezczjc1nDKEd0de
1lCGCG0GLa0WR4hgNmXSN2+PQJg+1CAYP3wbjUDsJnfqTkLHIIlPI1MR964ebBfs
DNF1bbavIgjlBXqFIe+yh9Pk30iMCmOsWR5syQPOW29EHraIcjN+n6KzEzeVW6he
N1Ax5hj4i0LFF1So83scUdexXSSouVxqOWni4K/Qy7gEXXszuqoqmhOEPyngW/gj
fXoIlM78jvdSce/Nw/Y/j7rL8NHCBxo+DLHgxF7sZXEiHRDci0w3Vb83+CzBSXKZ
sWDoWF49U7l/+XXJsDVqnbKHpYyLRURAZrIAmGPBhmN/ehouBLxcrinpQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtWKG+j7g7Itto7Un7b9t1BOKtDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzFZb2I2UHVEc2kyMmp0U2Z0djIzVUU0cTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGTN1VBIUuYDft+iQWn3
pDs7pNi7Zp4XiBF3PYlL5zgDmWX0r81PE4fpvHRLAnNib3UuXPHedskbM17gPEr+
VPgGoHtZp8BFpLTlnp25vprLW2riZBHeBVpttx52mVona9MALSAak6huoUReaNX2
IReSCcN1GM3EN465eAY92eyxGSr/0bRb/a1mvQ4oY2WX8jA9GfPSWwFc+fIWGDME
S0aHG9xoa8aGjimDXh3gACfljCq/7zAtoz9V9zvim5ZVcPLkUWJD/nNJbbryqU9y
p6GC22H4QNWUXjvf6kog6d1rQXstAgt6JQmCgGEiPFDhKpbpA4uSZYluvIuMSiW0
rG8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:28:06 2025 by rpki-client