Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa
File:                     IJt0hUdVYyd3koMa2W6tKLlgkUs.roa (raw, json)
Hash identifier:          6vjvfChx9byUIb3EF4Jk1e77zTsfl0Rre5AM7ZwG938=
Subject key identifier:   20:9B:74:85:47:55:63:27:77:92:83:1A:D9:6E:AD:28:B9:60:91:4B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187D995C2A823A338EF0894ACA04B336394
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa
Signing time:             Mon 01 May 2023 23:11:23 +0000
ROA not before:           Mon 01 May 2023 23:11:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d9:95:c2:a8:23:a3:38:ef:08:94:ac:a0:4b:33:63:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  1 23:11:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=209b7485475563277792831ad96ead28b960914b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:01:a5:31:c2:77:95:5b:4e:87:7e:c7:61:95:
                    38:22:ef:06:16:46:6a:2b:95:16:5c:a5:57:58:44:
                    52:53:07:41:52:cf:a1:cc:14:5a:07:57:61:06:87:
                    b2:b7:e3:15:f2:a0:db:a6:cc:65:cb:ae:1e:b5:04:
                    12:dc:15:6a:00:2a:d5:f2:36:b9:69:5a:5b:06:dc:
                    cf:ba:3f:7d:bb:fb:81:d4:5a:94:69:e3:0b:bf:03:
                    88:c9:44:23:df:cc:61:00:f2:6b:b0:03:94:fd:ee:
                    23:7a:c9:42:db:66:81:08:af:65:30:b9:ed:4b:bc:
                    4d:e6:71:a2:6d:e4:d1:2c:38:33:51:bf:61:e2:95:
                    ca:94:a9:fb:5d:76:ad:18:e3:19:43:01:d3:b9:6a:
                    26:49:cf:e1:19:cc:f1:87:40:15:0f:f4:06:c8:1d:
                    f9:b2:7d:6e:85:1d:3a:9e:04:9c:4d:36:0d:05:b8:
                    ea:4d:26:ef:13:97:f4:5d:d6:0e:2b:03:7b:f2:5f:
                    8a:53:a5:06:18:20:22:f8:39:52:ed:27:ed:c0:07:
                    4b:bb:fe:f6:33:44:51:8e:d8:b4:c7:d6:f7:c2:5d:
                    32:04:d1:99:05:c0:57:f0:78:ac:0a:50:99:7f:b8:
                    4b:7f:28:f1:c9:22:32:5b:3b:d2:a4:45:71:14:ad:
                    06:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:9B:74:85:47:55:63:27:77:92:83:1A:D9:6E:AD:28:B9:60:91:4B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:d7:19:2e:35:ab:91:c3:3c:9e:fa:2d:e0:d2:95:f7:84:61:
         5d:5a:c7:a1:8d:e5:11:2f:0b:3e:6c:c7:67:9c:85:df:bf:5a:
         da:8e:27:66:f9:7b:00:e4:2c:d6:3d:2c:40:32:5f:08:e8:8a:
         82:9d:78:ac:13:1e:ae:7d:06:e2:9a:f1:61:ee:c1:54:6e:7b:
         8b:a4:2d:42:75:13:ff:55:a2:1c:45:df:b6:ae:46:50:ab:4c:
         25:35:95:96:8d:7e:fc:c7:44:81:b9:d2:fd:5e:a6:f3:f2:4b:
         df:6c:1c:65:99:64:a6:3e:de:e0:9b:61:08:d4:6c:47:5f:a6:
         35:81:16:b4:24:5f:da:18:2c:d6:3a:24:be:b2:74:ac:97:53:
         5f:fa:26:93:78:b4:02:0f:ff:6b:20:4b:e7:fe:12:6f:9e:0d:
         0b:b4:cb:13:b0:76:4b:48:c0:b8:3a:68:93:88:52:7f:ab:ee:
         4d:d9:a6:ad:1c:0c:4b:8f:dc:29:05:66:5a:66:b9:bb:32:04:
         d5:6c:54:d7:6d:a5:48:c7:77:6d:4e:2b:b2:d4:20:04:36:c3:
         a7:40:b4:3d:32:ab:4e:25:fa:f8:42:04:da:14:94:b9:79:36:
         52:f9:1d:30:19:8d:69:ee:7f:95:48:34:e7:f5:9a:8a:95:75:
         51:56:51:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfZlcKoI6M47wiUrKBLM2OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAxMjMxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDliNzQ4NTQ3NTU2MzI3Nzc5MjgzMWFkOTZlYWQyOGI5NjA5MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAGlMcJ3lVtOh37HYZU4Iu8GFkZq
K5UWXKVXWERSUwdBUs+hzBRaB1dhBoeyt+MV8qDbpsxly64etQQS3BVqACrV8ja5
aVpbBtzPuj99u/uB1FqUaeMLvwOIyUQj38xhAPJrsAOU/e4jeslC22aBCK9lMLnt
S7xN5nGibeTRLDgzUb9h4pXKlKn7XXatGOMZQwHTuWomSc/hGczxh0AVD/QGyB35
sn1uhR06ngScTTYNBbjqTSbvE5f0XdYOKwN78l+KU6UGGCAi+DlS7SftwAdLu/72
M0RRjti0x9b3wl0yBNGZBcBX8HisClCZf7hLfyjxySIyWzvSpEVxFK0G8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCCbdIVHVWMnd5KDGtlurSi5YJFLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUp0MGhVZFZZeWQza29NYTJXNnRLTGxna1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKfXGS41q5HDPJ76LeDS
lfeEYV1ax6GN5REvCz5sx2echd+/WtqOJ2b5ewDkLNY9LEAyXwjoioKdeKwTHq59
BuKa8WHuwVRue4ukLUJ1E/9VohxF37auRlCrTCU1lZaNfvzHRIG50v1epvPyS99s
HGWZZKY+3uCbYQjUbEdfpjWBFrQkX9oYLNY6JL6ydKyXU1/6JpN4tAIP/2sgS+f+
Em+eDQu0yxOwdktIwLg6aJOIUn+r7k3Zpq0cDEuP3CkFZlpmubsyBNVsVNdtpUjH
d21OK7LUIAQ2w6dAtD0yq04l+vhCBNoUlLl5NlL5HTAZjWnuf5VINOf1moqVdVFW
Uf4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:38:40 2025 by rpki-client