Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKykUhrDuCBZM7CcVQQxZK03Utw.roa
File:                     IKykUhrDuCBZM7CcVQQxZK03Utw.roa (raw, json)
Hash identifier:          eXQtvVF02Reghfn6KWQjXcJ0eKy7fVfG4hmGLsxTIJs=
Subject key identifier:   20:AC:A4:52:1A:C3:B8:20:59:33:B0:9C:55:04:31:64:AD:37:52:DC
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186D5521BF8ED85D5F5F3C38144A0913D63
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKykUhrDuCBZM7CcVQQxZK03Utw.roa
Signing time:             Sun 12 Mar 2023 10:16:13 +0000
ROA not before:           Sun 12 Mar 2023 10:16:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d5:52:1b:f8:ed:85:d5:f5:f3:c3:81:44:a0:91:3d:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 12 10:16:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20aca4521ac3b8205933b09c55043164ad3752dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fe:8b:7f:f2:76:16:e0:87:18:78:e3:1c:fc:
                    c4:87:c3:84:dc:04:3a:54:82:52:10:6c:c5:30:7f:
                    e6:c3:45:bb:f2:f5:59:d0:95:3c:15:f4:35:8a:42:
                    20:fe:d3:bf:02:f8:2e:f3:cf:f6:d1:8e:13:b7:4a:
                    83:10:57:a8:d0:b5:2d:91:77:14:f5:13:f8:f2:7e:
                    17:f7:e1:08:aa:72:5f:50:6f:fa:6d:1c:e6:cd:59:
                    6a:df:40:c2:95:7c:d1:1a:33:86:67:04:92:a3:86:
                    32:80:0d:13:79:84:40:35:4b:2e:7d:8d:26:1e:28:
                    26:f3:84:a6:2c:4b:b2:88:78:d4:1e:63:b5:73:b7:
                    31:09:87:93:d9:1b:55:e0:31:cd:8d:ed:a1:4f:6a:
                    37:6f:9b:c3:29:24:e8:e2:8d:85:7a:13:ba:18:1d:
                    4f:9c:d2:a8:3b:2d:69:97:e8:5a:71:29:35:17:c5:
                    21:75:54:8d:56:fc:1b:cf:97:87:73:54:51:22:c8:
                    38:1a:b4:b2:c7:a5:9c:ee:94:bf:07:12:dd:cf:a7:
                    26:fe:69:b0:96:6e:3e:0a:74:43:4c:fd:13:45:fe:
                    06:ce:d2:96:6f:74:27:6f:15:56:56:f5:f9:fa:da:
                    bb:0c:92:44:94:16:56:7d:1c:8b:73:d6:fe:07:c8:
                    4f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:AC:A4:52:1A:C3:B8:20:59:33:B0:9C:55:04:31:64:AD:37:52:DC
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKykUhrDuCBZM7CcVQQxZK03Utw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:c8:66:8d:27:95:41:61:0b:1f:7d:5d:f1:a5:a6:f6:f7:5a:
         f7:67:e9:f6:12:c2:a6:3c:c3:0b:45:88:8e:aa:a6:47:34:74:
         af:79:e9:f9:27:d6:13:d1:15:e2:da:7f:ea:b2:31:0a:f4:34:
         7b:58:80:46:87:2a:64:36:4a:a5:2a:14:26:99:03:5e:c8:42:
         b8:1d:9f:cd:57:11:f0:88:33:d9:75:ee:e9:61:bb:87:4f:dd:
         27:5c:1d:35:aa:48:c8:d5:48:ec:81:d4:56:ca:33:81:7d:10:
         e9:2c:86:2f:e3:43:1c:41:04:46:32:d8:19:73:7c:9c:0c:49:
         5b:20:d3:34:ce:32:07:28:44:63:33:bb:37:78:c2:fa:d7:3e:
         75:34:75:22:66:e0:e9:7e:56:0e:4a:87:fe:5a:71:2a:c0:78:
         4b:b6:35:b6:5b:bd:db:40:78:08:8a:37:e7:84:44:e4:9f:32:
         fd:90:09:f2:d2:37:43:35:e2:9e:b4:e5:9d:29:81:75:50:74:
         12:21:c7:50:7d:5e:bc:1a:89:0b:4a:72:6c:55:83:4c:11:7a:
         b3:ac:78:7a:31:71:38:33:1e:38:bc:f1:3f:c6:ea:05:37:d2:
         2d:50:07:fa:b1:ae:df:14:66:37:c5:5b:3a:bb:8d:3e:77:e8:
         84:f1:2b:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbVUhv47YXV9fPDgUSgkT1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEyMTAxNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFjYTQ1MjFhYzNiODIwNTkzM2IwOWM1NTA0MzE2NGFkMzc1MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP6Lf/J2FuCHGHjjHPzEh8OE3AQ6
VIJSEGzFMH/mw0W78vVZ0JU8FfQ1ikIg/tO/Avgu88/20Y4Tt0qDEFeo0LUtkXcU
9RP48n4X9+EIqnJfUG/6bRzmzVlq30DClXzRGjOGZwSSo4YygA0TeYRANUsufY0m
Higm84SmLEuyiHjUHmO1c7cxCYeT2RtV4DHNje2hT2o3b5vDKSTo4o2FehO6GB1P
nNKoOy1pl+hacSk1F8UhdVSNVvwbz5eHc1RRIsg4GrSyx6Wc7pS/BxLdz6cm/mmw
lm4+CnRDTP0TRf4GztKWb3QnbxVWVvX5+tq7DJJElBZWfRyLc9b+B8hP4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCCspFIaw7ggWTOwnFUEMWStN1LcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUt5a1VockR1Q0JaTTdDY1ZRUXhaSzAzVXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPIZo0nlUFhCx99XfGl
pvb3Wvdn6fYSwqY8wwtFiI6qpkc0dK956fkn1hPRFeLaf+qyMQr0NHtYgEaHKmQ2
SqUqFCaZA17IQrgdn81XEfCIM9l17ulhu4dP3SdcHTWqSMjVSOyB1FbKM4F9EOks
hi/jQxxBBEYy2BlzfJwMSVsg0zTOMgcoRGMzuzd4wvrXPnU0dSJm4Ol+Vg5Kh/5a
cSrAeEu2NbZbvdtAeAiKN+eEROSfMv2QCfLSN0M14p605Z0pgXVQdBIhx1B9Xrwa
iQtKcmxVg0wRerOseHoxcTgzHji88T/G6gU30i1QB/qxrt8UZjfFWzq7jT536ITx
KxM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:04:11 2025 by rpki-client