Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa
File:                     IOfG0hrkg2h0nBvOgtPWVjzFVao.roa (raw, json)
Hash identifier:          SnO01Rx2FvV7R96mAhXPQ/vMx/9METOMKSDwcVAQG5s=
Subject key identifier:   20:E7:C6:D2:1A:E4:83:68:74:9C:1B:CE:82:D3:D6:56:3C:C5:55:AA
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0183D7414BF0429940C205ED5C1516777DD4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa
Signing time:             Fri 14 Oct 2022 16:08:44 +0000
ROA not before:           Fri 14 Oct 2022 16:08:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:183:d73d:6a06/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d7:41:4b:f0:42:99:40:c2:05:ed:5c:15:16:77:7d:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Oct 14 16:08:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20e7c6d21ae48368749c1bce82d3d6563cc555aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:80:ee:cd:db:92:41:12:94:da:89:11:49:3b:
                    bd:02:ac:01:c3:3e:88:9a:d6:d7:23:6c:40:9d:46:
                    6d:22:af:37:e1:ad:5e:17:b2:df:6a:df:cc:8d:9d:
                    c6:8e:f0:fb:ae:36:df:6a:56:e8:ae:55:9b:04:10:
                    23:10:96:82:d2:ba:b3:b6:d6:0d:83:ba:23:c9:78:
                    de:a9:d3:fd:68:a2:f0:2e:9f:d1:3e:3a:cf:e7:4c:
                    26:29:49:bd:28:ad:f5:d1:80:a1:47:d5:60:8b:c0:
                    3d:50:b4:25:3a:b0:00:17:81:b2:4d:f2:35:7b:fb:
                    44:b6:b5:fc:da:a2:52:9d:8a:76:2b:29:c5:bd:01:
                    49:b1:d4:30:c3:2e:4c:af:aa:04:c5:ad:42:8b:c2:
                    95:2f:65:d4:3b:11:59:47:29:ef:83:35:b5:ad:2d:
                    0c:6a:a7:71:e6:b2:d9:40:11:1d:c8:df:2f:94:54:
                    6b:1d:84:cf:38:f1:cf:4c:db:d4:30:d7:58:a7:73:
                    8e:c7:ae:6c:eb:0f:cd:5a:74:ae:08:c8:d4:e8:42:
                    57:f1:2d:58:48:dd:79:2d:27:56:40:52:c5:ea:f4:
                    57:6d:f7:33:87:f6:a7:a1:a3:da:a8:33:07:1a:fa:
                    c5:6a:e5:23:2a:1b:e6:25:06:d5:d1:84:cf:94:11:
                    e2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E7:C6:D2:1A:E4:83:68:74:9C:1B:CE:82:D3:D6:56:3C:C5:55:AA
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:69:85:43:f8:6d:b9:52:b8:28:a5:49:b8:c8:07:5b:56:d5:
         00:a8:3b:40:90:ee:04:91:97:6f:fb:2f:b4:cd:74:b3:85:a7:
         09:46:03:8f:29:ab:d0:a2:63:7d:b5:5f:df:01:05:7f:b3:69:
         be:56:12:66:c3:ce:f6:4a:1d:b9:40:81:fc:89:17:39:ef:3d:
         91:bb:67:c6:2c:f0:f8:5c:0d:45:e5:1b:42:b6:a5:12:02:61:
         4f:09:63:32:05:71:0b:f3:e5:21:70:5d:c4:0d:4e:09:34:10:
         67:f3:3a:48:af:05:aa:f1:b9:69:28:3f:9a:86:f9:db:b8:8b:
         07:4d:47:ce:aa:d4:f0:88:65:e9:08:87:49:df:ca:6b:5e:c0:
         2b:84:7e:fa:ff:cb:47:f9:cf:fc:76:bb:99:10:69:f9:c8:d7:
         08:b4:30:14:b9:5d:24:29:bc:86:c8:fa:36:8c:1e:0e:e5:47:
         17:14:31:41:d0:02:4a:9d:d3:e7:dc:ff:99:7d:50:e8:86:78:
         32:e3:2e:c8:c4:a7:09:bb:bf:7e:de:0d:b6:54:37:c3:44:b1:
         3a:93:c9:87:61:21:5e:d7:aa:0a:ef:f8:05:4a:e0:8a:99:c6:
         48:5c:65:97:2d:83:10:46:97:c7:e2:64:94:cf:c2:44:66:80:
         ec:de:64:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPXQUvwQplAwgXtXBUWd33UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDE0MTYwODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU3YzZkMjFhZTQ4MzY4NzQ5YzFiY2U4MmQzZDY1NjNjYzU1NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oDuzduSQRKU2okRSTu9AqwBwz6I
mtbXI2xAnUZtIq834a1eF7Lfat/MjZ3GjvD7rjbfalborlWbBBAjEJaC0rqzttYN
g7ojyXjeqdP9aKLwLp/RPjrP50wmKUm9KK310YChR9Vgi8A9ULQlOrAAF4GyTfI1
e/tEtrX82qJSnYp2KynFvQFJsdQwwy5Mr6oExa1Ci8KVL2XUOxFZRynvgzW1rS0M
aqdx5rLZQBEdyN8vlFRrHYTPOPHPTNvUMNdYp3OOx65s6w/NWnSuCMjU6EJX8S1Y
SN15LSdWQFLF6vRXbfczh/anoaPaqDMHGvrFauUjKhvmJQbV0YTPlBHi8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDnxtIa5INodJwbzoLT1lY8xVWqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSU9mRzBocmtnMmgwbkJ2T2d0UFdWanpGVmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALNphUP4bblSuCilSbjI
B1tW1QCoO0CQ7gSRl2/7L7TNdLOFpwlGA48pq9CiY321X98BBX+zab5WEmbDzvZK
HblAgfyJFznvPZG7Z8Ys8PhcDUXlG0K2pRICYU8JYzIFcQvz5SFwXcQNTgk0EGfz
OkivBarxuWkoP5qG+du4iwdNR86q1PCIZekIh0nfymtewCuEfvr/y0f5z/x2u5kQ
afnI1wi0MBS5XSQpvIbI+jaMHg7lRxcUMUHQAkqd0+fc/5l9UOiGeDLjLsjEpwm7
v37eDbZUN8NEsTqTyYdhIV7Xqgrv+AVK4IqZxkhcZZctgxBGl8fiZJTPwkRmgOze
ZO8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:19 2025 by rpki-client