Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Idb2PEGRpsvYWt2jj4O-PtaBgUU.roa
File:                     Idb2PEGRpsvYWt2jj4O-PtaBgUU.roa (raw, json)
Hash identifier:          2KQ6rY/OzYusa0RMAfktrxTsT+D5/rATtmHEeJRCti0=
Subject key identifier:   21:D6:F6:3C:41:91:A6:CB:D8:5A:DD:A3:8F:83:BE:3E:D6:81:81:45
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187F31C856630CE369E5C239517D49841BA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Idb2PEGRpsvYWt2jj4O-PtaBgUU.roa
Signing time:             Sat 06 May 2023 22:09:05 +0000
ROA not before:           Sat 06 May 2023 22:09:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f3:1c:85:66:30:ce:36:9e:5c:23:95:17:d4:98:41:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  6 22:09:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21d6f63c4191a6cbd85adda38f83be3ed6818145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:44:6f:84:b5:5d:0a:6b:1f:5a:f5:6e:eb:44:
                    05:e2:2b:ea:59:4b:47:65:fc:77:31:07:3c:f6:21:
                    07:48:db:e6:e0:b2:6e:e7:12:d8:28:9a:8c:4c:83:
                    71:83:70:50:41:82:6a:c3:9c:9c:bd:c5:2e:e2:b7:
                    4e:7f:65:d3:1d:51:79:7b:64:c5:76:c8:4d:65:c1:
                    ea:18:bf:af:05:fb:ff:da:14:e4:55:c9:30:4d:fa:
                    6d:53:ba:aa:24:f3:18:40:38:10:d0:a8:bd:e1:32:
                    ef:25:62:45:13:ce:82:b1:99:55:3d:2a:ec:c9:31:
                    89:65:e6:01:c4:32:57:1e:e8:3d:09:54:b8:f2:df:
                    39:5a:71:2b:15:0e:63:33:80:72:ae:7f:22:b0:46:
                    88:b0:93:44:21:df:3b:f1:b4:5b:39:d8:6b:1b:f7:
                    2f:28:0b:33:1d:94:ba:0c:2a:0c:22:72:6d:88:98:
                    63:6f:35:ae:47:b0:75:85:c6:fb:ab:4e:f9:e6:dc:
                    ea:d3:4e:0e:06:91:91:89:a1:3e:77:46:e4:b7:98:
                    28:92:12:6e:40:eb:3b:d8:d2:44:c4:ed:aa:00:76:
                    8e:38:11:37:72:7a:bc:72:a1:31:47:63:ec:a5:b1:
                    f9:b0:7d:54:37:4f:93:97:2a:32:43:fe:fb:60:fe:
                    6c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D6:F6:3C:41:91:A6:CB:D8:5A:DD:A3:8F:83:BE:3E:D6:81:81:45
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Idb2PEGRpsvYWt2jj4O-PtaBgUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:0d:b6:89:4d:bc:c0:0d:fd:f1:e0:99:1a:85:1d:6f:c3:a5:
         fd:99:f6:d8:03:c5:b4:fc:9e:5f:16:a8:25:5f:f7:65:74:41:
         42:34:b3:7f:0d:e7:29:4d:89:2e:c7:46:60:32:16:9f:13:1a:
         4d:29:fa:34:23:db:23:a3:93:3c:08:f5:c5:43:75:16:73:c4:
         84:ef:dc:87:9f:ff:42:07:3d:55:a3:dd:22:6a:a6:1c:67:77:
         ac:25:b2:3f:3f:8d:dc:7e:2b:85:7c:5c:72:52:f8:60:48:df:
         45:00:ea:59:af:ce:0c:33:b4:23:96:90:92:35:5d:fc:4e:b8:
         7e:21:a0:9b:82:c4:8b:27:1f:7f:c4:91:a7:32:6c:01:ed:92:
         ac:ef:60:79:47:0c:21:1d:06:cc:45:8e:be:f3:eb:e6:ef:89:
         60:0c:32:99:62:19:05:43:e8:5e:cc:88:d5:e9:2a:aa:11:d6:
         ac:a1:79:a0:f7:44:b7:10:ec:27:19:b3:81:79:56:a3:5d:0f:
         13:92:6e:ff:2a:f5:ec:73:37:35:a9:e7:32:b0:b0:9e:86:39:
         ed:98:53:08:f2:0e:c5:70:e2:12:36:2a:de:9d:b1:79:10:39:
         6a:c6:eb:93:fe:d1:0c:59:5f:bb:90:30:f3:f9:97:cd:05:ab:
         90:b1:fd:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfzHIVmMM42nlwjlRfUmEG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA2MjIwOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ2ZjYzYzQxOTFhNmNiZDg1YWRkYTM4ZjgzYmUzZWQ2ODE4MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlURvhLVdCmsfWvVu60QF4ivqWUtH
Zfx3MQc89iEHSNvm4LJu5xLYKJqMTINxg3BQQYJqw5ycvcUu4rdOf2XTHVF5e2TF
dshNZcHqGL+vBfv/2hTkVckwTfptU7qqJPMYQDgQ0Ki94TLvJWJFE86CsZlVPSrs
yTGJZeYBxDJXHug9CVS48t85WnErFQ5jM4Byrn8isEaIsJNEId878bRbOdhrG/cv
KAszHZS6DCoMInJtiJhjbzWuR7B1hcb7q0755tzq004OBpGRiaE+d0bkt5gokhJu
QOs72NJExO2qAHaOOBE3cnq8cqExR2PspbH5sH1UN0+TlyoyQ/77YP5sHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCHW9jxBkabL2Frdo4+Dvj7WgYFFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSWRiMlBFR1Jwc3ZZV3Qyamo0Ty1QdGFCZ1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYNtolNvMAN/fHgmRqF
HW/Dpf2Z9tgDxbT8nl8WqCVf92V0QUI0s38N5ylNiS7HRmAyFp8TGk0p+jQj2yOj
kzwI9cVDdRZzxITv3Ief/0IHPVWj3SJqphxnd6wlsj8/jdx+K4V8XHJS+GBI30UA
6lmvzgwztCOWkJI1XfxOuH4hoJuCxIsnH3/EkacybAHtkqzvYHlHDCEdBsxFjr7z
6+bviWAMMpliGQVD6F7MiNXpKqoR1qyheaD3RLcQ7CcZs4F5VqNdDxOSbv8q9exz
NzWp5zKwsJ6GOe2YUwjyDsVw4hI2Kt6dsXkQOWrG65P+0QxZX7uQMPP5l80Fq5Cx
/YM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:51:23 2025 by rpki-client