Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KakY5bUt8OsvkZJvAMPYRhwkt8Y.roa
File:                     KakY5bUt8OsvkZJvAMPYRhwkt8Y.roa (raw, json)
Hash identifier:          HsH5squM9UrqzEqQl79LsFv8Bu0IQ9gFrTWOYKTgKro=
Subject key identifier:   29:A9:18:E5:B5:2D:F0:EB:2F:91:92:6F:00:C3:D8:46:1C:24:B7:C6
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018A0E537498B65C9018C864CF7051F09EF9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KakY5bUt8OsvkZJvAMPYRhwkt8Y.roa
Signing time:             Sat 19 Aug 2023 15:04:24 +0000
ROA not before:           Sat 19 Aug 2023 15:04:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
                          2001:67c:64:ffff:0:18a:e53:67db/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:0e:53:74:98:b6:5c:90:18:c8:64:cf:70:51:f0:9e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 19 15:04:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29a918e5b52df0eb2f91926f00c3d8461c24b7c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:31:52:a6:90:83:c9:c9:56:2b:f2:5c:0f:e9:
                    f9:b7:ea:3a:39:29:fd:1d:7b:ab:39:46:ae:09:ab:
                    89:b0:10:72:d6:64:2f:75:39:12:96:51:7f:4c:aa:
                    d9:ad:e9:26:84:b2:3b:bf:9e:2f:6c:d8:95:2e:37:
                    28:29:ba:ae:cf:28:f8:c2:99:0e:00:4c:51:a5:f8:
                    4e:6a:d9:83:2b:c7:28:79:2b:50:77:97:fe:cf:19:
                    af:f8:ec:ae:5a:f9:7b:b7:32:28:0c:80:bb:76:fe:
                    69:49:b6:e3:bd:0b:e6:33:db:63:3b:af:cc:53:35:
                    6f:d6:14:7d:57:cc:6a:ac:f9:96:99:ec:a7:e2:c5:
                    8c:92:6a:7d:78:44:7d:35:7e:d8:b0:5b:b9:ed:62:
                    d5:b1:6e:ba:56:8c:aa:46:67:53:01:5d:36:62:94:
                    3b:55:5c:85:b2:bb:54:fa:26:a4:c9:23:16:1e:8b:
                    ff:36:cd:36:5f:e0:7a:2e:d1:8f:2b:46:d3:cb:e3:
                    c2:62:43:38:c8:68:68:af:27:87:4b:ca:9c:42:d4:
                    42:b3:e4:e2:52:d1:5a:17:bd:1e:be:2b:84:11:a4:
                    60:cb:a5:f6:8e:0e:10:9a:5c:34:02:d7:cc:fe:af:
                    67:5f:d0:69:9b:ea:a8:cf:a2:cb:f5:d7:3d:f1:12:
                    39:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:A9:18:E5:B5:2D:F0:EB:2F:91:92:6F:00:C3:D8:46:1C:24:B7:C6
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KakY5bUt8OsvkZJvAMPYRhwkt8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:d5:1f:35:8f:9d:55:58:a0:42:07:14:af:81:92:1c:02:38:
         c7:3c:58:00:b7:34:de:d9:43:73:30:4e:65:e5:2a:9b:85:c2:
         ae:41:90:4f:e3:24:a1:a3:97:a4:29:d2:8e:d5:30:06:4d:26:
         e9:17:13:50:5c:90:ab:50:c3:ba:fc:9e:1c:dc:ea:2b:6a:21:
         dd:f9:c9:d5:84:38:c1:84:01:67:7e:38:6c:72:c1:90:94:31:
         de:e0:9b:45:ad:ce:48:14:99:96:c4:55:bd:eb:ad:bd:87:72:
         e8:05:8e:53:62:66:aa:fe:d1:ed:06:1e:38:46:e1:a9:18:48:
         5e:48:a7:ae:8b:75:5a:fe:15:7d:c6:02:82:e3:e1:10:d9:e3:
         fc:f9:d1:5b:87:9a:31:c7:77:ca:7f:13:5e:20:a0:86:f1:26:
         d6:34:9a:9f:e5:56:26:7e:cb:ad:c8:d3:a9:50:26:36:a6:3e:
         bd:0b:37:b8:3e:ef:ac:2b:4c:55:53:dd:4d:75:f0:ea:98:51:
         0a:80:ce:b8:a6:5d:4f:de:ea:fa:d6:60:ab:39:b1:91:86:76:
         d0:7e:98:76:df:b5:f0:a9:86:b9:41:ec:5b:4f:a3:9e:54:a3:
         72:b1:ff:25:31:3b:0c:a9:7f:aa:ab:f4:a0:13:88:bb:89:dc:
         84:f7:0c:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoOU3SYtlyQGMhkz3BR8J75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MTUwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE5MThlNWI1MmRmMGViMmY5MTkyNmYwMGMzZDg0NjFjMjRiN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDFSppCDyclWK/JcD+n5t+o6OSn9
HXurOUauCauJsBBy1mQvdTkSllF/TKrZrekmhLI7v54vbNiVLjcoKbquzyj4wpkO
AExRpfhOatmDK8coeStQd5f+zxmv+OyuWvl7tzIoDIC7dv5pSbbjvQvmM9tjO6/M
UzVv1hR9V8xqrPmWmeyn4sWMkmp9eER9NX7YsFu57WLVsW66VoyqRmdTAV02YpQ7
VVyFsrtU+iakySMWHov/Ns02X+B6LtGPK0bTy+PCYkM4yGhoryeHS8qcQtRCs+Ti
UtFaF70eviuEEaRgy6X2jg4Qmlw0AtfM/q9nX9Bpm+qoz6LL9dc98RI5ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmpGOW1LfDrL5GSbwDD2EYcJLfGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2FrWTViVXQ4T3N2a1pKdkFNUFlSaHdrdDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDVHzWPnVVYoEIHFK+B
khwCOMc8WAC3NN7ZQ3MwTmXlKpuFwq5BkE/jJKGjl6Qp0o7VMAZNJukXE1BckKtQ
w7r8nhzc6itqId35ydWEOMGEAWd+OGxywZCUMd7gm0WtzkgUmZbEVb3rrb2HcugF
jlNiZqr+0e0GHjhG4akYSF5Ip66LdVr+FX3GAoLj4RDZ4/z50VuHmjHHd8p/E14g
oIbxJtY0mp/lViZ+y63I06lQJjamPr0LN7g+76wrTFVT3U118OqYUQqAzrimXU/e
6vrWYKs5sZGGdtB+mHbftfCphrlB7FtPo55Uo3Kx/yUxOwypf6qr9KATiLuJ3IT3
DEk=
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:38:31 2025 by rpki-client