Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa
File:                     N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa (raw, json)
Hash identifier:          zFx4ejQe/C6JU2TpyXzEiU7Udiv4kF5TXi0pxpgGyEM=
Subject key identifier:   37:EA:8E:C2:A4:CF:0C:17:55:F3:C7:AA:F5:48:A2:15:70:96:77:14
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01878351B114BF3D72E8C7B798ECB2A46F3C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa
Signing time:             Sat 15 Apr 2023 05:09:41 +0000
ROA not before:           Sat 15 Apr 2023 05:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:83:51:b1:14:bf:3d:72:e8:c7:b7:98:ec:b2:a4:6f:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 15 05:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37ea8ec2a4cf0c1755f3c7aaf548a21570967714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c8:ae:2c:c2:93:29:82:5c:3a:0c:35:50:0f:
                    3e:79:08:93:4a:0d:87:21:8a:13:95:6c:33:c9:17:
                    2a:b4:e3:c5:b7:7a:9b:c1:43:30:1b:55:cd:fe:e4:
                    09:4c:61:cb:77:b0:3e:4f:13:66:af:73:ad:be:b3:
                    fa:d3:11:3b:f1:ca:bf:fc:3c:f4:bc:10:69:f2:89:
                    50:75:d5:1b:9a:73:ad:35:7d:a7:93:7b:6d:7b:2a:
                    88:a2:83:d1:f3:67:51:a4:ba:4c:e5:45:9e:f8:92:
                    2e:9b:c9:0d:6f:97:0b:66:bf:74:f3:36:b8:7c:8a:
                    7d:87:13:28:3c:5b:ab:cc:cf:17:92:0d:e8:17:52:
                    7e:de:3c:c0:3f:37:80:e9:96:a8:1c:20:00:fe:6c:
                    22:00:ee:78:94:cc:de:ba:29:2b:b8:23:a8:2d:a7:
                    ce:b4:09:c2:3c:9a:83:c1:75:b0:2b:5e:5c:ff:e4:
                    93:ba:b7:c6:f8:14:0f:33:5d:5e:35:ea:cf:93:6f:
                    33:32:1c:7e:48:fa:22:e0:c9:6b:e9:d2:68:55:4d:
                    16:3b:88:0d:6d:d8:6e:93:7b:08:ab:ec:33:c7:89:
                    d8:14:da:bd:f8:42:bf:41:4c:cc:20:bd:dc:05:ed:
                    69:42:4f:72:13:59:56:ab:4f:50:82:fe:43:2c:5b:
                    e9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:EA:8E:C2:A4:CF:0C:17:55:F3:C7:AA:F5:48:A2:15:70:96:77:14
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:b7:67:ed:24:8c:70:8d:25:7e:5c:8b:01:04:30:43:ab:e3:
         b2:2b:aa:f4:ac:40:3c:b0:50:8f:91:ab:c2:a3:d1:5d:c8:df:
         0b:1d:3f:8c:0e:2c:26:93:1b:b5:7a:9b:4f:df:2e:be:42:d5:
         d2:9f:e3:dd:0f:d8:86:29:5b:54:b4:04:2c:cf:e9:26:5a:e7:
         ef:12:ea:57:ec:5e:ba:f7:86:c4:86:9a:5a:fb:75:bf:42:1f:
         71:68:a7:0c:92:59:d3:ca:42:00:ed:c4:9f:33:ef:aa:f7:e3:
         53:56:e7:6c:0c:47:d7:48:e6:50:06:06:73:83:46:ae:8a:93:
         c0:07:af:8d:5e:49:b2:a6:00:85:1f:a6:e9:ae:b7:45:b3:d5:
         f4:17:18:30:02:35:5f:8a:ae:ec:0a:32:c5:3a:6d:65:33:a6:
         ad:45:29:24:a2:ea:8d:6b:1f:08:84:0a:bf:fc:d9:80:70:4f:
         50:4b:a2:6b:e4:70:e2:16:f7:de:84:52:b3:d0:a3:69:02:e5:
         a2:c7:98:f8:70:90:ae:f3:14:2c:25:0d:8a:cb:ce:33:91:67:
         4f:c7:d2:e6:99:b0:7c:4c:53:b5:f7:72:54:1e:e0:b4:38:18:
         a7:47:e4:37:1c:5c:c2:cd:18:a3:4e:34:f7:15:c1:7e:12:4b:
         5d:2c:0e:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeDUbEUvz1y6Me3mOyypG88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE1MDUwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2VhOGVjMmE0Y2YwYzE3NTVmM2M3YWFmNTQ4YTIxNTcwOTY3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlciuLMKTKYJcOgw1UA8+eQiTSg2H
IYoTlWwzyRcqtOPFt3qbwUMwG1XN/uQJTGHLd7A+TxNmr3OtvrP60xE78cq//Dz0
vBBp8olQddUbmnOtNX2nk3tteyqIooPR82dRpLpM5UWe+JIum8kNb5cLZr908za4
fIp9hxMoPFurzM8Xkg3oF1J+3jzAPzeA6ZaoHCAA/mwiAO54lMzeuikruCOoLafO
tAnCPJqDwXWwK15c/+STurfG+BQPM11eNerPk28zMhx+SPoi4Mlr6dJoVU0WO4gN
bdhuk3sIq+wzx4nYFNq9+EK/QUzMIL3cBe1pQk9yE1lWq09Qgv5DLFvpnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDfqjsKkzwwXVfPHqvVIohVwlncUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTi1xT3dxVFBEQmRWODhlcTlVaWlGWENXZHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHe3Z+0kjHCNJX5ciwEE
MEOr47IrqvSsQDywUI+Rq8Kj0V3I3wsdP4wOLCaTG7V6m0/fLr5C1dKf490P2IYp
W1S0BCzP6SZa5+8S6lfsXrr3hsSGmlr7db9CH3FopwySWdPKQgDtxJ8z76r341NW
52wMR9dI5lAGBnODRq6Kk8AHr41eSbKmAIUfpumut0Wz1fQXGDACNV+KruwKMsU6
bWUzpq1FKSSi6o1rHwiECr/82YBwT1BLomvkcOIW996EUrPQo2kC5aLHmPhwkK7z
FCwlDYrLzjORZ0/H0uaZsHxMU7X3clQe4LQ4GKdH5DccXMLNGKNONPcVwX4SS10s
DmI=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:03:01 2025 by rpki-client