Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OMU15OXQHGhgoJTFgKmfnLSMR9Q.roa
File:                     OMU15OXQHGhgoJTFgKmfnLSMR9Q.roa (raw, json)
Hash identifier:          FIlYkoxYcLX6IT3zN69+3kdGQP6Q0kICaX6BDODzErM=
Subject key identifier:   38:C5:35:E4:E5:D0:1C:68:60:A0:94:C5:80:A9:9F:9C:B4:8C:47:D4
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01833056E082A1D3D02F8B2DBD7D44024F25
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OMU15OXQHGhgoJTFgKmfnLSMR9Q.roa
Signing time:             Mon 12 Sep 2022 06:15:43 +0000
ROA not before:           Mon 12 Sep 2022 06:15:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
                          2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
                          2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:30:56:e0:82:a1:d3:d0:2f:8b:2d:bd:7d:44:02:4f:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Sep 12 06:15:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=38c535e4e5d01c6860a094c580a99f9cb48c47d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9c:57:5f:03:21:ed:ec:3d:5f:10:d1:30:73:
                    02:1f:57:aa:5f:4b:6b:0e:7b:ab:1d:75:22:28:53:
                    a8:61:84:6f:4c:2a:e1:71:bc:04:3e:6c:e8:3c:f4:
                    b0:6b:94:06:10:24:a3:3a:17:57:05:41:02:ee:b3:
                    df:1d:99:d2:1d:6b:77:9a:14:a5:df:e3:3b:46:0f:
                    03:9c:c8:9c:25:0d:45:49:77:40:c6:65:3e:1c:ee:
                    31:b1:ba:ee:6f:8c:45:2f:95:12:2c:02:0e:55:d2:
                    b8:7e:66:93:fc:ea:6b:69:5b:f0:64:4c:20:e3:1e:
                    79:ea:7d:33:f8:d4:91:db:7b:4a:16:bf:9b:45:b5:
                    e1:89:75:4f:18:40:48:58:b9:c0:f0:a1:44:32:1a:
                    4a:04:11:0e:4f:96:a6:cd:4a:9f:cf:0b:98:ad:24:
                    77:03:49:9f:77:dd:8b:4e:65:ef:dc:9e:57:d1:7a:
                    fa:84:1f:eb:2e:33:22:f1:ca:39:a1:68:d3:55:c7:
                    56:7b:c6:f1:c7:5b:e5:92:d7:1c:47:86:c4:11:fa:
                    73:1b:fa:35:55:f3:ff:a9:4c:08:b8:60:4a:80:e9:
                    84:e5:f1:c1:33:43:cb:89:1c:83:4f:56:f1:8c:de:
                    7a:db:75:2f:98:8c:49:42:aa:84:7a:f8:63:36:e6:
                    16:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:C5:35:E4:E5:D0:1C:68:60:A0:94:C5:80:A9:9F:9C:B4:8C:47:D4
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OMU15OXQHGhgoJTFgKmfnLSMR9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:f4:ce:c8:3e:c5:a8:5b:dd:86:93:80:59:91:67:27:2d:2c:
         b1:ac:15:8e:82:08:85:34:c0:86:27:5e:cf:11:f0:5d:c0:43:
         22:2c:fc:65:2c:ec:d5:0f:66:2c:05:37:74:c5:a8:f5:b1:0a:
         ac:92:96:35:e5:53:b2:a6:d2:fd:68:d6:6b:b4:df:99:b2:60:
         10:ba:9d:42:98:99:05:87:8c:2b:cf:69:0d:bd:36:32:46:90:
         14:e8:b2:85:2c:af:a4:e6:9e:f7:44:e3:84:6a:68:bf:f2:de:
         78:b6:0a:a0:f0:33:cf:5b:d9:c7:b8:8c:48:14:af:2c:88:2d:
         92:1e:a7:37:f7:18:70:3f:7f:c4:3e:b8:38:47:0c:ee:1f:08:
         9d:b3:6e:1d:af:3c:23:56:f7:3d:b3:34:6f:95:09:eb:9c:ad:
         f2:cd:a4:3e:cd:96:a4:a3:b2:f1:14:5a:6b:11:ec:72:9a:b3:
         5a:ad:c2:a9:71:31:bd:63:2b:4f:f6:4b:18:d9:8f:f0:ec:17:
         2c:01:22:b3:df:b7:cb:62:92:88:ab:9f:84:87:93:22:9d:0e:
         54:93:ba:5d:75:90:bd:cd:d8:9b:6c:cf:5e:14:a3:11:31:32:
         35:17:2f:aa:f6:31:4d:31:10:d0:0a:8c:40:71:b1:5c:54:8e:
         7e:82:b8:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMwVuCCodPQL4stvX1EAk8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTEyMDYxNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM1MzVlNGU1ZDAxYzY4NjBhMDk0YzU4MGE5OWY5Y2I0OGM0N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpxXXwMh7ew9XxDRMHMCH1eqX0tr
DnurHXUiKFOoYYRvTCrhcbwEPmzoPPSwa5QGECSjOhdXBUEC7rPfHZnSHWt3mhSl
3+M7Rg8DnMicJQ1FSXdAxmU+HO4xsbrub4xFL5USLAIOVdK4fmaT/OpraVvwZEwg
4x556n0z+NSR23tKFr+bRbXhiXVPGEBIWLnA8KFEMhpKBBEOT5amzUqfzwuYrSR3
A0mfd92LTmXv3J5X0Xr6hB/rLjMi8co5oWjTVcdWe8bxx1vlktccR4bEEfpzG/o1
VfP/qUwIuGBKgOmE5fHBM0PLiRyDT1bxjN5623UvmIxJQqqEevhjNuYWxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjFNeTl0BxoYKCUxYCpn5y0jEfUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT01VMTVPWFFIR2hnb0pURmdLbWZuTFNNUjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHD0zsg+xahb3YaTgFmR
ZyctLLGsFY6CCIU0wIYnXs8R8F3AQyIs/GUs7NUPZiwFN3TFqPWxCqySljXlU7Km
0v1o1mu035myYBC6nUKYmQWHjCvPaQ29NjJGkBTosoUsr6TmnvdE44RqaL/y3ni2
CqDwM89b2ce4jEgUryyILZIepzf3GHA/f8Q+uDhHDO4fCJ2zbh2vPCNW9z2zNG+V
CeucrfLNpD7NlqSjsvEUWmsR7HKas1qtwqlxMb1jK0/2SxjZj/DsFywBIrPft8ti
koirn4SHkyKdDlSTul11kL3N2Jtsz14UoxExMjUXL6r2MU0xENAKjEBxsVxUjn6C
uDs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:53:40 2025 by rpki-client