Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa
File:                     QUXFqVqCCv6bpjHma-R5INnaLdU.roa (raw, json)
Hash identifier:          SmYv5WjjlPoijwlTZnUCxzfaQYXOZ8+CpFWsQpkKNIY=
Subject key identifier:   41:45:C5:A9:5A:82:0A:FE:9B:A6:31:E6:6B:E4:79:20:D9:DA:2D:D5
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01831D3A4F8A898350B5D90027BDD5E48B62
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa
Signing time:             Thu 08 Sep 2022 13:11:44 +0000
ROA not before:           Thu 08 Sep 2022 13:11:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
                          2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
                          2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1d:3a:4f:8a:89:83:50:b5:d9:00:27:bd:d5:e4:8b:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Sep  8 13:11:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4145c5a95a820afe9ba631e66be47920d9da2dd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:3e:a6:2d:2e:6f:8d:0a:12:1d:47:ba:ed:2d:
                    3f:ab:37:28:98:39:ce:25:8c:f6:7b:35:00:5f:77:
                    52:87:b5:2e:85:43:eb:68:8d:87:05:0f:1d:c7:6c:
                    1c:23:15:19:be:e7:83:3f:43:8d:fd:24:cd:6d:d0:
                    fd:54:60:63:3a:a2:f3:41:f7:c6:76:02:fb:67:86:
                    04:b8:d6:21:a4:e9:4e:95:d3:ef:c0:16:b7:e0:d1:
                    44:76:ef:df:46:26:10:f8:00:b9:da:db:ab:43:1d:
                    f4:86:83:1c:70:c1:6f:ee:46:89:79:cb:4d:4b:e1:
                    ab:8f:98:4d:d0:0d:aa:3d:00:74:fc:d4:56:1c:9f:
                    4f:47:a4:a4:01:ed:1b:f3:a9:54:65:35:aa:8d:c9:
                    bb:fe:85:bc:10:a3:4e:f0:ed:db:81:d8:1b:da:00:
                    88:1c:e4:d7:c9:47:7f:97:ff:86:7b:5f:20:7e:36:
                    03:52:7f:39:7a:3f:8e:27:0b:3e:93:9e:1a:f6:d7:
                    8c:cc:e6:6a:e7:d4:14:d1:c3:4b:4b:d6:f7:25:6d:
                    54:65:69:22:11:f8:63:21:31:38:e2:a5:76:b9:7c:
                    c8:0f:ac:9d:2f:c7:52:13:39:ed:5b:79:66:f7:43:
                    31:ac:5d:76:a0:11:be:d5:49:7a:ad:ed:cd:b6:b1:
                    aa:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:45:C5:A9:5A:82:0A:FE:9B:A6:31:E6:6B:E4:79:20:D9:DA:2D:D5
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         b2:2d:e5:c3:f7:eb:76:d1:7c:ad:32:92:6c:ca:aa:6c:82:c8:
         ea:2a:6a:b3:1e:e0:cd:8b:54:ae:15:25:e1:92:d9:dc:a3:fd:
         27:d7:5f:5a:24:d5:08:77:2f:ec:9c:78:e8:ec:47:e8:fb:14:
         79:84:50:92:e0:bc:4c:80:05:e9:68:15:12:4c:b2:bc:d2:ff:
         f4:1c:b5:07:1c:e3:03:cc:e3:d2:50:1c:5a:47:41:69:a2:40:
         e5:c0:e1:28:b5:e5:b5:da:b4:6a:00:db:25:e7:8b:20:71:d3:
         c6:7a:77:f6:b9:f7:17:46:4b:1c:aa:f9:92:74:bb:c6:34:be:
         16:f3:2d:dc:92:3b:1f:39:3a:42:2b:a7:b2:28:e0:12:6f:5a:
         d7:f5:c3:6f:d8:0a:04:d9:cf:1b:12:9e:b5:15:60:84:ac:8c:
         a7:80:70:02:6e:f2:77:d8:67:1c:15:ca:60:ac:d4:9e:ce:09:
         15:53:b1:63:7e:ff:41:5e:cb:6c:50:d7:bb:68:6f:85:a2:5d:
         60:57:43:ef:ad:7f:b4:67:ca:76:e7:3c:36:11:bf:b7:f8:79:
         ef:cc:e9:c7:54:96:4e:65:02:81:b5:38:22:92:41:5f:0c:ee:
         6d:ed:96:89:8c:2b:fe:d4:c6:dd:92:c9:63:da:99:77:98:be:
         cd:c9:a5:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMdOk+KiYNQtdkAJ73V5ItiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA4MTMxMTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ1YzVhOTVhODIwYWZlOWJhNjMxZTY2YmU0NzkyMGQ5ZGEyZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8j6mLS5vjQoSHUe67S0/qzcomDnO
JYz2ezUAX3dSh7UuhUPraI2HBQ8dx2wcIxUZvueDP0ON/STNbdD9VGBjOqLzQffG
dgL7Z4YEuNYhpOlOldPvwBa34NFEdu/fRiYQ+AC52turQx30hoMccMFv7kaJectN
S+Grj5hN0A2qPQB0/NRWHJ9PR6SkAe0b86lUZTWqjcm7/oW8EKNO8O3bgdgb2gCI
HOTXyUd/l/+Ge18gfjYDUn85ej+OJws+k54a9teMzOZq59QU0cNLS9b3JW1UZWki
EfhjITE44qV2uXzID6ydL8dSEzntW3lm90MxrF12oBG+1Ul6re3NtrGqYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEFFxalaggr+m6Yx5mvkeSDZ2i3VMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVVYRnFWcUNDdjZicGpIbWEtUjVJTm5hTGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALIt5cP363bRfK0ykmzK
qmyCyOoqarMe4M2LVK4VJeGS2dyj/SfXX1ok1Qh3L+yceOjsR+j7FHmEUJLgvEyA
BeloFRJMsrzS//QctQcc4wPM49JQHFpHQWmiQOXA4Si15bXatGoA2yXniyBx08Z6
d/a59xdGSxyq+ZJ0u8Y0vhbzLdySOx85OkIrp7Io4BJvWtf1w2/YCgTZzxsSnrUV
YISsjKeAcAJu8nfYZxwVymCs1J7OCRVTsWN+/0Fey2xQ17tob4WiXWBXQ++tf7Rn
ynbnPDYRv7f4ee/M6cdUlk5lAoG1OCKSQV8M7m3tlomMK/7Uxt2SyWPamXeYvs3J
pZ0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:36:21 2025 by rpki-client