Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa
File:                     TFXwChx84zE0oGd3kceI28fwIlo.roa (raw, json)
Hash identifier:          ccjMeJtySeE+650PyRvVF0/OEL5yrtj86qZpDSmdG3U=
Subject key identifier:   4C:55:F0:0A:1C:7C:E3:31:34:A0:67:77:91:C7:88:DB:C7:F0:22:5A
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0181F4E8DAA96B8E47CB12ACE2EB71596EEC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa
Signing time:             Wed 13 Jul 2022 00:15:09 +0000
ROA not before:           Wed 13 Jul 2022 00:15:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f4:e8:da:a9:6b:8e:47:cb:12:ac:e2:eb:71:59:6e:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 13 00:15:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c55f00a1c7ce33134a0677791c788dbc7f0225a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:b9:d2:9b:8a:6b:3e:89:ae:c3:d1:c0:ed:ae:
                    27:88:f6:f1:f6:f0:55:e4:db:8f:d3:aa:ba:50:cb:
                    0b:af:e9:e1:6b:ca:f6:7c:8c:46:81:ab:5d:92:22:
                    6d:86:b1:ed:44:7c:65:bb:14:a7:8f:67:4b:d7:b5:
                    9e:ab:7d:4e:d0:2d:86:63:b2:9a:40:cd:32:fa:ee:
                    f1:35:a2:61:5e:59:b5:9d:0a:d1:21:55:92:09:2d:
                    6b:3d:70:29:10:81:35:66:8f:84:c6:48:02:48:0e:
                    68:6e:f1:c4:3c:b0:00:f8:6a:93:2c:0e:a5:22:be:
                    c8:ff:41:da:79:a4:2c:43:d4:43:6d:1b:8b:43:33:
                    8f:b5:00:6e:02:b7:f3:ff:1a:66:9b:21:ea:75:00:
                    55:47:b4:4c:c3:26:6d:09:30:d8:42:a6:d6:c8:ac:
                    ad:c8:4b:ba:8a:61:02:61:93:b9:4c:ed:fe:79:e0:
                    eb:b2:0b:03:e2:97:f6:8e:da:82:e3:30:85:2a:a3:
                    01:4a:ca:66:9a:ff:64:77:10:79:0f:67:7d:b6:44:
                    45:ae:55:fe:a1:9b:f8:d3:1b:76:5e:6f:8b:cd:9d:
                    40:33:22:3c:95:8b:62:73:ea:39:9d:08:07:1f:53:
                    39:99:aa:52:de:90:02:03:dd:23:d1:89:a7:ea:3c:
                    df:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:55:F0:0A:1C:7C:E3:31:34:A0:67:77:91:C7:88:DB:C7:F0:22:5A
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:1d:de:6c:cb:53:ea:69:74:a3:9a:4a:5b:73:2d:ba:63:1a:
         28:9e:23:c4:2c:4b:82:37:95:d0:86:17:4d:8b:ed:fb:75:ac:
         62:0a:bf:11:41:d2:a2:0e:9f:2d:e4:a0:47:67:52:5d:a4:e7:
         a5:f6:97:69:c0:c9:69:8a:e4:54:5f:a0:a5:9c:dc:87:e4:3b:
         59:2e:2f:1d:3c:aa:61:1f:34:bf:88:f3:27:c5:d3:db:ab:8d:
         af:a4:90:1b:8d:3e:a1:61:fd:5a:75:82:48:e9:f5:86:9c:8e:
         41:26:73:0c:17:08:fa:75:2d:50:f8:0c:36:a8:ee:05:e5:e2:
         19:46:16:b0:b7:09:d7:ad:1b:69:a4:c7:fc:db:d8:f9:4f:01:
         8a:b7:58:99:bd:39:ab:ac:ce:35:fa:af:c8:a3:c6:41:15:e8:
         9b:4c:31:dc:80:e8:b1:93:bb:21:16:27:d6:e0:7a:54:56:c5:
         a0:b0:1d:af:7b:eb:a0:f3:8e:5c:57:e3:15:d0:e5:83:b9:9a:
         f0:da:54:e3:54:31:51:6d:7b:71:dd:91:a7:ee:a3:80:9b:04:
         7c:64:17:f2:b9:da:e0:a1:03:27:d3:bf:c3:7c:23:f7:59:a5:
         8b:26:8a:75:61:0d:80:b6:13:5e:e8:cc:a6:d8:bc:b7:ef:b8:
         ff:96:34:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYH06Nqpa45HyxKs4utxWW7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzEzMDAxNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU1ZjAwYTFjN2NlMzMxMzRhMDY3Nzc5MWM3ODhkYmM3ZjAyMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLnSm4prPomuw9HA7a4niPbx9vBV
5NuP06q6UMsLr+nha8r2fIxGgatdkiJthrHtRHxluxSnj2dL17Weq31O0C2GY7Ka
QM0y+u7xNaJhXlm1nQrRIVWSCS1rPXApEIE1Zo+ExkgCSA5obvHEPLAA+GqTLA6l
Ir7I/0HaeaQsQ9RDbRuLQzOPtQBuArfz/xpmmyHqdQBVR7RMwyZtCTDYQqbWyKyt
yEu6imECYZO5TO3+eeDrsgsD4pf2jtqC4zCFKqMBSspmmv9kdxB5D2d9tkRFrlX+
oZv40xt2Xm+LzZ1AMyI8lYtic+o5nQgHH1M5mapS3pACA90j0Ymn6jzf4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFExV8AocfOMxNKBnd5HHiNvH8CJaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVEZYd0NoeDg0ekUwb0dkM2tjZUkyOGZ3SWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJkd3mzLU+ppdKOaSltz
LbpjGiieI8QsS4I3ldCGF02L7ft1rGIKvxFB0qIOny3koEdnUl2k56X2l2nAyWmK
5FRfoKWc3IfkO1kuLx08qmEfNL+I8yfF09urja+kkBuNPqFh/Vp1gkjp9YacjkEm
cwwXCPp1LVD4DDao7gXl4hlGFrC3CdetG2mkx/zb2PlPAYq3WJm9OauszjX6r8ij
xkEV6JtMMdyA6LGTuyEWJ9bgelRWxaCwHa9766DzjlxX4xXQ5YO5mvDaVONUMVFt
e3Hdkafuo4CbBHxkF/K52uChAyfTv8N8I/dZpYsminVhDYC2E17ozKbYvLfvuP+W
NKE=
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:41:41 2025 by rpki-client