Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TWU0mEwGoik_B3GhdIpMcfbkwWM.roa
File:                     TWU0mEwGoik_B3GhdIpMcfbkwWM.roa (raw, json)
Hash identifier:          gMEsxstDKUBeFYDusnnjXwkOj5+y650osgn7EVyGxiw=
Subject key identifier:   4D:65:34:98:4C:06:A2:29:3F:07:71:A1:74:8A:4C:71:F6:E4:C1:63
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189ED86C07F71AC03E0EC2CA854D3330791
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TWU0mEwGoik_B3GhdIpMcfbkwWM.roa
Signing time:             Sun 13 Aug 2023 06:12:58 +0000
ROA not before:           Sun 13 Aug 2023 06:12:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ed:86:c0:7f:71:ac:03:e0:ec:2c:a8:54:d3:33:07:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 13 06:12:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d6534984c06a2293f0771a1748a4c71f6e4c163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6c:7b:24:cb:b1:84:3a:bf:81:34:b8:6b:21:
                    24:21:c2:1e:80:59:8f:85:4e:f6:39:93:43:c4:b1:
                    46:91:0e:2d:a7:bf:f8:95:c1:62:e0:c9:04:ce:b9:
                    97:b8:26:5f:ba:c2:81:fa:d7:30:e6:56:fd:e7:82:
                    92:89:e8:b8:94:31:49:fa:57:d5:6d:9e:5d:ce:d7:
                    45:a3:92:90:da:d1:c7:ec:32:90:df:e8:ca:55:fd:
                    a5:c6:32:48:0e:36:55:ed:a9:6a:54:a4:a0:cc:ab:
                    5f:99:65:9c:bf:7b:da:c6:a4:5f:43:fa:1c:11:c5:
                    71:71:0f:7b:4d:94:7e:26:35:9b:b6:45:93:bd:1d:
                    8a:58:7c:7a:af:75:a3:66:aa:0f:92:8f:27:11:39:
                    a7:53:07:62:6c:56:89:ae:18:de:a6:3b:ec:9a:ac:
                    b5:0a:57:ee:83:79:6f:eb:a4:57:7a:28:3d:86:c7:
                    b9:30:b6:04:76:46:60:7d:81:66:54:c6:c0:2a:d2:
                    5d:72:88:3f:62:09:20:9e:a4:9f:da:59:f6:1f:ca:
                    90:25:cd:23:8e:59:d7:2e:4d:54:91:dc:fb:e4:fa:
                    8e:2d:47:93:c9:63:70:7f:4a:51:39:ac:39:6d:43:
                    30:f1:8d:f7:6e:4a:8d:47:88:7e:b4:a5:64:91:1e:
                    10:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:65:34:98:4C:06:A2:29:3F:07:71:A1:74:8A:4C:71:F6:E4:C1:63
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TWU0mEwGoik_B3GhdIpMcfbkwWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:39:86:93:6c:50:72:60:ac:2f:7c:c9:87:84:19:2b:63:f0:
         08:5f:ac:43:c0:ac:92:3a:f8:be:53:17:9f:b1:9a:eb:2f:fd:
         0e:d4:6d:b1:1e:b0:83:76:41:2e:65:f9:f9:0e:0f:24:d1:cc:
         8a:d3:8d:27:85:0c:7d:f6:34:c6:6e:85:89:40:16:f3:f8:e4:
         d9:c7:1f:8f:51:a6:d5:f7:ab:03:9c:33:37:76:b2:16:c6:1c:
         6a:07:b6:b8:4e:83:f4:72:63:dd:a5:6a:27:d8:eb:34:2a:af:
         46:3c:6e:0d:22:fc:ea:9f:ea:49:64:a7:45:c5:1d:9b:4c:f7:
         c8:02:3c:57:16:9b:1e:c5:6f:13:12:1b:e5:60:fe:c4:09:6f:
         d7:67:f6:2d:01:29:b4:12:81:d6:95:15:e6:31:50:d7:dd:b1:
         c1:da:fd:7e:b3:20:51:38:b4:bd:b2:fe:69:69:18:7a:db:ac:
         5c:75:72:9a:a0:9e:78:7a:d5:13:14:4c:c6:3c:06:02:07:35:
         c9:31:79:49:93:25:2d:7c:18:6f:92:7f:90:09:4f:e9:07:d1:
         c3:0f:43:53:08:93:c8:1f:6f:96:dd:bd:7f:12:ce:72:93:6c:
         c6:8d:bb:91:6b:fb:a8:85:85:78:8c:03:3b:cb:5d:2d:17:8a:
         d0:65:e4:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnthsB/cawD4OwsqFTTMweRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMDYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY1MzQ5ODRjMDZhMjI5M2YwNzcxYTE3NDhhNGM3MWY2ZTRjMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2x7JMuxhDq/gTS4ayEkIcIegFmP
hU72OZNDxLFGkQ4tp7/4lcFi4MkEzrmXuCZfusKB+tcw5lb954KSiei4lDFJ+lfV
bZ5dztdFo5KQ2tHH7DKQ3+jKVf2lxjJIDjZV7alqVKSgzKtfmWWcv3vaxqRfQ/oc
EcVxcQ97TZR+JjWbtkWTvR2KWHx6r3WjZqoPko8nETmnUwdibFaJrhjepjvsmqy1
Clfug3lv66RXeig9hse5MLYEdkZgfYFmVMbAKtJdcog/YgkgnqSf2ln2H8qQJc0j
jlnXLk1Ukdz75PqOLUeTyWNwf0pROaw5bUMw8Y33bkqNR4h+tKVkkR4Q1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1lNJhMBqIpPwdxoXSKTHH25MFjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVFdVMG1Fd0dvaWtfQjNHaGRJcE1jZmJrd1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEU5hpNsUHJgrC98yYeE
GStj8AhfrEPArJI6+L5TF5+xmusv/Q7UbbEesIN2QS5l+fkODyTRzIrTjSeFDH32
NMZuhYlAFvP45NnHH49RptX3qwOcMzd2shbGHGoHtrhOg/RyY92laifY6zQqr0Y8
bg0i/Oqf6klkp0XFHZtM98gCPFcWmx7FbxMSG+Vg/sQJb9dn9i0BKbQSgdaVFeYx
UNfdscHa/X6zIFE4tL2y/mlpGHrbrFx1cpqgnnh61RMUTMY8BgIHNckxeUmTJS18
GG+Sf5AJT+kH0cMPQ1MIk8gfb5bdvX8SznKTbMaNu5Fr+6iFhXiMAzvLXS0XitBl
5DE=
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:18:21 2025 by rpki-client