Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UeKxS6qEJgunTqbeLuDk9hzTaeE.roa
File:                     UeKxS6qEJgunTqbeLuDk9hzTaeE.roa (raw, json)
Hash identifier:          LLX27p3D5bkRiS0O8fs63vUOmAx8beYzgGMsqv2Alnk=
Subject key identifier:   51:E2:B1:4B:AA:84:26:0B:A7:4E:A6:DE:2E:E0:E4:F6:1C:D3:69:E1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01856E18915783FA564DAFAEBA97FE48D1B2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UeKxS6qEJgunTqbeLuDk9hzTaeE.roa
Signing time:             Sun 01 Jan 2023 16:09:41 +0000
ROA not before:           Sun 01 Jan 2023 16:09:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:18:91:57:83:fa:56:4d:af:ae:ba:97:fe:48:d1:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jan  1 16:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51e2b14baa84260ba74ea6de2ee0e4f61cd369e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:74:93:09:e4:d6:d7:c1:f8:a0:38:bf:5f:6b:
                    de:89:76:a7:2f:fc:ff:3f:32:ba:82:fa:b9:c4:7c:
                    ec:c8:e1:b5:e0:60:60:56:2f:66:52:13:6a:e4:3b:
                    f5:36:64:3b:bf:a6:cd:0f:e0:0c:8f:3d:15:66:3c:
                    c1:f5:21:4f:ca:5d:57:03:59:1d:bb:53:12:58:98:
                    06:d7:76:03:ee:98:ce:da:e3:d7:20:3d:eb:11:e1:
                    7b:75:ee:b1:70:25:21:f0:59:5c:cd:ef:55:a4:50:
                    b4:f6:73:a4:39:e8:48:98:7a:a5:25:58:7f:f9:61:
                    e1:ff:a4:22:ed:3c:e2:8e:e8:5b:cf:f4:3a:a4:aa:
                    6f:7c:b5:8d:66:19:f9:ad:56:af:02:3a:a5:e2:7d:
                    2e:94:82:b3:cd:70:21:d3:2d:0a:b3:74:a6:37:78:
                    93:2e:00:3a:e2:fa:ae:2e:9e:2d:0e:ad:e8:5b:82:
                    2b:a7:5f:fc:a7:57:20:0f:8e:6d:a8:07:b0:d4:47:
                    d7:10:86:6a:67:15:62:de:e0:cd:bc:90:fc:6a:76:
                    a1:72:f8:c0:d2:56:15:79:d3:87:fb:3d:9a:77:9a:
                    9e:5c:74:8f:2b:ac:b8:8c:86:5d:76:21:97:73:4d:
                    b4:b8:08:20:6e:45:86:7d:f7:b0:99:70:7b:30:cf:
                    f1:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E2:B1:4B:AA:84:26:0B:A7:4E:A6:DE:2E:E0:E4:F6:1C:D3:69:E1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UeKxS6qEJgunTqbeLuDk9hzTaeE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:c3:82:82:0c:ec:de:71:44:e1:f8:45:24:e2:56:38:5c:ed:
         70:f5:37:36:e4:50:b5:84:3f:9d:b2:e6:9c:90:f9:ad:5e:93:
         e0:95:49:bd:c6:d7:e5:a1:c0:87:d7:fe:38:8c:71:fb:ff:57:
         96:a6:06:e1:8f:9d:5a:be:61:e6:71:28:b4:0f:2b:86:d9:c0:
         7f:d1:7b:73:b8:73:de:cb:63:2b:88:b0:0d:00:2d:da:c6:01:
         d1:a3:44:ad:a3:56:2b:f1:eb:8a:b7:82:c5:e4:51:a7:a8:d8:
         68:e7:a1:1e:43:4d:b2:f0:92:f2:e6:fe:95:33:ae:50:41:c6:
         02:83:36:dd:e5:54:5f:0a:39:a6:2c:7d:69:40:1c:ca:80:12:
         93:48:b9:f0:6e:a4:08:5b:1e:d3:de:33:99:9b:42:78:e2:19:
         e6:dd:a8:44:80:9b:5a:7a:42:a6:74:60:d1:56:2f:08:29:ab:
         3b:b3:34:d4:95:ab:ce:6e:af:a5:c5:d4:01:ef:84:d6:cf:1c:
         d0:92:fb:1e:e5:f8:97:b5:8b:2c:b5:bc:c3:42:f2:19:b1:fb:
         81:91:5d:56:cd:b9:ef:db:52:6a:1d:bb:e7:2e:ff:97:18:e9:
         eb:b7:0b:62:e2:8b:d6:d9:10:16:9c:f2:07:2a:56:c7:d9:81:
         75:b8:c9:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuGJFXg/pWTa+uupf+SNGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTYwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUyYjE0YmFhODQyNjBiYTc0ZWE2ZGUyZWUwZTRmNjFjZDM2OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HSTCeTW18H4oDi/X2veiXanL/z/
PzK6gvq5xHzsyOG14GBgVi9mUhNq5Dv1NmQ7v6bND+AMjz0VZjzB9SFPyl1XA1kd
u1MSWJgG13YD7pjO2uPXID3rEeF7de6xcCUh8Flcze9VpFC09nOkOehImHqlJVh/
+WHh/6Qi7Tzijuhbz/Q6pKpvfLWNZhn5rVavAjql4n0ulIKzzXAh0y0Ks3SmN3iT
LgA64vquLp4tDq3oW4Irp1/8p1cgD45tqAew1EfXEIZqZxVi3uDNvJD8anahcvjA
0lYVedOH+z2ad5qeXHSPK6y4jIZddiGXc020uAggbkWGffewmXB7MM/x7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFHisUuqhCYLp06m3i7g5PYc02nhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWVLeFM2cUVKZ3VuVHFiZUx1RGs5aHpUYWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB/DgoIM7N5xROH4RSTi
Vjhc7XD1NzbkULWEP52y5pyQ+a1ek+CVSb3G1+WhwIfX/jiMcfv/V5amBuGPnVq+
YeZxKLQPK4bZwH/Re3O4c97LYyuIsA0ALdrGAdGjRK2jVivx64q3gsXkUaeo2Gjn
oR5DTbLwkvLm/pUzrlBBxgKDNt3lVF8KOaYsfWlAHMqAEpNIufBupAhbHtPeM5mb
QnjiGebdqESAm1p6QqZ0YNFWLwgpqzuzNNSVq85ur6XF1AHvhNbPHNCS+x7l+Je1
iyy1vMNC8hmx+4GRXVbNue/bUmodu+cu/5cY6eu3C2Lii9bZEBac8gcqVsfZgXW4
yfQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:48:12 2025 by rpki-client