Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa
File:                     XCgUR_pthgUc4ObRjT0OclxZo_w.roa (raw, json)
Hash identifier:          lxqE0dBEV+TUH064IagccmFA95+7H1Ragn9xoxTeFY4=
Subject key identifier:   5C:28:14:47:FA:6D:86:05:1C:E0:E6:D1:8D:3D:0E:72:5C:59:A3:FC
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       85AC5503
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa
Signing time:             Fri 20 May 2022 07:12:28 +0000
ROA not before:           Fri 20 May 2022 07:12:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
                          2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
                          2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
                          2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2242663683 (0x85ac5503)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 20 07:12:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c281447fa6d86051ce0e6d18d3d0e725c59a3fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2d:a2:d4:37:39:8a:21:12:ff:35:0b:fd:21:
                    70:9e:88:05:2f:70:b3:22:73:27:47:22:b2:1c:7f:
                    cc:ea:9c:7f:4f:5a:5e:29:b2:59:37:9b:2f:1f:c8:
                    07:bb:6c:59:b0:fd:c0:3b:e7:b5:9e:db:5d:d7:83:
                    ea:f9:74:f3:a2:e5:67:77:fe:3a:30:db:1e:bc:a9:
                    e7:6f:29:d2:e8:97:a7:f9:2a:09:7a:5b:dc:81:55:
                    d8:ad:07:ea:71:ee:1f:ef:2c:d1:e5:03:4a:a9:c8:
                    90:6c:07:7d:4a:2a:45:f3:19:bb:fe:c3:f0:f2:35:
                    d0:71:5d:98:bb:1d:51:8c:bd:9d:99:7d:77:79:e4:
                    f7:43:b4:ef:15:e6:69:05:2b:b3:07:c9:df:42:6a:
                    77:ca:1a:05:d5:47:17:fd:5c:6a:dd:ab:ce:21:a7:
                    60:ff:fc:5a:27:c0:c6:2e:d3:6d:80:82:7f:fb:5f:
                    00:95:81:48:26:c4:f1:65:1f:f1:70:5d:54:9b:ec:
                    17:1e:47:06:e9:78:8a:07:35:15:2f:38:87:04:7b:
                    2a:4e:5e:57:8f:c9:2b:cc:67:d4:1a:5c:fb:a1:28:
                    80:51:74:c8:fc:33:09:4e:ea:a6:12:e1:a7:d0:77:
                    ff:38:f9:07:1e:22:3d:5a:61:a9:14:a9:03:ab:e3:
                    a0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:28:14:47:FA:6D:86:05:1C:E0:E6:D1:8D:3D:0E:72:5C:59:A3:FC
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:a0:b1:75:52:96:ec:a6:4c:16:4e:2c:09:d0:a1:f3:f2:30:
         d5:4c:c2:37:19:48:c2:fa:38:4d:1b:1d:92:5e:ea:56:80:21:
         9d:0c:1f:88:37:c1:b9:14:0a:f4:e5:f9:03:93:db:08:ef:6e:
         50:3a:52:e6:28:c3:ab:3e:08:39:97:71:6f:3d:d9:ec:b3:be:
         04:dc:ae:f5:d4:9f:41:bb:04:ba:47:40:ab:df:c3:85:73:76:
         44:16:8e:fd:01:81:76:ca:4b:e9:b4:a2:be:48:5c:48:84:06:
         38:c1:91:43:8e:e1:e9:f9:3e:04:ae:5a:5a:e6:74:a9:e2:0d:
         fb:f5:c1:70:d9:4b:2f:25:1a:68:d8:d2:4f:cd:52:fb:cf:93:
         97:5a:77:6a:33:57:66:d5:af:54:06:8c:74:e8:59:d2:7d:c5:
         e8:ce:ed:39:4e:f1:47:35:30:1c:b8:3b:12:a9:b7:bb:b8:2d:
         7d:d3:de:7e:d5:9a:0d:bd:43:14:dd:95:d2:5d:98:10:0e:e5:
         47:85:aa:a0:71:e0:9f:96:75:d1:5d:e0:e0:ae:76:18:91:09:
         42:75:73:12:e1:ac:68:0c:94:43:1d:bf:64:4c:75:dd:aa:da:
         57:7e:dc:ba:e0:03:48:05:10:74:23:5d:b2:35:cd:03:ef:48:
         c2:ab:bd:35
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIWsVQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjAwNzEyMjhaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVjMjgxNDQ3ZmE2
ZDg2MDUxY2UwZTZkMThkM2QwZTcyNWM1OWEzZmMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGLaLUNzmKIRL/NQv9IXCeiAUvcLMicydHIrIcf8zqnH9P
Wl4pslk3my8fyAe7bFmw/cA757We213Xg+r5dPOi5Wd3/jow2x68qedvKdLol6f5
Kgl6W9yBVditB+px7h/vLNHlA0qpyJBsB31KKkXzGbv+w/DyNdBxXZi7HVGMvZ2Z
fXd55PdDtO8V5mkFK7MHyd9CanfKGgXVRxf9XGrdq84hp2D//FonwMYu022Agn/7
XwCVgUgmxPFlH/FwXVSb7BceRwbpeIoHNRUvOIcEeypOXlePySvMZ9QaXPuhKIBR
dMj8MwlO6qYS4afQd/84+QceIj1aYakUqQOr46BfAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUXCgUR/pthgUc4ObRjT0OclxZo/wwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9YQ2dVUl9wdGhnVWM0T2JSalQwT2NseFpvX3cucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAZKCxdVKW7KZMFk4sCdCh8/Iw1UzCNxlIwvo4
TRsdkl7qVoAhnQwfiDfBuRQK9OX5A5PbCO9uUDpS5ijDqz4IOZdxbz3Z7LO+BNyu
9dSfQbsEukdAq9/DhXN2RBaO/QGBdspL6bSivkhcSIQGOMGRQ47h6fk+BK5aWuZ0
qeIN+/XBcNlLLyUaaNjST81S+8+Tl1p3ajNXZtWvVAaMdOhZ0n3F6M7tOU7xRzUw
HLg7Eqm3u7gtfdPeftWaDb1DFN2V0l2YEA7lR4WqoHHgn5Z10V3g4K52GJEJQnVz
EuGsaAyUQx2/ZEx13araV37cuuADSAUQdCNdsjXNA+9Iwqu9NQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:20:56 2025 by rpki-client