Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YA1Z1StnPoxJHomNBHxaOw23CV4.roa
File:                     YA1Z1StnPoxJHomNBHxaOw23CV4.roa (raw, json)
Hash identifier:          GTCnPAhpziT4alR33i4hJUcS73o8+c0bMGp67Cec5o4=
Subject key identifier:   60:0D:59:D5:2B:67:3E:8C:49:1E:89:8D:04:7C:5A:3B:0D:B7:09:5E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01872C01D13D5E42EBBA6FA322E2D9B1F8D0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YA1Z1StnPoxJHomNBHxaOw23CV4.roa
Signing time:             Wed 29 Mar 2023 06:15:29 +0000
ROA not before:           Wed 29 Mar 2023 06:15:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2c:01:d1:3d:5e:42:eb:ba:6f:a3:22:e2:d9:b1:f8:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 29 06:15:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=600d59d52b673e8c491e898d047c5a3b0db7095e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2e:77:ce:22:21:85:3b:f1:db:4d:54:e0:e9:
                    c3:74:e8:a5:ed:ad:60:fb:88:a2:3d:ca:ae:23:a0:
                    de:b8:83:53:f7:f6:12:b3:70:2f:64:e3:48:ae:99:
                    1a:6c:33:b6:e9:ea:29:7a:e8:ee:47:ad:a4:a5:6b:
                    6a:b8:54:6e:99:36:e5:17:28:e4:53:60:ec:d9:77:
                    06:90:44:08:c3:75:0e:37:b1:19:0c:2a:d6:63:80:
                    f3:74:ff:e0:56:f7:b0:ff:62:ce:98:61:26:bb:1a:
                    59:52:64:fd:fa:7e:90:d1:2c:2d:02:1e:62:67:a2:
                    c3:3c:cb:ff:2f:2e:eb:ea:c9:4a:65:e4:e1:2e:a9:
                    40:d9:6d:83:8f:79:6d:9c:ec:7a:64:bc:8f:d0:73:
                    26:31:d1:3b:2a:76:f2:c5:2c:d9:38:39:69:0f:59:
                    60:86:90:a4:f3:d6:8f:4e:1a:e5:64:9e:ad:f0:8b:
                    66:2e:1b:c8:64:ea:b3:e1:18:8b:5f:4a:4b:84:c6:
                    bb:8f:37:e9:fc:6d:cc:ac:82:0f:c2:60:1c:b7:be:
                    65:86:ac:11:63:09:6b:b7:c2:23:56:6e:31:5c:0c:
                    44:b4:e5:35:b7:31:56:35:4b:ef:93:31:2f:6d:33:
                    aa:30:7a:1b:1c:b7:f5:f5:c1:39:54:04:04:2d:cd:
                    de:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:0D:59:D5:2B:67:3E:8C:49:1E:89:8D:04:7C:5A:3B:0D:B7:09:5E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YA1Z1StnPoxJHomNBHxaOw23CV4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:91:06:63:94:c7:68:8f:5b:7a:36:0a:ae:64:bb:c1:ee:e1:
         37:9c:ba:61:99:f1:89:6a:bd:37:15:c3:1a:25:8b:f8:98:d4:
         9e:d8:0c:d7:00:d9:45:87:e0:52:c7:77:06:7d:d1:aa:c4:7e:
         37:d7:da:21:dd:22:d9:98:ae:59:89:c4:e4:3a:71:1c:4a:7a:
         77:33:49:92:86:5e:4e:a6:e5:0c:3d:b2:45:17:13:ee:5c:3b:
         e3:f0:6f:9e:8a:7f:15:10:ab:50:9c:c4:a6:0b:ea:8f:68:38:
         c6:f7:7f:2e:8c:a3:3a:16:e0:c7:36:5a:a3:72:bf:94:a6:e8:
         5e:0b:86:2b:2a:01:16:e5:54:60:20:1c:c5:21:db:3a:33:9e:
         7a:64:5e:ee:b0:3e:fd:3b:06:96:dc:90:ec:c0:33:c0:70:cc:
         5b:cc:aa:3a:46:9d:3d:0a:1d:24:95:92:0b:b7:e5:e8:42:4e:
         6d:78:8d:b0:af:02:01:1e:94:d3:33:07:52:47:98:c2:f9:0d:
         56:c3:16:b7:20:df:90:7e:eb:a6:a0:0f:4c:e7:45:dc:bc:e4:
         b7:0e:5d:fc:78:cf:55:51:3e:85:99:40:b1:83:57:b1:87:64:
         b3:dd:6f:ef:cc:50:a1:17:2d:84:ca:00:47:f1:6d:d6:7a:65:
         16:49:46:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcsAdE9XkLrum+jIuLZsfjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI5MDYxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBkNTlkNTJiNjczZThjNDkxZTg5OGQwNDdjNWEzYjBkYjcwOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky53ziIhhTvx201U4OnDdOil7a1g
+4iiPcquI6DeuINT9/YSs3AvZONIrpkabDO26eopeujuR62kpWtquFRumTblFyjk
U2Ds2XcGkEQIw3UON7EZDCrWY4DzdP/gVvew/2LOmGEmuxpZUmT9+n6Q0SwtAh5i
Z6LDPMv/Ly7r6slKZeThLqlA2W2Dj3ltnOx6ZLyP0HMmMdE7KnbyxSzZODlpD1lg
hpCk89aPThrlZJ6t8ItmLhvIZOqz4RiLX0pLhMa7jzfp/G3MrIIPwmAct75lhqwR
Ywlrt8IjVm4xXAxEtOU1tzFWNUvvkzEvbTOqMHobHLf19cE5VAQELc3ehwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGANWdUrZz6MSR6JjQR8WjsNtwleMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWUExWjFTdG5Qb3hKSG9tTkJIeGFPdzIzQ1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiRBmOUx2iPW3o2Cq5k
u8Hu4TecumGZ8YlqvTcVwxoli/iY1J7YDNcA2UWH4FLHdwZ90arEfjfX2iHdItmY
rlmJxOQ6cRxKenczSZKGXk6m5Qw9skUXE+5cO+Pwb56KfxUQq1CcxKYL6o9oOMb3
fy6MozoW4Mc2WqNyv5Sm6F4LhisqARblVGAgHMUh2zoznnpkXu6wPv07BpbckOzA
M8BwzFvMqjpGnT0KHSSVkgu35ehCTm14jbCvAgEelNMzB1JHmML5DVbDFrcg35B+
66agD0znRdy85LcOXfx4z1VRPoWZQLGDV7GHZLPdb+/MUKEXLYTKAEfxbdZ6ZRZJ
RtY=
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:27:45 2025 by rpki-client