Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa
File:                     aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa (raw, json)
Hash identifier:          x3feyKkf7tNEkymPc1bIxDe/rBKT2lXLC5qnZY1Iwuw=
Subject key identifier:   69:08:7B:B1:5D:76:76:09:87:07:C0:69:F0:56:42:37:43:44:B0:8F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0182BA11FB27B63636CD4C832ABD52C808F3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa
Signing time:             Sat 20 Aug 2022 07:05:16 +0000
ROA not before:           Sat 20 Aug 2022 07:05:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:182:ba11:3e9f/128 maxlen: 128
                          2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
                          2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ba:11:fb:27:b6:36:36:cd:4c:83:2a:bd:52:c8:08:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 20 07:05:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69087bb15d7676098707c069f05642374344b08f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:4d:ca:12:10:8c:f4:4c:d7:8c:d4:ed:64:18:
                    7c:dd:52:51:a6:50:3b:f6:ba:30:54:b2:ff:57:ee:
                    db:02:57:67:cf:e8:7e:3e:5b:70:8a:1a:f1:02:18:
                    a1:70:5d:fd:b3:52:3e:75:ab:76:b5:67:87:8f:cd:
                    ed:d2:b7:bd:07:18:36:75:a7:20:24:32:c2:0f:c4:
                    b2:d1:0c:73:2a:95:eb:0c:e1:13:ef:21:bc:82:43:
                    3a:8b:b5:21:43:97:1b:78:f9:70:3b:85:b2:e6:69:
                    0a:bf:68:dd:f5:05:46:33:29:cb:cc:89:2d:c2:9e:
                    c7:a1:8e:f2:06:92:e0:44:c4:df:e7:d1:dd:3d:59:
                    69:9a:23:80:7e:bc:0b:19:a6:ec:7e:ed:cf:ac:d1:
                    da:52:cc:f0:83:8d:a6:ce:ad:e9:68:05:a5:60:62:
                    e7:06:4c:3a:74:cb:9a:12:28:b6:71:f2:11:09:d6:
                    f4:94:0a:1a:af:58:f7:0f:c7:fa:4b:22:88:a5:68:
                    f9:26:be:e6:65:f9:0e:95:79:c1:8c:cb:24:a7:42:
                    98:67:11:68:f6:fd:34:24:17:f9:84:f5:e8:2f:27:
                    89:2e:a1:7f:df:c3:8e:28:08:78:6f:7c:57:32:f7:
                    78:ea:0c:7e:20:1d:c3:36:ec:b0:a1:c2:43:dc:b9:
                    51:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:08:7B:B1:5D:76:76:09:87:07:C0:69:F0:56:42:37:43:44:B0:8F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:3c:b9:4d:e7:94:08:72:32:66:6d:2c:93:a4:3c:63:c1:69:
         25:4a:2a:89:ab:9e:4a:84:19:e0:ee:b7:e9:41:b6:6c:9b:87:
         0b:f8:0b:50:53:dd:6f:a4:5a:11:7b:30:6b:62:de:c4:11:25:
         ef:a5:f7:04:70:2a:d7:b8:e5:c7:25:20:86:e8:30:8f:7f:5c:
         c0:85:ec:12:de:ff:3e:88:44:65:ec:4e:66:5d:0b:f4:1f:e4:
         e6:17:eb:90:a3:3a:c1:ff:dd:90:25:b7:e8:9a:ae:fb:27:a4:
         e4:63:b3:c6:d8:51:2f:f2:53:e5:e8:8a:8b:86:b4:a4:c1:86:
         66:88:8e:bc:c0:ba:63:98:40:18:a8:96:d7:df:43:1d:9f:0e:
         eb:26:cc:b9:34:3d:a2:9c:cf:3b:21:8a:f6:56:47:13:03:b3:
         3b:84:b5:df:05:2e:c1:88:58:93:68:0b:0f:fc:a9:6a:94:7c:
         d6:b4:1f:9b:c5:06:89:aa:65:9a:3a:65:70:44:dc:4a:90:10:
         f1:45:ec:14:73:2d:0e:25:e2:ae:37:a1:31:39:6c:21:ec:b8:
         22:29:cd:71:c8:d0:52:83:24:39:88:86:f5:7d:29:06:b5:20:
         3f:91:15:28:a0:c4:ed:cc:ec:2f:d9:18:11:8b:db:61:f0:2b:
         54:74:32:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYK6EfsntjY2zUyDKr1SyAjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODIwMDcwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA4N2JiMTVkNzY3NjA5ODcwN2MwNjlmMDU2NDIzNzQzNDRiMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE3KEhCM9EzXjNTtZBh83VJRplA7
9rowVLL/V+7bAldnz+h+PltwihrxAhihcF39s1I+dat2tWeHj83t0re9Bxg2dacg
JDLCD8Sy0QxzKpXrDOET7yG8gkM6i7UhQ5cbePlwO4Wy5mkKv2jd9QVGMynLzIkt
wp7HoY7yBpLgRMTf59HdPVlpmiOAfrwLGabsfu3PrNHaUszwg42mzq3paAWlYGLn
Bkw6dMuaEii2cfIRCdb0lAoar1j3D8f6SyKIpWj5Jr7mZfkOlXnBjMskp0KYZxFo
9v00JBf5hPXoLyeJLqF/38OOKAh4b3xXMvd46gx+IB3DNuywocJD3LlRPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkIe7FddnYJhwfAafBWQjdDRLCPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVFoN3NWMTJkZ21IQjhCcDhGWkNOME5Fc0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEI8uU3nlAhyMmZtLJOk
PGPBaSVKKomrnkqEGeDut+lBtmybhwv4C1BT3W+kWhF7MGti3sQRJe+l9wRwKte4
5cclIIboMI9/XMCF7BLe/z6IRGXsTmZdC/Qf5OYX65CjOsH/3ZAlt+iarvsnpORj
s8bYUS/yU+XoiouGtKTBhmaIjrzAumOYQBioltffQx2fDusmzLk0PaKczzshivZW
RxMDszuEtd8FLsGIWJNoCw/8qWqUfNa0H5vFBomqZZo6ZXBE3EqQEPFF7BRzLQ4l
4q43oTE5bCHsuCIpzXHI0FKDJDmIhvV9KQa1ID+RFSigxO3M7C/ZGBGL22HwK1R0
MvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:07:35 2025 by rpki-client