Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqoLYOqovLZVAItkbzJ_ZJuOrOY.roa
File:                     aqoLYOqovLZVAItkbzJ_ZJuOrOY.roa (raw, json)
Hash identifier:          2SyJUkghFYJ/QAp8uQUhfLPULDLXjcUneoUYzZoP+Y0=
Subject key identifier:   6A:AA:0B:60:EA:A8:BC:B6:55:00:8B:64:6F:32:7F:64:9B:8E:AC:E6
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01858765EBFC9168E0BD7B4CF11034714645
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqoLYOqovLZVAItkbzJ_ZJuOrOY.roa
Signing time:             Fri 06 Jan 2023 14:04:41 +0000
ROA not before:           Fri 06 Jan 2023 14:04:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:185:8765:5d9a/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:87:65:eb:fc:91:68:e0:bd:7b:4c:f1:10:34:71:46:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jan  6 14:04:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6aaa0b60eaa8bcb655008b646f327f649b8eace6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:41:95:f8:11:96:f7:19:16:9f:a9:c0:9e:ec:
                    00:fa:7b:36:24:05:dd:5f:b1:dc:b5:93:ed:37:5a:
                    6d:d1:01:e0:b5:f0:eb:aa:91:b9:2f:da:2b:39:58:
                    37:90:de:1f:57:63:1c:75:eb:05:64:37:af:f5:2a:
                    9c:58:c4:d9:ce:f5:0f:1a:52:2f:d0:0d:4a:ef:e4:
                    00:36:50:16:3f:7b:9e:64:1f:63:95:ac:78:7c:d2:
                    02:88:c1:38:30:d9:6c:00:ea:4b:da:36:9c:b9:92:
                    07:6e:ed:73:77:1f:c2:c9:15:11:8d:f0:4f:6e:ef:
                    53:be:82:34:1f:73:da:cd:7d:24:06:5d:d7:ca:5f:
                    65:a5:41:27:84:94:41:67:b4:7f:9a:69:23:2f:ef:
                    43:67:61:68:a4:ae:c7:81:49:bf:19:f8:22:0b:44:
                    d7:37:e2:99:ba:a3:16:f6:b2:4c:95:83:0c:13:a7:
                    4f:a0:6e:72:91:e9:33:02:4f:b2:77:e3:66:b2:64:
                    2d:42:88:57:2f:f5:d4:ab:30:5b:17:bf:46:b9:1f:
                    6b:45:28:54:66:13:e9:9b:dc:92:36:31:c3:18:ef:
                    9b:f6:a0:83:97:33:c5:e1:71:a4:9f:52:0e:81:c2:
                    5d:e3:39:8a:cd:db:71:2c:b2:fb:0e:b0:97:80:7a:
                    6b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:AA:0B:60:EA:A8:BC:B6:55:00:8B:64:6F:32:7F:64:9B:8E:AC:E6
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqoLYOqovLZVAItkbzJ_ZJuOrOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:e7:c6:6f:d3:58:3b:05:b7:21:42:dc:a6:eb:a4:c8:ba:a7:
         03:03:22:06:bd:75:b3:2e:ff:8d:17:7a:d9:6c:70:13:5b:0e:
         19:60:3f:26:85:ff:1a:77:db:d1:f2:ba:df:fa:34:14:6d:27:
         a5:a3:d4:99:a1:74:29:53:08:2a:90:25:71:ae:84:b7:84:f3:
         70:5d:a1:e5:92:22:7b:09:3b:95:aa:4a:91:41:11:aa:78:bf:
         e6:f8:8d:c3:49:2c:74:dc:38:03:04:f2:6d:47:01:e3:a8:eb:
         52:3e:6a:c9:9e:d8:55:b4:2d:f2:eb:3a:58:f3:46:19:62:b3:
         3d:c6:68:ab:04:d7:4c:41:0a:00:d1:04:ef:27:ca:e9:87:b3:
         9e:ee:d7:1f:91:43:74:4e:b9:f1:f3:71:ff:fb:a2:e6:2a:7e:
         1d:b2:86:4f:3f:4d:e3:fc:b5:e5:08:16:ba:2e:e4:23:7a:34:
         42:5b:f7:7c:0c:7e:78:e2:57:17:53:ef:d3:20:d5:60:15:f4:
         a9:d6:d6:6f:a3:56:5c:ea:e2:77:4e:41:f6:96:97:0c:df:af:
         26:a9:dd:df:f5:44:ea:ae:bc:c0:4a:8d:e8:53:ec:6a:dd:64:
         a9:8e:d1:74:98:57:e1:a9:80:12:b5:64:b5:32:f5:0d:7a:85:
         51:a0:87:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWHZev8kWjgvXtM8RA0cUZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA2MTQwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFhMGI2MGVhYThiY2I2NTUwMDhiNjQ2ZjMyN2Y2NDliOGVhY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0GV+BGW9xkWn6nAnuwA+ns2JAXd
X7HctZPtN1pt0QHgtfDrqpG5L9orOVg3kN4fV2McdesFZDev9SqcWMTZzvUPGlIv
0A1K7+QANlAWP3ueZB9jlax4fNICiME4MNlsAOpL2jacuZIHbu1zdx/CyRURjfBP
bu9TvoI0H3PazX0kBl3Xyl9lpUEnhJRBZ7R/mmkjL+9DZ2FopK7HgUm/GfgiC0TX
N+KZuqMW9rJMlYMME6dPoG5ykekzAk+yd+NmsmQtQohXL/XUqzBbF79GuR9rRShU
ZhPpm9ySNjHDGO+b9qCDlzPF4XGkn1IOgcJd4zmKzdtxLLL7DrCXgHpr1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqqC2DqqLy2VQCLZG8yf2SbjqzmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXFvTFlPcW92TFpWQUl0a2J6Sl9aSnVPck9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFbnxm/TWDsFtyFC3Kbr
pMi6pwMDIga9dbMu/40XetlscBNbDhlgPyaF/xp329Hyut/6NBRtJ6Wj1JmhdClT
CCqQJXGuhLeE83BdoeWSInsJO5WqSpFBEap4v+b4jcNJLHTcOAME8m1HAeOo61I+
asme2FW0LfLrOljzRhlisz3GaKsE10xBCgDRBO8nyumHs57u1x+RQ3ROufHzcf/7
ouYqfh2yhk8/TeP8teUIFrou5CN6NEJb93wMfnjiVxdT79Mg1WAV9KnW1m+jVlzq
4ndOQfaWlwzfryap3d/1ROquvMBKjehT7GrdZKmO0XSYV+GpgBK1ZLUy9Q16hVGg
h0M=
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:52:31 2025 by rpki-client