Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa
File:                     emZGBmh3FKMfi_4ZndBXUMxAjCA.roa (raw, json)
Hash identifier:          nUiS11VP2N00+BI0zfQ0pPfo/c3+HZ+kX/cwcqoS050=
Subject key identifier:   7A:66:46:06:68:77:14:A3:1F:8B:FE:19:9D:D0:57:50:CC:40:8C:20
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018789C723A9732FCC46AD0D6279CE5EFF82
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa
Signing time:             Sun 16 Apr 2023 11:15:41 +0000
ROA not before:           Sun 16 Apr 2023 11:15:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:89:c7:23:a9:73:2f:cc:46:ad:0d:62:79:ce:5e:ff:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 16 11:15:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a664606687714a31f8bfe199dd05750cc408c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b0:19:04:65:33:f8:01:3f:fe:0f:14:11:ea:
                    24:bc:54:f4:2f:6b:b0:9a:4c:6c:6b:3b:59:83:bc:
                    37:ed:27:6f:47:7e:ab:a1:fc:18:f9:1f:75:f6:57:
                    cb:06:e3:ec:1d:68:1a:bd:8f:53:a9:06:3e:7d:a5:
                    b3:35:7e:79:66:8c:be:71:9b:88:f7:f4:74:ef:d6:
                    94:6f:15:84:8f:cc:c8:b8:1f:ee:ce:c9:b1:3f:81:
                    27:66:49:cf:9f:fb:c4:3f:d5:8a:90:07:a3:7e:3c:
                    9c:a6:ac:b3:be:d6:e2:7b:00:52:08:e8:1a:60:f7:
                    08:36:2c:95:30:bc:6d:92:bf:87:8c:6a:bb:f9:4b:
                    53:db:39:77:00:c8:90:a4:00:da:70:6d:60:49:ca:
                    32:18:df:f0:39:36:a4:56:01:94:c1:6a:5b:a0:56:
                    95:a8:cf:00:9d:04:28:77:79:7e:ad:de:52:a3:eb:
                    2d:cb:60:f0:19:43:2f:82:eb:4c:4f:f5:07:51:94:
                    1d:64:71:53:7e:c6:2d:03:0a:92:b7:64:64:29:b9:
                    37:ff:29:e6:24:f9:e0:6a:f7:98:e1:90:02:bd:d6:
                    a6:ab:08:68:77:2e:26:b0:f4:c8:6f:0e:52:22:74:
                    10:e5:34:44:cc:98:48:fc:06:33:c1:56:6b:32:ae:
                    f6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:66:46:06:68:77:14:A3:1F:8B:FE:19:9D:D0:57:50:CC:40:8C:20
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:aa:52:cb:08:eb:ac:4d:4c:ce:63:fe:0f:46:2c:52:fd:62:
         fc:98:7a:e5:62:eb:70:e3:c2:90:86:10:da:2e:78:5f:76:55:
         db:bb:99:ac:e3:11:44:15:94:25:7a:d2:16:34:3f:f3:4b:b9:
         95:33:22:24:68:6d:00:14:74:d1:9d:ba:bb:52:96:97:53:ab:
         61:dc:8f:d6:85:90:c3:81:b5:4e:78:54:a3:56:2d:ee:25:18:
         5e:36:53:5c:7a:b5:9c:93:d1:b6:11:09:82:fc:5d:39:74:28:
         29:0d:60:9f:16:ec:1d:83:0d:32:8c:0a:b7:b3:47:b4:dd:bd:
         f9:b6:3d:93:aa:b6:0a:20:77:23:bd:ab:8d:10:74:99:36:08:
         fc:ff:38:e6:91:82:22:c8:3d:36:22:20:ad:34:54:c6:89:a5:
         b3:ec:e0:16:c4:7d:21:d6:1a:10:e0:c0:2c:ef:58:97:f3:f3:
         02:be:33:df:bb:88:39:ba:32:39:b4:36:4f:cb:d9:c6:96:1b:
         46:00:1d:2d:28:c1:b6:18:8c:a3:e4:d6:f3:00:23:d7:07:38:
         a1:ca:89:c8:06:bb:a1:13:00:20:a7:e6:ab:31:10:6f:4f:8b:
         46:20:e7:ab:26:56:d1:fe:db:1c:61:40:3f:a4:ef:c3:f0:63:
         ab:a4:36:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeJxyOpcy/MRq0NYnnOXv+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE2MTExNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTY2NDYwNjY4NzcxNGEzMWY4YmZlMTk5ZGQwNTc1MGNjNDA4YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7AZBGUz+AE//g8UEeokvFT0L2uw
mkxsaztZg7w37SdvR36rofwY+R919lfLBuPsHWgavY9TqQY+faWzNX55Zoy+cZuI
9/R079aUbxWEj8zIuB/uzsmxP4EnZknPn/vEP9WKkAejfjycpqyzvtbiewBSCOga
YPcINiyVMLxtkr+HjGq7+UtT2zl3AMiQpADacG1gScoyGN/wOTakVgGUwWpboFaV
qM8AnQQod3l+rd5So+sty2DwGUMvgutMT/UHUZQdZHFTfsYtAwqSt2RkKbk3/ynm
JPngaveY4ZACvdamqwhody4msPTIbw5SInQQ5TREzJhI/AYzwVZrMq72bwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHpmRgZodxSjH4v+GZ3QV1DMQIwgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZW1aR0JtaDNGS01maV80Wm5kQlhVTXhBakNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqqUssI66xNTM5j/g9G
LFL9YvyYeuVi63DjwpCGENoueF92Vdu7mazjEUQVlCV60hY0P/NLuZUzIiRobQAU
dNGdurtSlpdTq2Hcj9aFkMOBtU54VKNWLe4lGF42U1x6tZyT0bYRCYL8XTl0KCkN
YJ8W7B2DDTKMCrezR7Tdvfm2PZOqtgogdyO9q40QdJk2CPz/OOaRgiLIPTYiIK00
VMaJpbPs4BbEfSHWGhDgwCzvWJfz8wK+M9+7iDm6Mjm0Nk/L2caWG0YAHS0owbYY
jKPk1vMAI9cHOKHKicgGu6ETACCn5qsxEG9Pi0Yg56smVtH+2xxhQD+k78PwY6uk
NuE=
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:34:13 2025 by rpki-client