Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa
File:                     lAg4A11uz1n9OaEVsNWmFttmmD8.roa (raw, json)
Hash identifier:          R/VuVM/tZeEbyIv7bA601ysszIs92GNFCdSnMYF6ESY=
Subject key identifier:   94:08:38:03:5D:6E:CF:59:FD:39:A1:15:B0:D5:A6:16:DB:66:98:3F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       6A9E2ED5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa
Signing time:             Mon 14 Feb 2022 20:10:25 +0000
ROA not before:           Mon 14 Feb 2022 20:10:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1788751573 (0x6a9e2ed5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Feb 14 20:10:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=940838035d6ecf59fd39a115b0d5a616db66983f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:69:8d:c0:dc:e7:c8:88:c1:9a:b9:cc:00:11:
                    74:eb:e9:f0:14:64:3e:54:58:2a:0d:e8:78:0a:76:
                    c4:f9:13:01:85:e5:02:77:72:74:d7:d2:c6:60:a9:
                    7b:db:62:12:56:39:03:a0:6a:6e:f6:de:31:74:70:
                    c7:5d:32:69:c9:ff:45:32:fb:ab:c7:dc:18:20:73:
                    5b:21:f0:5e:ff:73:0d:3e:0a:7d:f2:43:98:d4:fe:
                    e0:5b:5b:03:2b:ea:4b:e2:52:93:8c:22:cb:b5:2f:
                    a7:5c:92:62:1f:2d:ce:d8:37:08:f2:73:a4:1b:20:
                    81:ee:39:92:18:3b:b9:43:b8:8d:e4:f4:01:b3:af:
                    da:aa:d4:ec:ba:ed:ac:23:be:62:3b:02:0e:41:dd:
                    97:37:cd:a6:3c:26:43:53:a8:1b:bb:74:d9:31:71:
                    6c:d5:62:3e:f1:9f:0b:0e:ad:95:d3:38:a8:82:7d:
                    13:9b:1e:70:49:8f:98:b8:5e:a5:79:be:7d:1e:f5:
                    ac:ca:a0:2f:aa:7e:71:fc:dc:40:ca:57:0f:9c:31:
                    89:41:4e:5f:cb:32:a2:21:6e:66:f2:bb:03:62:63:
                    7f:4d:87:37:76:19:47:2d:02:e1:7c:65:76:29:40:
                    82:f6:eb:13:6c:da:99:2f:29:37:35:e0:73:01:88:
                    cf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:08:38:03:5D:6E:CF:59:FD:39:A1:15:B0:D5:A6:16:DB:66:98:3F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:83:37:92:b2:4f:62:8e:eb:ad:33:82:88:e7:22:ce:ed:18:
         e1:8f:a8:90:ef:ae:c4:55:07:90:ac:fa:5e:58:9a:bc:ed:31:
         bb:29:a0:93:26:7e:44:e3:2b:25:7b:ec:e5:fb:f1:3d:19:9d:
         72:93:4b:0e:e5:73:41:7a:db:04:37:fd:8f:13:38:0c:70:18:
         63:d5:99:cf:50:98:ee:bc:f2:49:dc:f2:56:81:86:aa:76:cf:
         aa:3e:17:d2:d6:cd:12:02:c2:5e:3f:37:e5:c1:51:47:c8:13:
         0c:7f:15:8c:a4:21:24:42:a9:b6:b7:fd:92:52:f2:60:c7:37:
         bb:42:39:89:4e:6b:85:d0:b6:b7:4c:3e:c9:23:50:d3:60:a0:
         b8:7b:ef:28:3d:aa:26:d8:3e:22:0b:9c:fb:de:62:13:b8:c8:
         e5:4c:e2:71:4b:55:f4:b6:34:e9:8c:4a:75:f5:0b:03:4e:7b:
         dc:22:f1:2c:67:60:88:4d:fc:66:db:c6:8d:61:1d:48:cb:42:
         98:4f:ed:b0:64:8a:c2:b9:c0:1a:d7:da:29:bb:01:1f:28:92:
         57:31:dd:74:32:d3:62:ec:64:30:50:be:b8:e3:eb:dd:8f:9b:
         a1:11:55:e5:d8:e7:f2:6e:9e:8a:56:39:b1:53:e9:d6:9e:72:
         8d:a6:c8:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEap4u1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NDIwMTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwODM4MDM1ZDZl
Y2Y1OWZkMzlhMTE1YjBkNWE2MTZkYjY2OTgzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFpjcDc58iIwZq5zAARdOvp8BRkPlRYKg3oeAp2xPkTAYXl
AndydNfSxmCpe9tiElY5A6BqbvbeMXRwx10yacn/RTL7q8fcGCBzWyHwXv9zDT4K
ffJDmNT+4FtbAyvqS+JSk4wiy7Uvp1ySYh8tztg3CPJzpBsgge45khg7uUO4jeT0
AbOv2qrU7LrtrCO+YjsCDkHdlzfNpjwmQ1OoG7t02TFxbNViPvGfCw6tldM4qIJ9
E5secEmPmLhepXm+fR71rMqgL6p+cfzcQMpXD5wxiUFOX8syoiFuZvK7A2Jjf02H
N3YZRy0C4XxldilAgvbrE2zamS8pNzXgcwGIz5sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSUCDgDXW7PWf05oRWw1aYW22aYPzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2xBZzRBMTF1ejFuOU9hRVZzTldtRnR0bW1EOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCXgzeSsk9ijuutM4KI5yLO7Rjhj6iQ767EVQeQ
rPpeWJq87TG7KaCTJn5E4ysle+zl+/E9GZ1yk0sO5XNBetsEN/2PEzgMcBhj1ZnP
UJjuvPJJ3PJWgYaqds+qPhfS1s0SAsJePzflwVFHyBMMfxWMpCEkQqm2t/2SUvJg
xze7QjmJTmuF0La3TD7JI1DTYKC4e+8oPaom2D4iC5z73mITuMjlTOJxS1X0tjTp
jEp19QsDTnvcIvEsZ2CITfxm28aNYR1Iy0KYT+2wZIrCucAa19opuwEfKJJXMd10
MtNi7GQwUL644+vdj5uhEVXl2Ofybp6KVjmxU+nWnnKNpshT
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:47:18 2025 by rpki-client