Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa
File:                     lUtd7KaiCImJe43tk-w1ybzEbhE.roa (raw, json)
Hash identifier:          w/Z1RMtkmi8Z1zgJiMXnDcG+i2RU4QuXJAeue8QAq8U=
Subject key identifier:   95:4B:5D:EC:A6:A2:08:89:89:7B:8D:ED:93:EC:35:C9:BC:C4:6E:11
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189E17B415BA27532A4162B4D33AD993275
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa
Signing time:             Thu 10 Aug 2023 22:04:58 +0000
ROA not before:           Thu 10 Aug 2023 22:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
                          2001:67c:64:ffff:0:189:e17a:8c12/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e1:7b:41:5b:a2:75:32:a4:16:2b:4d:33:ad:99:32:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 10 22:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=954b5deca6a20889897b8ded93ec35c9bcc46e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:14:cd:c3:40:2e:ca:db:13:d7:d9:42:57:ee:
                    18:d9:fc:dd:6a:87:fa:34:7c:62:1f:60:24:66:a9:
                    b2:f1:a4:83:44:db:28:0c:24:c5:26:31:c7:7b:3d:
                    46:87:15:f8:25:d2:1a:62:98:32:cc:3a:41:c3:da:
                    29:f6:5c:f6:b7:3c:5e:d8:c2:8c:97:b6:57:96:d2:
                    e9:b7:fa:87:37:93:a9:56:b7:ab:0f:bf:0b:27:61:
                    8e:d3:8a:9b:a7:f0:27:00:f5:47:a6:97:38:e6:be:
                    80:96:14:b1:c6:f7:68:5e:20:83:af:7c:bd:2a:f4:
                    a1:40:34:66:75:91:17:5e:93:4d:57:f8:ba:4f:aa:
                    3b:39:62:94:50:95:ee:6b:c6:d3:f4:32:fc:44:7e:
                    9f:45:12:ef:46:31:f6:34:87:32:79:51:8c:01:c5:
                    e8:c4:74:46:d5:4e:cb:c9:3e:a5:c2:96:7f:15:f9:
                    c8:b0:b4:b2:d2:2f:c2:fc:a1:da:ff:8d:d1:f5:3d:
                    5c:c5:17:89:ad:5b:19:b0:98:96:f6:0b:7b:bf:8b:
                    50:18:88:49:d2:15:68:1c:59:4c:97:01:72:2f:ad:
                    5e:2c:3f:cf:fe:f9:b0:34:04:ae:a0:69:a5:db:2a:
                    2c:9f:53:fd:e9:62:33:fa:0d:3c:82:c1:4a:0a:77:
                    13:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:4B:5D:EC:A6:A2:08:89:89:7B:8D:ED:93:EC:35:C9:BC:C4:6E:11
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         6e:d9:00:75:b6:39:79:22:06:f7:8a:2e:73:29:37:1c:d4:11:
         59:ad:7a:73:5f:20:ce:0c:38:73:15:2d:19:7b:31:20:1e:e5:
         5f:90:ad:de:58:28:ed:75:2b:c6:9b:fb:87:e0:3e:35:c4:b7:
         4b:09:c0:7a:a2:13:e2:fb:8c:30:1b:17:8f:14:bb:14:5d:78:
         e2:67:d0:bf:75:a8:7b:b4:c6:f9:ce:66:13:36:bd:d9:6d:c2:
         5c:31:e7:a1:0b:3f:c8:d1:73:bf:89:3d:b1:8d:50:9d:2c:b8:
         cb:22:ad:c1:d3:17:21:53:fd:e4:6d:02:20:5c:de:00:9a:e8:
         3a:ac:12:62:66:55:a9:9f:cd:0d:37:24:38:79:59:94:bc:a1:
         df:ae:a8:61:f6:9e:e5:4e:5e:66:d1:17:b7:ef:0f:a1:8c:bf:
         cb:33:a8:eb:18:88:78:95:da:b8:fb:d0:f6:1a:81:50:a2:98:
         1b:40:40:35:5c:5e:14:f0:9d:5f:70:89:ad:8e:fd:4b:87:71:
         18:7c:e4:6c:38:d5:bc:98:59:97:0f:d2:3d:0e:97:ae:cd:ee:
         19:d3:78:5c:6f:a3:f1:11:71:e6:bc:c8:90:5e:37:88:ae:e2:
         2d:bd:bb:e0:c2:ff:c4:fa:30:2b:27:45:75:f8:8e:56:42:44:
         af:ac:c9:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnhe0FbonUypBYrTTOtmTJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEwMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRiNWRlY2E2YTIwODg5ODk3YjhkZWQ5M2VjMzVjOWJjYzQ2ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBTNw0AuytsT19lCV+4Y2fzdaof6
NHxiH2AkZqmy8aSDRNsoDCTFJjHHez1GhxX4JdIaYpgyzDpBw9op9lz2tzxe2MKM
l7ZXltLpt/qHN5OpVrerD78LJ2GO04qbp/AnAPVHppc45r6AlhSxxvdoXiCDr3y9
KvShQDRmdZEXXpNNV/i6T6o7OWKUUJXua8bT9DL8RH6fRRLvRjH2NIcyeVGMAcXo
xHRG1U7LyT6lwpZ/FfnIsLSy0i/C/KHa/43R9T1cxReJrVsZsJiW9gt7v4tQGIhJ
0hVoHFlMlwFyL61eLD/P/vmwNASuoGml2yosn1P96WIz+g08gsFKCncTAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVLXeymogiJiXuN7ZPsNcm8xG4RMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbFV0ZDdLYWlDSW1KZTQzdGstdzF5YnpFYmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7ZAHW2OXkiBveKLnMp
NxzUEVmtenNfIM4MOHMVLRl7MSAe5V+Qrd5YKO11K8ab+4fgPjXEt0sJwHqiE+L7
jDAbF48UuxRdeOJn0L91qHu0xvnOZhM2vdltwlwx56ELP8jRc7+JPbGNUJ0suMsi
rcHTFyFT/eRtAiBc3gCa6DqsEmJmVamfzQ03JDh5WZS8od+uqGH2nuVOXmbRF7fv
D6GMv8szqOsYiHiV2rj70PYagVCimBtAQDVcXhTwnV9wia2O/UuHcRh85Gw41byY
WZcP0j0Ol67N7hnTeFxvo/ERcea8yJBeN4iu4i29u+DC/8T6MCsnRXX4jlZCRK+s
yQI=
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:45:19 2025 by rpki-client