Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/la-Vj2ENiNkMtH3oOXcIhiH8Ghs.roa
File:                     la-Vj2ENiNkMtH3oOXcIhiH8Ghs.roa (raw, json)
Hash identifier:          VwjaRJDwEfS83s8lgOi0W0zNgNVBY7PlGEhxG+OJavI=
Subject key identifier:   95:AF:95:8F:61:0D:88:D9:0C:B4:7D:E8:39:77:08:86:21:FC:1A:1B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018794111D01D47EF3E67F65E42275DD9696
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/la-Vj2ENiNkMtH3oOXcIhiH8Ghs.roa
Signing time:             Tue 18 Apr 2023 11:12:42 +0000
ROA not before:           Tue 18 Apr 2023 11:12:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:94:11:1d:01:d4:7e:f3:e6:7f:65:e4:22:75:dd:96:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 18 11:12:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95af958f610d88d90cb47de83977088621fc1a1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0e:51:74:5d:12:2a:49:74:ac:85:f1:e4:be:
                    79:51:54:a2:78:c8:b6:d0:32:30:71:80:8c:ea:e7:
                    5a:ce:61:6d:9d:ff:50:1b:22:94:42:1e:9f:fa:42:
                    f6:16:be:98:8d:f7:5a:8b:70:4d:5f:2b:62:32:a8:
                    da:7b:cc:32:d9:79:12:dc:05:86:0b:b8:06:76:6a:
                    b1:4e:1b:3f:61:bc:78:df:0e:f1:14:4c:f6:2e:86:
                    17:a5:86:25:34:9e:97:fb:e3:6b:f4:39:25:33:36:
                    7a:2c:db:5d:5e:71:cf:b3:1d:63:05:a9:ff:28:76:
                    0a:78:07:d1:5b:f4:dc:20:74:11:53:22:51:62:30:
                    3c:53:e1:8d:6f:0e:33:e9:21:63:15:a4:c6:d7:a4:
                    eb:08:b1:72:3f:0d:a9:f9:44:12:b3:df:18:0b:c3:
                    3d:9a:15:73:7a:3f:eb:92:a3:49:3d:04:64:63:67:
                    92:9c:90:f4:22:15:31:eb:9e:db:a5:9a:ba:3e:ff:
                    60:5a:51:06:c9:7d:74:a9:ea:44:02:63:33:9e:eb:
                    e7:cd:c0:17:9d:35:84:13:e5:f3:b2:56:1e:b3:b9:
                    c2:52:37:c5:f0:e8:34:27:f9:20:16:2f:4d:55:c8:
                    0e:74:48:4c:62:f3:de:7a:66:7e:49:7e:de:d9:9b:
                    4d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:AF:95:8F:61:0D:88:D9:0C:B4:7D:E8:39:77:08:86:21:FC:1A:1B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/la-Vj2ENiNkMtH3oOXcIhiH8Ghs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:09:e8:aa:82:30:ed:73:f5:6e:0f:a2:29:35:55:5a:8d:33:
         6f:d0:68:87:4e:f6:6f:80:ff:7c:91:23:3c:74:e1:d8:8e:b3:
         66:44:00:20:49:77:84:27:ff:e7:24:07:14:f0:46:a1:86:5a:
         64:3e:d2:f0:4b:9a:8f:ce:84:8c:f1:82:a5:74:73:9b:53:84:
         68:72:28:77:84:11:0d:9e:b4:e5:9d:d5:99:8a:91:8e:f1:7c:
         b9:17:bb:7a:fe:8e:9a:fc:f6:00:b4:8c:79:62:a3:96:40:fa:
         35:a4:61:18:f2:08:bc:5f:62:36:a5:33:85:87:0d:24:a9:9d:
         17:b4:04:bf:f1:c5:8b:8f:f4:4b:69:19:de:15:9f:91:28:8e:
         7b:7c:ca:f5:b9:38:de:f0:c5:f8:25:da:48:76:db:cd:33:15:
         39:a6:5d:f3:a2:a8:13:66:48:ff:5b:2c:94:15:40:61:35:07:
         f2:55:f3:0c:a4:26:ae:e8:08:05:1a:62:e1:61:41:5d:7b:20:
         ca:93:6f:39:d2:0b:36:48:a6:70:e5:c1:9a:4e:03:76:d2:eb:
         67:a0:8e:28:a6:f6:38:1a:e7:25:d3:7f:aa:30:6e:8b:b4:2e:
         72:e0:8d:51:b5:a7:ca:96:f4:41:d0:96:c0:bb:1c:45:bf:8b:
         80:e7:70:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeUER0B1H7z5n9l5CJ13ZaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE4MTExMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFmOTU4ZjYxMGQ4OGQ5MGNiNDdkZTgzOTc3MDg4NjIxZmMxYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw5RdF0SKkl0rIXx5L55UVSieMi2
0DIwcYCM6udazmFtnf9QGyKUQh6f+kL2Fr6Yjfdai3BNXytiMqjae8wy2XkS3AWG
C7gGdmqxThs/Ybx43w7xFEz2LoYXpYYlNJ6X++Nr9DklMzZ6LNtdXnHPsx1jBan/
KHYKeAfRW/TcIHQRUyJRYjA8U+GNbw4z6SFjFaTG16TrCLFyPw2p+UQSs98YC8M9
mhVzej/rkqNJPQRkY2eSnJD0IhUx657bpZq6Pv9gWlEGyX10qepEAmMznuvnzcAX
nTWEE+XzslYes7nCUjfF8Og0J/kgFi9NVcgOdEhMYvPeemZ+SX7e2ZtNGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJWvlY9hDYjZDLR96Dl3CIYh/BobMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGEtVmoyRU5pTmtNdEgzb09YY0loaUg4R2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIcJ6KqCMO1z9W4Poik1
VVqNM2/QaIdO9m+A/3yRIzx04diOs2ZEACBJd4Qn/+ckBxTwRqGGWmQ+0vBLmo/O
hIzxgqV0c5tThGhyKHeEEQ2etOWd1ZmKkY7xfLkXu3r+jpr89gC0jHlio5ZA+jWk
YRjyCLxfYjalM4WHDSSpnRe0BL/xxYuP9EtpGd4Vn5Eojnt8yvW5ON7wxfgl2kh2
280zFTmmXfOiqBNmSP9bLJQVQGE1B/JV8wykJq7oCAUaYuFhQV17IMqTbznSCzZI
pnDlwZpOA3bS62egjiim9jga5yXTf6owbou0LnLgjVG1p8qW9EHQlsC7HEW/i4Dn
cHI=
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:31:57 2025 by rpki-client