Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mDQQFbPfz4OTBN4M8PhFDQgT9NE.roa
File:                     mDQQFbPfz4OTBN4M8PhFDQgT9NE.roa (raw, json)
Hash identifier:          e7p6NokFlHO4QgXs0Rgcc+eu9Hc5UIA0XRnXsn2jnz0=
Subject key identifier:   98:34:10:15:B3:DF:CF:83:93:04:DE:0C:F0:F8:45:0D:08:13:F4:D1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018674BEADD1336E631951B18B62814CFD59
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mDQQFbPfz4OTBN4M8PhFDQgT9NE.roa
Signing time:             Tue 21 Feb 2023 16:11:38 +0000
ROA not before:           Tue 21 Feb 2023 16:11:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:74:be:ad:d1:33:6e:63:19:51:b1:8b:62:81:4c:fd:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Feb 21 16:11:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98341015b3dfcf839304de0cf0f8450d0813f4d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:83:8e:74:2c:9c:66:27:4b:34:05:fc:da:06:
                    f5:80:fe:ba:04:70:be:87:8a:d3:5e:0c:ae:34:4e:
                    1b:48:82:16:5a:51:cf:54:e9:f4:a6:7a:46:ea:25:
                    bb:5f:cd:2c:e1:bc:5c:ba:d8:bd:ad:9b:1d:22:d7:
                    e0:46:d2:67:70:a1:77:43:a4:4f:31:13:e0:1d:81:
                    ac:0f:a8:89:da:06:0f:2f:42:c6:27:ed:51:8c:b1:
                    5f:f9:03:5c:7d:c8:9a:e8:6e:7b:9e:1f:16:07:a6:
                    9a:86:94:c4:bc:fe:b2:35:06:2d:06:b4:9d:15:83:
                    bc:9d:82:c0:bb:86:63:d1:6f:da:e6:8d:a8:81:fc:
                    48:bc:db:e2:f0:d6:5c:e6:c5:b3:83:3e:11:60:d5:
                    11:e1:43:06:37:1b:e4:df:3d:cd:0d:cc:56:f6:46:
                    b1:44:20:7a:a0:29:be:62:72:1a:62:5c:b0:9a:c4:
                    c5:1c:0e:2f:92:69:43:6a:dc:2c:6c:16:a2:bc:e3:
                    06:93:96:94:24:ec:fc:05:8e:1e:74:cb:08:a5:0c:
                    f1:68:dc:0a:60:a3:87:40:7b:5b:93:5a:bb:75:e9:
                    75:cf:d7:2f:f0:1e:af:14:ed:53:a8:84:8b:ed:6c:
                    eb:f9:98:e7:bd:3e:2c:4c:68:88:81:bd:d4:98:f0:
                    3a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:34:10:15:B3:DF:CF:83:93:04:DE:0C:F0:F8:45:0D:08:13:F4:D1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mDQQFbPfz4OTBN4M8PhFDQgT9NE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:92:f1:87:01:92:45:d9:88:1f:63:47:77:35:68:a0:be:da:
         cb:66:b7:75:2f:80:9f:56:fc:73:a5:74:81:8c:d6:e6:83:df:
         76:77:74:02:f7:6e:05:2c:3a:de:80:4c:e6:85:c2:00:89:fa:
         e6:a6:62:7d:0a:54:2e:d9:0c:8e:e4:d9:54:07:96:c9:f2:95:
         14:4c:fa:cd:f4:dc:79:8a:35:f9:2c:b1:62:1a:cd:4d:25:69:
         d3:f2:f0:40:aa:55:a7:26:87:d3:8a:e5:de:37:ef:83:63:18:
         ab:d1:ca:39:9e:ec:1d:d2:a0:e8:d2:78:c6:a4:ed:5e:53:30:
         e9:22:a6:d6:e8:e8:67:a0:4b:1d:fe:1c:01:0c:05:db:cc:27:
         64:cc:99:6a:f9:f7:1d:ba:5c:dd:e8:c6:15:ca:fe:7b:32:d7:
         3c:b4:22:6b:b1:77:a5:11:60:6b:51:6b:50:ad:97:95:fe:ec:
         b7:3d:f8:b7:d9:bd:03:9c:dd:8c:02:58:2c:6a:9b:68:2a:2d:
         43:50:7f:a8:12:fd:d6:a3:de:a3:bf:5e:5c:62:42:36:37:b2:
         f3:35:57:30:f1:a9:38:d4:dc:20:b9:d9:d4:2d:ee:d6:c0:aa:
         64:49:3a:26:e5:5c:73:0a:4a:ee:68:a3:56:12:3e:e3:9a:2e:
         4e:e9:b7:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ0vq3RM25jGVGxi2KBTP1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMTYxMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM0MTAxNWIzZGZjZjgzOTMwNGRlMGNmMGY4NDUwZDA4MTNmNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4OOdCycZidLNAX82gb1gP66BHC+
h4rTXgyuNE4bSIIWWlHPVOn0pnpG6iW7X80s4bxcuti9rZsdItfgRtJncKF3Q6RP
MRPgHYGsD6iJ2gYPL0LGJ+1RjLFf+QNcfcia6G57nh8WB6aahpTEvP6yNQYtBrSd
FYO8nYLAu4Zj0W/a5o2ogfxIvNvi8NZc5sWzgz4RYNUR4UMGNxvk3z3NDcxW9kax
RCB6oCm+YnIaYlywmsTFHA4vkmlDatwsbBaivOMGk5aUJOz8BY4edMsIpQzxaNwK
YKOHQHtbk1q7del1z9cv8B6vFO1TqISL7Wzr+ZjnvT4sTGiIgb3UmPA6KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJg0EBWz38+DkwTeDPD4RQ0IE/TRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbURRUUZiUGZ6NE9UQk40TThQaEZEUWdUOU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqS8YcBkkXZiB9jR3c1
aKC+2stmt3UvgJ9W/HOldIGM1uaD33Z3dAL3bgUsOt6ATOaFwgCJ+uamYn0KVC7Z
DI7k2VQHlsnylRRM+s303HmKNfkssWIazU0ladPy8ECqVacmh9OK5d4374NjGKvR
yjme7B3SoOjSeMak7V5TMOkiptbo6GegSx3+HAEMBdvMJ2TMmWr59x26XN3oxhXK
/nsy1zy0Imuxd6URYGtRa1Ctl5X+7Lc9+LfZvQOc3YwCWCxqm2gqLUNQf6gS/daj
3qO/XlxiQjY3svM1VzDxqTjU3CC52dQt7tbAqmRJOiblXHMKSu5oo1YSPuOaLk7p
t4U=
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:36:58 2025 by rpki-client