Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa
File:                     mvjqrgLPzy0tGbq63sAclvpj7d8.roa (raw, json)
Hash identifier:          ZufZNyRx1Q0B5I8x8KKmwEzwE8L6jLurI5PGg1EZL/k=
Subject key identifier:   9A:F8:EA:AE:02:CF:CF:2D:2D:19:BA:BA:DE:C0:1C:96:FA:63:ED:DF
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186F5B63FFAD767D48DEFDD7795898702B1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa
Signing time:             Sat 18 Mar 2023 17:13:27 +0000
ROA not before:           Sat 18 Mar 2023 17:13:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f5:b6:3f:fa:d7:67:d4:8d:ef:dd:77:95:89:87:02:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 18 17:13:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9af8eaae02cfcf2d2d19babadec01c96fa63eddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:00:4a:48:88:95:93:32:10:3b:b5:6e:dc:70:
                    71:a5:76:f3:91:d0:e2:80:09:03:93:10:66:72:2d:
                    92:0c:39:82:2a:49:40:bf:66:a4:b4:bf:68:63:1d:
                    ff:51:3e:c7:60:7b:79:d1:89:25:82:40:2f:01:ab:
                    b1:f0:cd:bc:f5:be:7d:bf:70:73:9e:65:57:d8:6c:
                    0d:60:0f:8f:84:29:88:55:3e:a8:40:0a:c4:ba:b3:
                    2e:95:68:34:c1:6d:7e:c3:7e:a0:0c:df:70:df:20:
                    ce:6c:cc:9a:5d:12:7f:8f:c3:5d:4c:64:aa:17:e5:
                    b1:e8:41:62:27:2e:57:de:2f:cf:84:b5:fd:89:87:
                    d2:94:8c:e0:34:39:6a:46:e7:79:b3:1d:11:cc:3b:
                    5c:bb:17:65:e2:9e:6a:0a:f1:7d:7d:db:f0:fe:93:
                    68:53:91:e9:f0:20:06:89:a8:8a:09:af:86:19:5e:
                    ef:2f:5c:c2:73:54:88:0a:5b:b4:64:a8:52:fa:ae:
                    db:86:aa:35:af:54:4d:7a:0a:82:c1:36:20:07:fc:
                    cb:73:e1:c3:3d:6f:81:a7:a3:ae:5f:2f:3c:de:d0:
                    02:25:6e:a5:29:e5:4a:2a:d7:9a:51:22:77:d4:87:
                    18:3f:1a:25:fb:23:1c:8c:68:f8:70:57:03:9f:4f:
                    a3:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:F8:EA:AE:02:CF:CF:2D:2D:19:BA:BA:DE:C0:1C:96:FA:63:ED:DF
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:94:ed:2e:1a:6f:d5:95:1c:f2:9b:3f:e7:ef:70:d3:f3:15:
         8d:e9:85:bd:36:24:cd:c1:24:0a:7d:11:bb:b6:ef:a5:44:bf:
         02:b2:cd:b7:4e:87:aa:a3:5d:01:ec:10:2f:cd:a3:ad:32:4e:
         9a:26:ab:9a:ba:4a:83:be:b0:bb:b6:24:cc:6f:6f:bf:8e:bd:
         f6:73:72:8b:85:72:dc:d7:22:ac:d4:3b:92:d5:10:f8:0f:f8:
         36:6e:9f:3d:54:de:39:53:f2:6b:c9:d0:b9:7f:c8:41:ac:68:
         e2:88:c0:ef:34:bc:73:6a:e7:0b:70:85:1c:b9:d9:12:89:24:
         92:ea:d3:5c:fe:7a:19:66:fb:74:d2:02:7c:a1:63:b7:83:ea:
         14:31:58:56:a5:4d:ea:c3:ce:5a:b6:71:15:04:ee:e2:a9:77:
         14:a7:2e:fe:d9:fc:0d:5f:74:53:ad:c8:42:06:d6:a4:cd:80:
         55:a3:fc:08:0b:5c:f6:9d:f0:62:16:ca:90:d1:bb:22:b1:64:
         ce:e9:72:ec:c0:16:27:87:ea:a2:3c:58:57:3e:b8:c2:08:1c:
         2c:41:54:b9:00:db:49:dd:83:7e:56:f4:01:ed:1e:bc:77:a2:
         bb:f6:61:25:4a:07:cb:3f:fb:f5:b0:b9:c3:7e:21:f3:88:96:
         e2:03:09:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb1tj/612fUje/dd5WJhwKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE4MTcxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY4ZWFhZTAyY2ZjZjJkMmQxOWJhYmFkZWMwMWM5NmZhNjNlZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQBKSIiVkzIQO7Vu3HBxpXbzkdDi
gAkDkxBmci2SDDmCKklAv2aktL9oYx3/UT7HYHt50YklgkAvAaux8M289b59v3Bz
nmVX2GwNYA+PhCmIVT6oQArEurMulWg0wW1+w36gDN9w3yDObMyaXRJ/j8NdTGSq
F+Wx6EFiJy5X3i/PhLX9iYfSlIzgNDlqRud5sx0RzDtcuxdl4p5qCvF9fdvw/pNo
U5Hp8CAGiaiKCa+GGV7vL1zCc1SIClu0ZKhS+q7bhqo1r1RNegqCwTYgB/zLc+HD
PW+Bp6OuXy883tACJW6lKeVKKteaUSJ31IcYPxol+yMcjGj4cFcDn0+jfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJr46q4Cz88tLRm6ut7AHJb6Y+3fMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbXZqcXJnTFB6eTB0R2JxNjNzQWNsdnBqN2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJeU7S4ab9WVHPKbP+fv
cNPzFY3phb02JM3BJAp9Ebu276VEvwKyzbdOh6qjXQHsEC/No60yTpomq5q6SoO+
sLu2JMxvb7+OvfZzcouFctzXIqzUO5LVEPgP+DZunz1U3jlT8mvJ0Ll/yEGsaOKI
wO80vHNq5wtwhRy52RKJJJLq01z+ehlm+3TSAnyhY7eD6hQxWFalTerDzlq2cRUE
7uKpdxSnLv7Z/A1fdFOtyEIG1qTNgFWj/AgLXPad8GIWypDRuyKxZM7pcuzAFieH
6qI8WFc+uMIIHCxBVLkA20ndg35W9AHtHrx3orv2YSVKB8s/+/WwucN+IfOIluID
CUc=
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:23:43 2025 by rpki-client