Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa
File:                     n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa (raw, json)
Hash identifier:          pkR0zs+48oCXcevRhigUdH2mQfs0SypI6A+wnRNraOc=
Subject key identifier:   9F:E0:F5:16:F7:0E:18:33:61:87:01:4C:73:27:D1:73:29:77:2E:07
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01867A831C5B4F6BC834B71CFF928828FA68
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa
Signing time:             Wed 22 Feb 2023 19:04:18 +0000
ROA not before:           Wed 22 Feb 2023 19:04:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7a83:1419/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7a:83:1c:5b:4f:6b:c8:34:b7:1c:ff:92:88:28:fa:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Feb 22 19:04:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fe0f516f70e18336187014c7327d17329772e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d7:76:cc:f4:89:d7:fa:5c:3d:af:33:c6:0c:
                    32:98:43:a2:ed:42:2b:22:cd:e2:63:1b:3a:2f:ea:
                    85:08:c1:c3:1a:34:51:0a:dd:af:c4:b0:33:e1:5d:
                    f1:62:30:30:46:1d:97:b3:0e:e5:cb:2c:cf:69:27:
                    dd:b0:a5:ec:af:2a:9f:08:9e:96:92:74:50:d4:3f:
                    52:45:f4:8e:17:81:bf:b8:cf:34:16:e6:7f:fc:bf:
                    94:17:e6:e6:ba:44:87:de:44:61:bf:3f:a4:00:82:
                    ff:f2:38:b0:9f:e6:b8:c0:96:7f:8d:bb:c2:92:ee:
                    ba:44:50:24:5f:99:e6:e9:3c:56:82:62:0e:3a:30:
                    97:9a:79:d2:4a:21:01:1b:19:7c:11:76:e6:05:ed:
                    48:c6:6d:cf:a6:b0:a5:e5:10:98:4e:0c:2e:47:98:
                    ac:2d:0e:42:6a:85:7a:9a:85:e1:f5:f6:cd:aa:01:
                    db:83:f2:52:db:0d:93:28:73:8e:6d:0d:c1:95:99:
                    f6:23:db:6f:a8:a4:ec:a7:39:92:4a:97:ef:7c:fe:
                    0b:47:87:f1:29:bb:a2:46:9a:ee:12:13:63:b7:17:
                    9b:f8:31:2a:76:d4:e4:09:67:e0:db:8a:bb:26:2a:
                    ed:10:68:a7:7d:53:ac:49:c1:77:ed:b5:bc:70:d1:
                    3e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:E0:F5:16:F7:0E:18:33:61:87:01:4C:73:27:D1:73:29:77:2E:07
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:fc:44:0b:5e:10:fc:af:22:90:cd:1e:ff:1b:e0:cd:39:96:
         47:3c:67:6a:af:87:cd:b0:5c:40:bd:09:c8:2d:ef:49:07:01:
         f9:fd:0d:40:66:45:08:3f:2d:23:66:0e:04:2c:91:a4:32:13:
         e8:e0:fc:a8:61:fb:23:83:40:61:10:06:4e:48:1d:2d:0c:34:
         5a:df:af:15:5f:2a:4b:6a:48:fb:da:22:36:1d:65:f0:52:f9:
         bd:b6:dd:ba:11:f3:9d:3c:38:f3:7e:57:25:86:48:cc:09:0e:
         5b:ae:52:25:65:5f:8a:50:d4:ff:8c:93:1b:f5:fa:44:ba:48:
         de:f6:d7:94:c1:1f:0a:d8:48:5e:ec:23:df:d4:31:93:a3:b7:
         1c:86:cd:00:d4:05:13:5d:93:5d:08:28:69:5a:f0:87:86:07:
         7d:1e:69:8b:2a:16:4e:e7:8b:05:ab:f5:a3:30:6c:c3:94:ab:
         b3:9c:c7:6d:b0:d9:bd:35:0a:86:ea:3d:1a:22:08:c8:5e:7e:
         bf:2e:9d:67:5d:cd:c1:81:a7:a0:35:9a:28:23:03:a5:c2:9c:
         73:b8:d5:4c:28:12:dd:f1:d6:40:f6:ad:30:77:cd:ac:43:59:
         4e:52:7c:fc:49:15:5d:bb:37:f8:75:2c:2c:90:15:68:6b:96:
         c9:17:57:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ6gxxbT2vINLcc/5KIKPpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTkwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmUwZjUxNmY3MGUxODMzNjE4NzAxNGM3MzI3ZDE3MzI5NzcyZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNd2zPSJ1/pcPa8zxgwymEOi7UIr
Is3iYxs6L+qFCMHDGjRRCt2vxLAz4V3xYjAwRh2Xsw7lyyzPaSfdsKXsryqfCJ6W
knRQ1D9SRfSOF4G/uM80FuZ//L+UF+bmukSH3kRhvz+kAIL/8jiwn+a4wJZ/jbvC
ku66RFAkX5nm6TxWgmIOOjCXmnnSSiEBGxl8EXbmBe1Ixm3PprCl5RCYTgwuR5is
LQ5CaoV6moXh9fbNqgHbg/JS2w2TKHOObQ3BlZn2I9tvqKTspzmSSpfvfP4LR4fx
KbuiRpruEhNjtxeb+DEqdtTkCWfg24q7JirtEGinfVOsScF37bW8cNE+IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ/g9Rb3DhgzYYcBTHMn0XMpdy4HMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbi1EMUZ2Y09HRE5oaHdGTWN5ZlJjeWwzTGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG/8RAteEPyvIpDNHv8b
4M05lkc8Z2qvh82wXEC9Ccgt70kHAfn9DUBmRQg/LSNmDgQskaQyE+jg/Khh+yOD
QGEQBk5IHS0MNFrfrxVfKktqSPvaIjYdZfBS+b223boR8508OPN+VyWGSMwJDluu
UiVlX4pQ1P+Mkxv1+kS6SN7215TBHwrYSF7sI9/UMZOjtxyGzQDUBRNdk10IKGla
8IeGB30eaYsqFk7niwWr9aMwbMOUq7Ocx22w2b01CobqPRoiCMhefr8unWddzcGB
p6A1migjA6XCnHO41UwoEt3x1kD2rTB3zaxDWU5SfPxJFV27N/h1LCyQFWhrlskX
V/E=
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:33:22 2025 by rpki-client