Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oT2H4U6sdh_HZ1_HcmdjWrLrnis.roa
File:                     oT2H4U6sdh_HZ1_HcmdjWrLrnis.roa (raw, json)
Hash identifier:          PlLOdQpTlY5rXb3B6BlsTt1TBQzDXulR++KaGiVWedo=
Subject key identifier:   A1:3D:87:E1:4E:AC:76:1F:C7:67:5F:C7:72:67:63:5A:B2:EB:9E:2B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01824183A6BFC17B8E529229A45B62B279E5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oT2H4U6sdh_HZ1_HcmdjWrLrnis.roa
Signing time:             Wed 27 Jul 2022 21:15:23 +0000
ROA not before:           Wed 27 Jul 2022 21:15:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:41:83:a6:bf:c1:7b:8e:52:92:29:a4:5b:62:b2:79:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 27 21:15:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a13d87e14eac761fc7675fc77267635ab2eb9e2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:56:1e:7f:05:0a:90:4b:a0:cf:f0:79:dc:1a:
                    7f:ac:16:ae:95:29:a6:f8:3e:fe:c1:7c:b1:34:7d:
                    b4:3e:92:fc:5e:91:e1:35:85:2b:54:d1:f1:67:5f:
                    d1:70:a7:d7:6b:62:d3:23:cd:8f:98:23:61:7d:85:
                    1d:a6:f6:69:1c:11:6a:a3:8e:f6:fb:b6:cf:c6:87:
                    0e:6a:d3:53:27:5a:df:f1:74:59:81:7d:c8:22:3a:
                    f0:3b:e8:c4:5f:6b:fd:44:eb:80:fe:49:21:50:23:
                    bc:f9:4e:44:1b:7b:06:00:66:0f:7f:c5:86:2f:5a:
                    17:97:fb:6c:da:b5:b5:74:17:6c:e5:13:39:28:f6:
                    5c:b5:d4:a9:24:fa:41:d3:e5:e2:3f:c6:a5:58:00:
                    11:67:1f:f0:a4:88:c3:17:8d:84:dc:9e:62:05:d3:
                    35:d8:79:a6:8f:47:e1:37:5e:1d:a3:8f:ed:b0:3a:
                    bc:63:03:f4:6f:80:18:f0:95:74:49:0d:69:a2:5c:
                    95:90:50:f5:e7:9a:b6:5d:1d:4b:3b:d1:4b:23:68:
                    94:2a:4e:24:15:19:b1:77:40:53:24:f5:67:1d:6d:
                    67:04:20:16:0c:65:bc:46:c6:6a:a6:b9:aa:4a:1e:
                    66:15:b2:a8:6d:bb:45:aa:83:62:2d:77:3e:74:9f:
                    b1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:3D:87:E1:4E:AC:76:1F:C7:67:5F:C7:72:67:63:5A:B2:EB:9E:2B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oT2H4U6sdh_HZ1_HcmdjWrLrnis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:0d:fe:7b:74:49:ed:53:8c:ee:56:74:48:c1:e1:54:11:87:
         9c:49:03:5d:f9:02:0c:fb:80:8d:1a:3f:93:a4:27:77:b9:84:
         39:6e:a7:04:95:8c:43:12:bf:c0:d7:19:5b:6d:f3:32:c8:46:
         f7:b1:39:84:0b:74:94:bb:5d:87:c8:f8:e9:54:73:4d:98:46:
         b9:71:4d:f5:39:c5:cf:5e:f7:ac:a2:c9:0c:f8:1e:9f:5b:f9:
         ae:2f:7c:d3:73:d5:28:24:ce:c4:db:a1:7c:0b:e3:5f:62:95:
         e2:c2:e3:54:6c:84:61:f0:08:aa:e7:9d:07:f7:33:57:67:50:
         c4:db:a9:84:4e:af:7b:88:c8:fa:38:b4:33:5c:5d:10:50:74:
         b6:a8:3a:e2:95:b7:ab:9c:f0:79:d6:ee:82:d3:a5:b1:e0:a6:
         9a:b7:c1:88:00:b8:59:28:53:05:c1:78:a9:12:ea:a1:d8:02:
         2f:4c:5c:23:9d:32:fa:e7:9d:55:a3:36:85:d6:10:e4:7a:cc:
         04:7a:12:0e:e9:25:e1:1e:c0:e8:87:06:b9:ee:f1:41:4a:6d:
         67:01:9a:0f:04:3a:88:c0:7d:55:fd:6e:6d:49:00:b7:46:f5:
         42:2c:db:1e:60:5d:f5:5d:69:26:86:66:83:3a:1f:a3:1a:ea:
         48:6b:18:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJBg6a/wXuOUpIppFtisnnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzI3MjExNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTNkODdlMTRlYWM3NjFmYzc2NzVmYzc3MjY3NjM1YWIyZWI5ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklYefwUKkEugz/B53Bp/rBaulSmm
+D7+wXyxNH20PpL8XpHhNYUrVNHxZ1/RcKfXa2LTI82PmCNhfYUdpvZpHBFqo472
+7bPxocOatNTJ1rf8XRZgX3IIjrwO+jEX2v9ROuA/kkhUCO8+U5EG3sGAGYPf8WG
L1oXl/ts2rW1dBds5RM5KPZctdSpJPpB0+XiP8alWAARZx/wpIjDF42E3J5iBdM1
2Hmmj0fhN14do4/tsDq8YwP0b4AY8JV0SQ1polyVkFD155q2XR1LO9FLI2iUKk4k
FRmxd0BTJPVnHW1nBCAWDGW8RsZqprmqSh5mFbKobbtFqoNiLXc+dJ+xUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKE9h+FOrHYfx2dfx3JnY1qy654rMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb1QySDRVNnNkaF9IWjFfSGNtZGpXckxybmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwN/nt0Se1TjO5WdEjB
4VQRh5xJA135Agz7gI0aP5OkJ3e5hDlupwSVjEMSv8DXGVtt8zLIRvexOYQLdJS7
XYfI+OlUc02YRrlxTfU5xc9e96yiyQz4Hp9b+a4vfNNz1SgkzsTboXwL419ileLC
41RshGHwCKrnnQf3M1dnUMTbqYROr3uIyPo4tDNcXRBQdLaoOuKVt6uc8HnW7oLT
pbHgppq3wYgAuFkoUwXBeKkS6qHYAi9MXCOdMvrnnVWjNoXWEOR6zAR6Eg7pJeEe
wOiHBrnu8UFKbWcBmg8EOojAfVX9bm1JALdG9UIs2x5gXfVdaSaGZoM6H6Ma6khr
GJU=
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:06:17 2025 by rpki-client