Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa
File:                     o_uMLh6oYUpxDme9jc-7yTo3djo.roa (raw, json)
Hash identifier:          6FyEeoW0pvbdI+aTb7s/iuk3woSU1Iuq7FVCqprDVF4=
Subject key identifier:   A3:FB:8C:2E:1E:A8:61:4A:71:0E:67:BD:8D:CF:BB:C9:3A:37:76:3A
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       8A323913
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa
Signing time:             Sun 05 Jun 2022 18:12:20 +0000
ROA not before:           Sun 05 Jun 2022 18:12:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2318547219 (0x8a323913)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  5 18:12:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3fb8c2e1ea8614a710e67bd8dcfbbc93a37763a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d4:fd:f8:f8:00:57:1a:30:d5:5a:8e:d0:c4:
                    0b:96:c5:d6:cf:f0:1c:fc:c0:d6:f2:99:dd:f0:2e:
                    49:33:9f:15:15:ee:17:cf:a7:b6:89:86:92:06:53:
                    9c:c5:d6:5f:e4:80:5e:cc:7c:8f:a1:1a:62:a1:fb:
                    55:4c:96:0b:b2:f9:4c:dd:50:39:e0:46:d0:3f:a5:
                    2a:de:dd:d4:d2:50:41:2c:fd:5a:57:f5:8a:ed:8d:
                    c7:e3:0c:65:a9:bb:82:07:e5:cb:01:a2:66:c1:33:
                    f2:53:4b:eb:7d:23:e4:a0:c4:71:c7:20:23:cb:09:
                    d5:f1:f3:86:aa:d0:f9:16:c5:10:42:68:21:8b:82:
                    ed:8b:02:43:32:2a:f8:ee:98:45:93:b7:7a:4f:27:
                    b9:6b:67:19:a6:11:ae:9e:8e:37:08:e7:f6:00:32:
                    e6:84:e9:57:a8:0a:3e:17:dd:c9:8c:5c:87:c0:7e:
                    e4:67:3d:de:ce:93:2f:1f:79:26:61:4a:92:6c:f1:
                    a3:cc:bd:93:09:d6:28:13:e2:ad:a6:3c:bb:fb:06:
                    e3:8a:31:86:0b:41:18:7a:59:13:d7:ae:d7:6b:ab:
                    f5:c9:0b:5e:f9:91:73:8c:38:c3:17:c6:cd:3e:ca:
                    21:81:ea:d0:1b:61:53:25:0c:67:56:58:ec:70:44:
                    de:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:FB:8C:2E:1E:A8:61:4A:71:0E:67:BD:8D:CF:BB:C9:3A:37:76:3A
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         73:59:02:e4:7f:d5:ed:aa:43:d7:62:63:d9:60:a0:88:c4:8a:
         84:cc:68:f4:dc:97:bb:55:d9:70:93:0e:7b:7a:02:a3:9e:07:
         79:1f:af:99:39:c5:a3:c6:2d:cc:82:72:6e:68:a5:bf:5f:b2:
         d4:ad:16:80:dd:b2:54:ff:38:87:4b:c7:72:2a:84:39:1d:98:
         3b:ae:7c:e2:51:ee:f8:8f:27:a7:c5:74:96:8e:21:fb:1e:51:
         e1:f4:25:b9:57:9d:02:1e:3e:62:e2:1a:f0:6f:3d:25:91:13:
         60:24:2d:da:3a:43:42:a9:a1:94:21:c7:65:e9:c7:20:7a:f3:
         5d:37:8e:6d:de:44:46:32:49:5d:df:20:0e:92:39:c4:02:b4:
         55:32:28:90:6a:36:bb:fa:9b:24:61:55:00:3f:0f:1a:47:09:
         fa:9d:90:d0:4c:04:d3:53:4f:da:36:1e:91:9c:aa:a1:fd:ff:
         5a:c2:86:22:73:f7:6b:f3:5d:6b:7b:47:87:49:29:2a:ae:57:
         d0:b6:6d:3a:33:93:75:15:02:ba:e7:15:1a:e8:ee:22:e5:6b:
         0b:a9:b0:95:dc:da:4b:bb:9c:13:f2:39:95:3f:af:cf:b4:4f:
         e9:7d:4e:a1:55:05:6a:68:f0:c3:d5:8f:ea:20:57:09:eb:f6:
         6c:f3:c9:98
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIoyORMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDUxODEyMjBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGEzZmI4YzJlMWVh
ODYxNGE3MTBlNjdiZDhkY2ZiYmM5M2EzNzc2M2EwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC61P34+ABXGjDVWo7QxAuWxdbP8Bz8wNbymd3wLkkznxUV
7hfPp7aJhpIGU5zF1l/kgF7MfI+hGmKh+1VMlguy+UzdUDngRtA/pSre3dTSUEEs
/VpX9YrtjcfjDGWpu4IH5csBombBM/JTS+t9I+SgxHHHICPLCdXx84aq0PkWxRBC
aCGLgu2LAkMyKvjumEWTt3pPJ7lrZxmmEa6ejjcI5/YAMuaE6VeoCj4X3cmMXIfA
fuRnPd7Oky8feSZhSpJs8aPMvZMJ1igT4q2mPLv7BuOKMYYLQRh6WRPXrtdrq/XJ
C175kXOMOMMXxs0+yiGB6tAbYVMlDGdWWOxwRN5FAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUo/uMLh6oYUpxDme9jc+7yTo3djowHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9vX3VNTGg2b1lVcHhEbWU5amMtN3lUbzNkam8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAc1kC5H/V7apD12Jj2WCgiMSKhMxo9NyXu1XZ
cJMOe3oCo54HeR+vmTnFo8YtzIJybmilv1+y1K0WgN2yVP84h0vHciqEOR2YO658
4lHu+I8np8V0lo4h+x5R4fQluVedAh4+YuIa8G89JZETYCQt2jpDQqmhlCHHZenH
IHrzXTeObd5ERjJJXd8gDpI5xAK0VTIokGo2u/qbJGFVAD8PGkcJ+p2Q0EwE01NP
2jYekZyqof3/WsKGInP3a/Nda3tHh0kpKq5X0LZtOjOTdRUCuucVGujuIuVrC6mw
ldzaS7ucE/I5lT+vz7RP6X1OoVUFamjww9WP6iBXCev2bPPJmA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:52:24 2025 by rpki-client