Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa
File:                     qOkuiZePULhc7tgCeI-aqi34gQ8.roa (raw, json)
Hash identifier:          dfUBSyhltQRxOmOu0nd/XvFiBrIynpfolFeSe8T7vtQ=
Subject key identifier:   A8:E9:2E:89:97:8F:50:B8:5C:EE:D8:02:78:8F:9A:AA:2D:F8:81:0F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       6A612659
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa
Signing time:             Sun 13 Feb 2022 22:08:29 +0000
ROA not before:           Sun 13 Feb 2022 22:08:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1784751705 (0x6a612659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Feb 13 22:08:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8e92e89978f50b85ceed802788f9aaa2df8810f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5e:f3:3c:25:92:15:c4:58:40:f5:6b:59:c9:
                    3e:98:68:4c:38:29:15:e0:d9:9d:26:65:b9:d8:e2:
                    5e:ac:06:6d:67:5c:a9:da:84:99:54:8e:83:9e:f4:
                    5a:4a:50:34:62:f7:6c:d1:a4:eb:36:28:81:23:38:
                    a8:e0:ee:24:62:2b:57:2b:12:17:da:15:b8:8c:66:
                    40:17:ba:81:b7:e1:2b:18:3f:51:e7:62:f9:45:3a:
                    51:92:06:62:44:e9:7a:cb:ca:ec:5d:34:0c:0d:5f:
                    fa:f4:f3:2d:0e:a0:67:8d:38:88:f9:0c:5c:83:1f:
                    dc:73:d8:f4:f3:2e:8d:19:03:48:2d:87:c2:52:12:
                    81:04:23:df:c2:ec:fb:c1:84:5f:da:c1:1d:90:93:
                    a0:3f:8d:7b:e5:b3:b5:c2:20:3b:b7:6d:1b:7b:86:
                    a4:4f:07:a9:62:bd:37:37:fe:42:9e:62:43:5b:f6:
                    19:da:3b:ce:51:ad:1f:5e:65:55:2a:5d:1c:0b:14:
                    77:68:83:56:78:a5:80:44:47:15:68:79:dc:8a:e7:
                    db:21:a2:aa:f2:8a:7a:b0:0d:99:75:8e:9c:42:b5:
                    92:4b:ed:c5:6c:ff:ca:d4:cc:d0:6f:2c:38:e4:ac:
                    4e:91:e2:c6:fc:ef:49:40:fa:12:d6:bd:9a:4f:c3:
                    7b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:E9:2E:89:97:8F:50:B8:5C:EE:D8:02:78:8F:9A:AA:2D:F8:81:0F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:5e:d0:cf:61:ca:9d:3c:28:60:d1:fe:03:f2:ec:da:5a:f5:
         dd:14:a7:fe:ed:d3:92:7d:bd:12:75:3e:40:4d:c7:3c:e4:42:
         fa:c1:7e:75:b2:dc:6e:a6:03:42:c3:e7:0a:90:9d:50:33:66:
         0f:1a:c1:f6:0d:a2:8c:9a:27:fb:14:f5:fc:ca:bb:03:06:c2:
         4c:cb:3d:8a:bc:bb:ee:0f:05:16:aa:d9:1b:b1:df:fd:26:2c:
         f6:25:93:07:b4:6b:e4:35:5d:a9:63:1d:71:2d:eb:30:30:5a:
         80:0b:ee:41:de:2c:6c:1f:bc:c5:c3:3b:22:52:93:92:9b:0d:
         0e:84:50:64:9b:c8:16:fc:b9:0c:8e:4d:24:fb:2a:27:4f:16:
         3e:b8:ac:2c:97:48:92:c0:48:12:cf:e8:ff:29:3c:8e:ef:47:
         64:17:41:1c:c4:9b:88:bb:b6:d6:dd:85:5f:1f:3e:11:d0:ec:
         e9:8f:e9:86:98:d8:71:50:36:87:21:16:72:ab:ee:34:43:96:
         84:a8:7e:d1:76:eb:36:d4:36:7f:c6:f6:ed:df:af:40:0d:00:
         f3:d0:ef:9e:a4:54:09:a2:9d:fa:8f:4d:f6:6d:84:34:d8:f0:
         65:37:27:fc:9d:ee:32:7b:17:8c:85:97:2f:c7:7c:a4:dd:27:
         79:83:7c:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEamEmWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
MzIyMDgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThlOTJlODk5Nzhm
NTBiODVjZWVkODAyNzg4ZjlhYWEyZGY4ODEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJte8zwlkhXEWED1a1nJPphoTDgpFeDZnSZludjiXqwGbWdc
qdqEmVSOg570WkpQNGL3bNGk6zYogSM4qODuJGIrVysSF9oVuIxmQBe6gbfhKxg/
Uedi+UU6UZIGYkTpesvK7F00DA1f+vTzLQ6gZ404iPkMXIMf3HPY9PMujRkDSC2H
wlISgQQj38Ls+8GEX9rBHZCToD+Ne+WztcIgO7dtG3uGpE8HqWK9Nzf+Qp5iQ1v2
Gdo7zlGtH15lVSpdHAsUd2iDVnilgERHFWh53Irn2yGiqvKKerANmXWOnEK1kkvt
xWz/ytTM0G8sOOSsTpHixvzvSUD6Eta9mk/De1UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSo6S6Jl49QuFzu2AJ4j5qqLfiBDzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3FPa3VpWmVQVUxoYzd0Z0NlSS1hcWkzNGdROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBkXtDPYcqdPChg0f4D8uzaWvXdFKf+7dOSfb0S
dT5ATcc85EL6wX51stxupgNCw+cKkJ1QM2YPGsH2DaKMmif7FPX8yrsDBsJMyz2K
vLvuDwUWqtkbsd/9Jiz2JZMHtGvkNV2pYx1xLeswMFqAC+5B3ixsH7zFwzsiUpOS
mw0OhFBkm8gW/LkMjk0k+yonTxY+uKwsl0iSwEgSz+j/KTyO70dkF0EcxJuIu7bW
3YVfHz4R0Ozpj+mGmNhxUDaHIRZyq+40Q5aEqH7Rdus21DZ/xvbt369ADQDz0O+e
pFQJop36j032bYQ02PBlNyf8ne4yexeMhZcvx3yk3Sd5g3zj
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:53:29 2025 by rpki-client