Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/swKlPk0E_LA-2JwFysq9GuaUaZo.roa
File:                     swKlPk0E_LA-2JwFysq9GuaUaZo.roa (raw, json)
Hash identifier:          c5wNS2xzEHMJv1jhT32mXtF63qoT62ZSWYgNNXU7nWk=
Subject key identifier:   B3:02:A5:3E:4D:04:FC:B0:3E:D8:9C:05:CA:CA:BD:1A:E6:94:69:9A
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0185EB3280EE1F4B913D36B439571EA871DB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/swKlPk0E_LA-2JwFysq9GuaUaZo.roa
Signing time:             Wed 25 Jan 2023 23:10:33 +0000
ROA not before:           Wed 25 Jan 2023 23:10:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:eb:32:80:ee:1f:4b:91:3d:36:b4:39:57:1e:a8:71:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jan 25 23:10:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b302a53e4d04fcb03ed89c05cacabd1ae694699a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a7:d3:94:b4:2f:20:c5:fa:a7:50:b5:18:93:
                    0f:01:cb:1f:42:fb:6e:dd:88:d3:08:54:fe:44:9b:
                    91:43:a3:54:b3:83:ef:50:b5:86:37:de:ce:2b:a4:
                    6d:10:8b:06:66:8a:22:73:58:85:57:1a:13:33:6f:
                    73:9a:03:f9:dc:41:7b:a3:85:d7:7f:6a:7a:c5:60:
                    76:9f:47:dc:f1:67:7c:0c:e2:54:fc:ff:44:b4:f5:
                    de:1f:92:ce:4e:ec:fe:bf:87:0d:c6:63:3d:ed:29:
                    f3:16:ee:8a:02:48:bd:a2:34:02:1a:7d:52:3e:e2:
                    76:2e:b0:16:c4:c0:82:00:15:3b:7c:5e:9e:7a:d5:
                    83:2b:90:db:05:9b:a2:31:42:f6:39:b1:05:d1:04:
                    1f:96:9e:97:46:91:3a:86:e2:f1:b2:d2:9b:41:21:
                    49:46:8a:d7:98:05:91:04:09:40:bf:6e:72:f2:76:
                    3a:10:cf:4f:67:ef:f7:8d:f2:22:55:db:a7:34:bf:
                    9b:9a:5b:02:56:4f:d8:ed:2c:e5:b2:39:7a:07:61:
                    ee:f9:ca:fa:85:0c:aa:c3:db:b1:7a:d5:80:60:5d:
                    4d:76:2e:27:41:ed:9a:bf:02:f3:f8:d1:00:b8:3f:
                    a2:01:18:d8:67:bd:f5:35:64:16:52:49:5b:d1:96:
                    da:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:02:A5:3E:4D:04:FC:B0:3E:D8:9C:05:CA:CA:BD:1A:E6:94:69:9A
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/swKlPk0E_LA-2JwFysq9GuaUaZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:f2:39:10:32:5d:c8:ff:05:4e:99:3f:3a:7b:36:12:1e:5a:
         63:a4:c2:19:65:e7:83:09:d1:e9:b7:98:42:76:a4:58:b6:36:
         20:ef:0f:4e:36:90:d5:c2:2a:f9:fe:81:d6:70:fb:97:03:e3:
         42:aa:94:d1:6a:49:fe:7a:32:2b:bc:cc:f6:83:16:7c:a5:a5:
         75:f2:b4:6a:f9:b3:b1:60:86:27:5f:e4:91:4f:13:a4:a3:06:
         85:25:af:85:b4:6f:42:c1:20:f1:a5:29:26:7f:2b:84:6e:74:
         29:13:f8:d0:00:71:10:7f:cd:7b:f5:1f:f0:0f:fb:93:05:83:
         85:6e:6f:9b:da:9b:a5:aa:04:3c:a5:44:0d:35:c2:fc:5e:1a:
         bf:70:ff:0c:93:04:8a:14:a3:b3:f6:54:ca:af:a3:3d:48:e9:
         e5:a9:42:86:e3:cf:7e:be:63:43:6d:85:76:bb:44:31:21:52:
         5c:3a:07:13:79:5b:78:1d:90:90:37:fc:a1:0a:5b:b8:de:af:
         80:dd:f8:37:a2:4c:91:26:43:91:49:75:c5:a3:56:e3:78:9e:
         b4:71:8d:ab:81:9a:8c:1c:b2:ca:b3:fe:b3:df:d0:7e:3e:bc:
         f2:ee:b9:c1:ca:bd:f5:d8:97:05:85:7c:db:74:f9:19:58:07:
         1a:ff:72:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXrMoDuH0uRPTa0OVceqHHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI1MjMxMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzAyYTUzZTRkMDRmY2IwM2VkODljMDVjYWNhYmQxYWU2OTQ2OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKfTlLQvIMX6p1C1GJMPAcsfQvtu
3YjTCFT+RJuRQ6NUs4PvULWGN97OK6RtEIsGZooic1iFVxoTM29zmgP53EF7o4XX
f2p6xWB2n0fc8Wd8DOJU/P9EtPXeH5LOTuz+v4cNxmM97SnzFu6KAki9ojQCGn1S
PuJ2LrAWxMCCABU7fF6eetWDK5DbBZuiMUL2ObEF0QQflp6XRpE6huLxstKbQSFJ
RorXmAWRBAlAv25y8nY6EM9PZ+/3jfIiVdunNL+bmlsCVk/Y7Szlsjl6B2Hu+cr6
hQyqw9uxetWAYF1Ndi4nQe2avwLz+NEAuD+iARjYZ731NWQWUklb0ZbadwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLMCpT5NBPywPticBcrKvRrmlGmaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc3dLbFBrMEVfTEEtMkp3RnlzcTlHdWFVYVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIbyORAyXcj/BU6ZPzp7
NhIeWmOkwhll54MJ0em3mEJ2pFi2NiDvD042kNXCKvn+gdZw+5cD40KqlNFqSf56
Miu8zPaDFnylpXXytGr5s7Fghidf5JFPE6SjBoUlr4W0b0LBIPGlKSZ/K4RudCkT
+NAAcRB/zXv1H/AP+5MFg4Vub5vam6WqBDylRA01wvxeGr9w/wyTBIoUo7P2VMqv
oz1I6eWpQobjz36+Y0NthXa7RDEhUlw6BxN5W3gdkJA3/KEKW7jer4Dd+DeiTJEm
Q5FJdcWjVuN4nrRxjauBmowcssqz/rPf0H4+vPLuucHKvfXYlwWFfNt0+RlYBxr/
cmk=
-----END CERTIFICATE-----
Generated at Thu Jun 12 00:23:53 2025 by rpki-client