Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xcrbqamILwIa54iPNNxD4XhqYD8.roa
File:                     xcrbqamILwIa54iPNNxD4XhqYD8.roa (raw, json)
Hash identifier:          3SAeZog29UfFetLEj37z1BkSfkxGleTSqLmxGTWG1wc=
Subject key identifier:   C5:CA:DB:A9:A9:88:2F:02:1A:E7:88:8F:34:DC:43:E1:78:6A:60:3F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018A2971AA2B482E0E48E44652C785908EEB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xcrbqamILwIa54iPNNxD4XhqYD8.roa
Signing time:             Thu 24 Aug 2023 21:27:09 +0000
ROA not before:           Thu 24 Aug 2023 21:27:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:29:71:aa:2b:48:2e:0e:48:e4:46:52:c7:85:90:8e:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 24 21:27:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5cadba9a9882f021ae7888f34dc43e1786a603f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:88:1c:09:b3:92:8a:d8:fb:53:50:f1:23:77:
                    0a:b4:4e:a7:55:ec:a0:59:63:b6:d7:66:6d:0d:b7:
                    c8:a5:2d:d6:80:a6:56:cd:48:3f:44:5b:88:c2:eb:
                    36:02:de:d5:b8:80:71:82:e6:99:6d:03:eb:f5:73:
                    1b:79:23:f8:f5:c2:ee:56:b1:dc:21:e6:4a:80:ec:
                    98:d9:49:70:6e:ec:c0:db:7e:c3:ff:97:f5:3e:8f:
                    2f:57:45:4f:fa:1f:76:81:9b:4d:b7:cc:69:a6:5f:
                    f6:cd:0a:de:ef:fb:3e:6a:70:34:39:a8:8d:e9:df:
                    de:eb:34:15:e2:8f:39:40:c4:6e:8f:e3:5c:99:74:
                    a4:e2:40:42:a6:f7:97:0a:d2:f2:2d:05:25:5f:4c:
                    69:7c:e3:b1:ed:c1:ba:ce:b0:b4:4d:68:4f:48:a2:
                    8c:dc:24:26:be:67:7c:c4:66:1f:48:2a:4a:bf:36:
                    c3:e8:51:3c:80:22:ca:1c:aa:fc:5d:10:70:1d:b8:
                    1c:9c:b2:fd:a3:61:08:ac:8b:42:39:df:19:08:bf:
                    b4:f8:57:1e:05:5b:e4:ca:23:b3:7b:63:cf:66:a0:
                    d6:26:dc:97:6a:ba:ce:4b:6b:b6:d6:81:2a:38:12:
                    8f:a1:cd:0b:69:82:de:22:f2:83:38:4d:31:cd:d3:
                    23:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:CA:DB:A9:A9:88:2F:02:1A:E7:88:8F:34:DC:43:E1:78:6A:60:3F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xcrbqamILwIa54iPNNxD4XhqYD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:c9:d8:7f:61:fa:2e:24:e2:5d:27:1c:1a:b1:e3:a0:4a:01:
         34:5b:dd:bb:d8:06:ce:e0:13:fb:e8:61:bc:cb:15:2f:21:2a:
         c1:4a:62:b1:36:86:3b:51:b3:b9:af:78:42:93:36:59:70:ec:
         f7:bf:8a:de:a9:2e:23:84:76:97:1f:b7:7f:40:1d:e1:13:a9:
         d9:26:35:86:98:9e:e4:7f:61:14:fe:c0:b5:0a:61:ac:66:4c:
         12:58:73:dc:7c:c8:ec:b3:71:1b:b8:e8:aa:73:e6:a0:f5:cd:
         7b:2f:a0:76:3b:77:98:42:23:4b:d1:f3:e1:56:57:9f:f8:23:
         bc:33:1d:5b:69:58:08:f7:e9:af:d2:e4:a1:34:9f:57:cf:7a:
         f5:e7:d4:c6:df:cb:18:03:06:39:af:95:de:2b:5d:54:2c:db:
         63:b2:9e:0e:f9:0c:94:68:0b:a3:25:b2:fe:e4:bc:94:20:91:
         44:69:ba:f7:5b:11:9c:24:3b:59:ff:56:a3:b3:6d:f2:29:0e:
         0c:63:8a:e0:a4:e4:b8:47:05:12:2e:e4:02:31:bb:79:b4:56:
         67:bb:2d:73:11:85:0a:65:6b:4a:2b:46:2b:1a:80:5c:4e:6f:
         57:d8:47:0d:55:e4:08:7b:67:4e:ce:c9:36:07:19:13:2f:7d:
         85:c1:15:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYopcaorSC4OSORGUseFkI7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MjEyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNhZGJhOWE5ODgyZjAyMWFlNzg4OGYzNGRjNDNlMTc4NmE2MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4gcCbOSitj7U1DxI3cKtE6nVeyg
WWO212ZtDbfIpS3WgKZWzUg/RFuIwus2At7VuIBxguaZbQPr9XMbeSP49cLuVrHc
IeZKgOyY2UlwbuzA237D/5f1Po8vV0VP+h92gZtNt8xppl/2zQre7/s+anA0OaiN
6d/e6zQV4o85QMRuj+NcmXSk4kBCpveXCtLyLQUlX0xpfOOx7cG6zrC0TWhPSKKM
3CQmvmd8xGYfSCpKvzbD6FE8gCLKHKr8XRBwHbgcnLL9o2EIrItCOd8ZCL+0+Fce
BVvkyiOze2PPZqDWJtyXarrOS2u21oEqOBKPoc0LaYLeIvKDOE0xzdMjjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMXK26mpiC8CGueIjzTcQ+F4amA/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveGNyYnFhbUlMd0lhNTRpUE5OeEQ0WGhxWUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACjJ2H9h+i4k4l0nHBqx
46BKATRb3bvYBs7gE/voYbzLFS8hKsFKYrE2hjtRs7mveEKTNllw7Pe/it6pLiOE
dpcft39AHeETqdkmNYaYnuR/YRT+wLUKYaxmTBJYc9x8yOyzcRu46Kpz5qD1zXsv
oHY7d5hCI0vR8+FWV5/4I7wzHVtpWAj36a/S5KE0n1fPevXn1MbfyxgDBjmvld4r
XVQs22Oyng75DJRoC6Mlsv7kvJQgkURpuvdbEZwkO1n/VqOzbfIpDgxjiuCk5LhH
BRIu5AIxu3m0Vme7LXMRhQpla0orRisagFxOb1fYRw1V5Ah7Z07OyTYHGRMvfYXB
FRo=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:46:13 2025 by rpki-client