Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AKATZfjtjBP6tEQ3qujmwotkuzc.roa
File:                     AKATZfjtjBP6tEQ3qujmwotkuzc.roa (raw, json)
Hash identifier:          D3hsHfUARzUzB2Z9nzDhGcP/NAA/7XIhFPUqLBDQPfM=
Subject key identifier:   00:A0:13:65:F8:ED:8C:13:FA:B4:44:37:AA:E8:E6:C2:8B:64:BB:37
Certificate issuer:       /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial:       018AD2B4ED6A3A8F6D33B485EF55AA2A567A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AKATZfjtjBP6tEQ3qujmwotkuzc.roa
Signing time:             Tue 26 Sep 2023 18:16:27 +0000
ROA not before:           Tue 26 Sep 2023 18:16:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d2:b4:ed:6a:3a:8f:6d:33:b4:85:ef:55:aa:2a:56:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
        Validity
            Not Before: Sep 26 18:16:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00a01365f8ed8c13fab44437aae8e6c28b64bb37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ed:44:0f:a7:56:5b:e1:1e:a5:0c:f5:4e:eb:
                    60:12:9a:91:7d:a4:b6:6a:d6:c6:cd:b6:ed:f8:2a:
                    6f:ae:98:0e:00:9d:9e:32:5b:17:b6:30:66:f5:64:
                    3a:2b:62:68:d3:3a:11:42:b4:9f:e4:31:f2:95:9c:
                    6e:dc:7d:4d:aa:52:eb:6e:6f:6e:b6:9d:d4:c9:4a:
                    f5:f9:98:c9:aa:be:2b:c3:cd:3e:1b:eb:54:57:aa:
                    e8:75:cc:82:d3:cb:c2:2e:10:1f:4d:f5:3e:30:09:
                    62:71:d3:da:73:2a:aa:6e:f5:48:3f:cc:66:6f:d4:
                    1f:e9:1f:68:16:f4:f4:f3:0d:5e:3b:70:40:f1:38:
                    c3:a3:b8:da:09:cf:24:1b:3c:21:16:91:e8:de:53:
                    2d:2a:e0:ae:23:d8:80:43:65:c0:0e:cf:ce:93:f8:
                    f6:44:40:88:a6:56:c0:0c:84:17:30:54:3a:61:68:
                    a2:ee:0b:83:fd:02:7f:ad:fa:37:27:a1:6a:a8:93:
                    ef:14:76:2c:50:10:66:c8:13:d0:13:c6:57:56:45:
                    6b:41:76:75:6f:ef:27:26:1d:75:c8:b0:51:75:e0:
                    83:df:bf:6b:64:8e:de:3f:01:8f:ad:37:00:fd:97:
                    ed:82:c9:a5:bb:b3:c3:2a:b9:c7:b0:9f:f2:b5:49:
                    04:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:A0:13:65:F8:ED:8C:13:FA:B4:44:37:AA:E8:E6:C2:8B:64:BB:37
            X509v3 Authority Key Identifier:
                keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AKATZfjtjBP6tEQ3qujmwotkuzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:c0:85:fe:16:0f:6e:ed:0d:be:20:7d:a7:68:b8:1b:bb:70:
         ab:47:1c:34:3b:bf:20:7e:f0:73:d8:9e:2e:87:7a:5b:a5:82:
         c6:1c:41:a7:85:7a:b9:9f:b7:ae:4d:70:b1:3e:5c:6e:af:3a:
         6a:d4:6e:06:9c:e7:e1:57:c6:0a:37:41:f0:6f:8d:c6:a4:61:
         09:0f:3c:56:03:a7:8f:2d:87:37:f5:a4:2e:17:e2:a0:f0:82:
         82:1f:2a:8a:8c:0f:71:dc:a2:e1:e8:77:ad:6f:c1:3e:53:c0:
         38:07:04:70:6f:d0:36:df:4d:1c:6a:d1:d5:40:4b:3b:c8:5a:
         28:40:46:1a:85:cd:8c:79:d5:db:a9:a9:8a:e4:8a:25:21:f7:
         5f:16:ab:7a:bc:eb:78:9e:0a:ed:51:16:f1:bf:9e:05:8e:f6:
         6d:d7:51:c9:27:4a:a8:46:51:0c:ba:9f:6c:e0:61:c8:70:b1:
         04:50:73:50:91:9b:73:ac:e8:a2:f8:1b:15:08:7d:0c:26:bc:
         ef:f7:f7:1a:ac:2c:84:48:ec:18:9a:0c:d9:c2:f9:63:61:46:
         89:ae:6b:55:44:7e:a5:b4:13:77:ff:26:a1:76:53:54:24:e1:
         dc:68:20:77:78:21:54:72:a0:df:b3:f0:81:52:e8:de:08:13:
         39:ea:bc:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrStO1qOo9tM7SF71WqKlZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTgxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGEwMTM2NWY4ZWQ4YzEzZmFiNDQ0MzdhYWU4ZTZjMjhiNjRiYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+1ED6dWW+EepQz1TutgEpqRfaS2
atbGzbbt+CpvrpgOAJ2eMlsXtjBm9WQ6K2Jo0zoRQrSf5DHylZxu3H1NqlLrbm9u
tp3UyUr1+ZjJqr4rw80+G+tUV6rodcyC08vCLhAfTfU+MAlicdPacyqqbvVIP8xm
b9Qf6R9oFvT08w1eO3BA8TjDo7jaCc8kGzwhFpHo3lMtKuCuI9iAQ2XADs/Ok/j2
RECIplbADIQXMFQ6YWii7guD/QJ/rfo3J6FqqJPvFHYsUBBmyBPQE8ZXVkVrQXZ1
b+8nJh11yLBRdeCD379rZI7ePwGPrTcA/Zftgsmlu7PDKrnHsJ/ytUkErwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFACgE2X47YwT+rREN6ro5sKLZLs3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQUtBVFpmanRqQlA2dEVRM3F1am13b3RrdXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHAhf4WD27tDb4gfado
uBu7cKtHHDQ7vyB+8HPYni6HelulgsYcQaeFermft65NcLE+XG6vOmrUbgac5+FX
xgo3QfBvjcakYQkPPFYDp48thzf1pC4X4qDwgoIfKoqMD3HcouHod61vwT5TwDgH
BHBv0DbfTRxq0dVASzvIWihARhqFzYx51dupqYrkiiUh918Wq3q863ieCu1RFvG/
ngWO9m3XUcknSqhGUQy6n2zgYchwsQRQc1CRm3Os6KL4GxUIfQwmvO/39xqsLIRI
7BiaDNnC+WNhRomua1VEfqW0E3f/JqF2U1Qk4dxoIHd4IVRyoN+z8IFS6N4IEznq
vPM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:19:45 2025 by rpki-client