Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E-pDG4Ya14jvE5OXcBeBVSBi4Wc.roa
File:                     E-pDG4Ya14jvE5OXcBeBVSBi4Wc.roa (raw, json)
Hash identifier:          kPNgqXuOerPCKisjgVGs70h2qTeAXCOkqkfaGxxbW3c=
Subject key identifier:   13:EA:43:1B:86:1A:D7:88:EF:13:93:97:70:17:81:55:20:62:E1:67
Certificate issuer:       /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial:       018B299903D4D80A6CCDB011E183930635AB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E-pDG4Ya14jvE5OXcBeBVSBi4Wc.roa
Signing time:             Fri 13 Oct 2023 15:12:55 +0000
ROA not before:           Fri 13 Oct 2023 15:12:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/96 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:29:99:03:d4:d8:0a:6c:cd:b0:11:e1:83:93:06:35:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
        Validity
            Not Before: Oct 13 15:12:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13ea431b861ad788ef139397701781552062e167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c3:86:7f:24:70:5e:3b:08:6b:26:7d:13:2c:
                    61:a6:a8:9a:52:db:7c:af:19:d3:2d:a9:0f:06:30:
                    69:b0:13:ea:e2:4b:75:d3:2e:6a:5f:2a:3a:35:eb:
                    d8:a4:c5:cc:57:cc:ec:23:52:bf:9a:73:10:de:20:
                    84:a9:cb:11:05:68:07:5b:41:b3:e8:a3:84:a4:cb:
                    07:97:44:7f:55:64:cb:03:b9:5c:90:d0:3c:2a:61:
                    56:4a:05:7b:22:ca:0a:f1:06:e7:9c:e3:a6:a4:cd:
                    95:bb:3a:8c:3f:2c:e8:90:dc:0a:ef:20:94:5c:12:
                    54:3b:98:12:96:64:11:25:88:6d:3a:22:55:8b:e6:
                    b3:0b:f5:46:39:3f:24:e4:75:b2:0e:69:b3:a2:db:
                    fa:24:2a:76:c1:cc:71:e8:34:f2:af:8e:94:f7:2c:
                    79:ce:58:64:1d:fb:33:b1:ae:c2:fd:f7:77:34:e5:
                    be:09:1c:9a:36:ff:f4:2c:fe:67:b4:5f:06:0c:09:
                    6d:28:3b:47:bb:28:d4:7a:aa:5c:e2:62:fa:5e:11:
                    ef:52:9e:cc:aa:29:e1:5f:7b:02:f4:e5:24:48:2e:
                    23:40:03:e7:7b:f2:4d:7c:eb:42:b0:d2:8f:c0:d8:
                    28:8b:64:0b:fc:fd:8a:cf:77:1f:41:1b:d2:64:ed:
                    fd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:EA:43:1B:86:1A:D7:88:EF:13:93:97:70:17:81:55:20:62:E1:67
            X509v3 Authority Key Identifier:
                keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E-pDG4Ya14jvE5OXcBeBVSBi4Wc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:4b:65:02:a3:86:af:f7:70:44:29:66:00:f4:92:5f:e6:bc:
         ef:cd:36:66:a7:4e:eb:ae:81:86:89:14:ef:27:59:56:14:a6:
         82:f4:6e:73:3a:02:ae:60:64:d9:95:fe:1d:e7:7f:23:1a:c4:
         a2:86:54:23:09:72:09:27:a5:b3:5a:f6:dd:30:90:33:1c:0e:
         4e:76:10:89:91:b2:f9:21:ab:7e:58:4f:19:f1:f5:72:ee:c4:
         f5:c6:24:bd:c3:ba:bd:fb:ce:e4:9c:51:0e:e5:c2:df:81:0a:
         0d:ac:b6:43:84:20:21:1a:e6:aa:a9:bf:4a:bc:b5:46:69:88:
         90:be:14:8e:fa:09:35:57:c2:62:aa:c2:31:c1:e4:87:2b:ff:
         6b:0f:4f:87:1c:93:ab:6c:55:10:ed:65:e7:11:6a:16:d3:87:
         ea:16:42:df:54:99:45:0a:5e:64:1d:fa:ee:93:e0:26:e2:f2:
         0a:88:38:3e:4a:a3:a1:81:95:67:2f:f5:1e:13:8b:aa:fd:2c:
         54:1b:78:3f:45:43:11:47:5e:0d:a0:c3:d2:d5:2e:ff:95:e4:
         01:af:0d:86:5c:0f:01:a9:41:5d:91:fb:62:fe:6d:05:52:ec:
         99:9e:cf:45:35:7b:39:c8:25:a6:cf:32:14:eb:1d:c9:a0:ff:
         b4:16:1d:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYspmQPU2ApszbAR4YOTBjWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTUxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VhNDMxYjg2MWFkNzg4ZWYxMzkzOTc3MDE3ODE1NTIwNjJlMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8OGfyRwXjsIayZ9EyxhpqiaUtt8
rxnTLakPBjBpsBPq4kt10y5qXyo6NevYpMXMV8zsI1K/mnMQ3iCEqcsRBWgHW0Gz
6KOEpMsHl0R/VWTLA7lckNA8KmFWSgV7IsoK8QbnnOOmpM2VuzqMPyzokNwK7yCU
XBJUO5gSlmQRJYhtOiJVi+azC/VGOT8k5HWyDmmzotv6JCp2wcxx6DTyr46U9yx5
zlhkHfszsa7C/fd3NOW+CRyaNv/0LP5ntF8GDAltKDtHuyjUeqpc4mL6XhHvUp7M
qinhX3sC9OUkSC4jQAPne/JNfOtCsNKPwNgoi2QL/P2Kz3cfQRvSZO39ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBPqQxuGGteI7xOTl3AXgVUgYuFnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRS1wREc0WWExNGp2RTVPWGNCZUJWU0JpNFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK1LZQKjhq/3cEQpZgD0
kl/mvO/NNmanTuuugYaJFO8nWVYUpoL0bnM6Aq5gZNmV/h3nfyMaxKKGVCMJcgkn
pbNa9t0wkDMcDk52EImRsvkhq35YTxnx9XLuxPXGJL3Dur37zuScUQ7lwt+BCg2s
tkOEICEa5qqpv0q8tUZpiJC+FI76CTVXwmKqwjHB5Icr/2sPT4cck6tsVRDtZecR
ahbTh+oWQt9UmUUKXmQd+u6T4Cbi8gqIOD5Ko6GBlWcv9R4Ti6r9LFQbeD9FQxFH
Xg2gw9LVLv+V5AGvDYZcDwGpQV2R+2L+bQVS7Jmez0U1eznIJabPMhTrHcmg/7QW
HQM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:56 2025 by rpki-client