Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/RvNIPozHEQXs5iokhMWdzTpjJKw.roa
File:                     RvNIPozHEQXs5iokhMWdzTpjJKw.roa (raw, json)
Hash identifier:          yvOJlvlH/aPFeSnZ5uiNcTe4i5EocSDG2Jgr8QbqyYI=
Subject key identifier:   46:F3:48:3E:8C:C7:11:05:EC:E6:2A:24:84:C5:9D:CD:3A:63:24:AC
Certificate issuer:       /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial:       019422202A63DFBCEE6417F74CB3DAF67961
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/RvNIPozHEQXs5iokhMWdzTpjJKw.roa
Signing time:             Wed 01 Jan 2025 13:48:40 +0000
ROA not before:           Wed 01 Jan 2025 13:48:40 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     16509
IP address blocks:        82.192.96.0/24 maxlen: 24
                          82.192.97.0/24 maxlen: 24
                          82.192.100.0/24 maxlen: 24
                          82.192.101.0/24 maxlen: 24
                          82.192.102.0/24 maxlen: 24
                          82.192.103.0/24 maxlen: 24
                          82.192.108.0/24 maxlen: 24
                          82.192.109.0/24 maxlen: 24
                          82.192.110.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:20:2a:63:df:bc:ee:64:17:f7:4c:b3:da:f6:79:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
        Validity
            Not Before: Jan  1 13:48:40 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=46f3483e8cc71105ece62a2484c59dcd3a6324ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:50:1d:c6:94:e4:66:fa:13:ed:0e:38:1e:83:
                    c3:c2:a2:6b:bf:17:3d:de:c5:eb:04:ec:d7:8c:b3:
                    dd:33:e2:53:50:61:2b:ef:94:76:f6:26:70:1d:ea:
                    39:88:a5:c0:c9:1e:52:eb:57:01:07:49:b7:84:49:
                    06:c4:57:6e:38:f9:ef:62:1f:79:05:a5:96:c9:53:
                    d3:75:39:9c:f3:8f:36:91:8a:66:00:8d:6a:15:1b:
                    eb:cf:62:c3:82:a9:c7:21:b2:7a:40:d5:f7:fe:54:
                    5e:6c:21:28:81:00:ec:cf:4d:0f:60:74:d2:9f:67:
                    95:eb:11:a7:63:cd:fd:7e:e0:43:b8:0d:df:66:c1:
                    ac:0c:51:cc:dd:98:70:ed:6b:c4:75:70:83:08:a5:
                    fa:79:b5:40:11:14:b3:a2:69:5a:be:65:bd:d3:5d:
                    01:f9:04:da:34:d4:b9:69:c7:8d:5e:0f:14:7d:06:
                    28:e3:3d:9c:c1:fd:27:71:cd:78:78:85:97:19:76:
                    d2:7b:82:c9:04:ce:fc:4d:40:d9:84:b1:19:50:af:
                    fe:64:4f:79:ae:36:47:4d:48:ee:ed:17:32:3d:97:
                    97:dc:03:7e:d6:d0:8a:22:cc:48:b5:ad:d4:33:3f:
                    c4:1a:cb:01:02:b0:24:e2:fb:87:4e:99:73:7b:13:
                    3e:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:F3:48:3E:8C:C7:11:05:EC:E6:2A:24:84:C5:9D:CD:3A:63:24:AC
            X509v3 Authority Key Identifier:
                keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/RvNIPozHEQXs5iokhMWdzTpjJKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.192.96.0/23
                  82.192.100.0/22
                  82.192.108.0-82.192.110.255

    Signature Algorithm: sha256WithRSAEncryption
         07:d3:00:91:94:d7:af:e9:ab:24:a7:07:13:d7:60:71:a4:62:
         5c:1d:25:d5:51:c3:b7:df:9a:cd:79:5d:07:52:e2:cf:38:52:
         2b:80:be:c0:44:27:2d:92:3e:7a:8e:8b:d2:d2:31:b3:5a:05:
         c8:f4:da:87:db:27:f1:0a:b8:8f:cf:3e:f3:9d:06:9b:24:06:
         19:96:8d:b3:d8:18:09:cd:57:59:4c:b8:df:9e:14:de:77:a5:
         a4:79:dc:b5:de:2e:9e:6e:0a:f6:35:8d:ea:5d:c2:be:a9:1d:
         c6:8c:86:95:56:f3:88:98:57:fc:ea:66:eb:53:1f:4b:17:bc:
         06:af:bf:ae:72:2f:ca:cf:72:81:4d:91:84:bd:f6:66:32:f5:
         de:f4:23:d9:6a:f5:38:08:15:ac:11:44:62:06:2b:4b:3c:e0:
         3e:70:f0:d1:8b:f0:ec:e9:dd:ad:e0:06:b9:06:85:2e:3c:76:
         7c:ba:b5:8f:1a:4f:6c:a7:3e:19:b4:f6:48:72:63:96:fe:ba:
         db:3a:27:4c:2b:38:a0:fc:0f:e3:5b:b2:16:3f:ea:4c:e9:06:
         c2:ef:fe:20:01:d2:48:8a:ab:18:96:c5:9e:e2:20:ad:2e:ea:
         8e:ae:af:23:a0:2d:ae:8e:4f:52:16:d2:e6:ae:ef:2f:0e:61:
         41:2a:e3:a1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiICpj37zuZBf3TLPa9nlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWNhNDAxMmJmN2I1MDU2ZTJlMGExNjFlYjQ2MTg4NzZj
OTExMmEwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYzNDgzZThjYzcxMTA1ZWNlNjJhMjQ4NGM1OWRjZDNhNjMyNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11AdxpTkZvoT7Q44HoPDwqJrvxc9
3sXrBOzXjLPdM+JTUGEr75R29iZwHeo5iKXAyR5S61cBB0m3hEkGxFduOPnvYh95
BaWWyVPTdTmc8482kYpmAI1qFRvrz2LDgqnHIbJ6QNX3/lRebCEogQDsz00PYHTS
n2eV6xGnY839fuBDuA3fZsGsDFHM3Zhw7WvEdXCDCKX6ebVAERSzomlavmW9010B
+QTaNNS5aceNXg8UfQYo4z2cwf0ncc14eIWXGXbSe4LJBM78TUDZhLEZUK/+ZE95
rjZHTUju7RcyPZeX3AN+1tCKIsxIta3UMz/EGssBArAk4vuHTplzexM+kwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEbzSD6MxxEF7OYqJITFnc06YySsMB8GA1UdIwQY
MBaAFHvspAEr97UFbi4KFh60YYh2yREqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYt
NThjYWY0NzAxYmUzLzEvUnZOSVBvekhFUVhzNWlva2hNV2R6VHBqSkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYtNThjYWY0NzAxYmUz
LzEvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUsBgAwQC
UsBkMAwDBAJSwGwDBABSwG4wDQYJKoZIhvcNAQELBQADggEBAAfTAJGU16/pqySn
BxPXYHGkYlwdJdVRw7ffms15XQdS4s84UiuAvsBEJy2SPnqOi9LSMbNaBcj02ofb
J/EKuI/PPvOdBpskBhmWjbPYGAnNV1lMuN+eFN53paR53LXeLp5uCvY1jepdwr6p
HcaMhpVW84iYV/zqZutTH0sXvAavv65yL8rPcoFNkYS99mYy9d70I9lq9TgIFawR
RGIGK0s84D5w8NGL8Ozp3a3gBrkGhS48dny6tY8aT2ynPhm09khyY5b+uts6J0wr
OKD8D+NbshY/6kzpBsLv/iAB0kiKqxiWxZ7iIK0u6o6uryOgLa6OT1IW0uau7y8O
YUEq46E=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:49 2025 by rpki-client