Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa
File:                     5bKNxewV75OXh6Z0jAouEAb87_8.roa (raw, json)
Hash identifier:          qupCu8ooiGL/iNFjoRJuWxMgJO64vPVEJeE/umSc9IQ=
Subject key identifier:   E5:B2:8D:C5:EC:15:EF:93:97:87:A6:74:8C:0A:2E:10:06:FC:EF:FF
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018A4514C87C0A7EF38295662F0BC45861E4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa
Signing time:             Wed 30 Aug 2023 06:15:04 +0000
ROA not before:           Wed 30 Aug 2023 06:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:45:14:c8:7c:0a:7e:f3:82:95:66:2f:0b:c4:58:61:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Aug 30 06:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5b28dc5ec15ef939787a6748c0a2e1006fcefff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:00:84:b1:05:c7:f3:c3:ce:dd:8a:2e:89:f8:
                    97:79:f2:5e:6f:6c:1f:fa:de:da:ab:85:7d:a8:77:
                    ae:08:0a:5b:72:7f:01:c1:bd:6f:d4:2b:0e:33:77:
                    ec:5b:b6:2e:80:eb:d1:d8:85:e3:2b:85:0c:bc:19:
                    a2:cf:aa:23:e6:c9:30:7c:51:3b:ff:fe:47:6f:41:
                    60:af:e0:31:8d:a2:bd:db:50:cf:3e:43:c2:8c:bd:
                    e7:af:fd:b7:5e:e3:fe:73:df:85:9f:32:73:88:99:
                    27:fa:b0:bf:ff:b2:2e:d6:fc:52:8e:d7:e1:48:ac:
                    06:3c:e9:9c:4a:0f:6a:e9:93:07:fb:97:01:50:b8:
                    3d:ea:d6:d0:cf:a6:19:79:d6:e5:33:51:c3:cb:3d:
                    e3:4e:14:63:f7:87:03:ca:24:2f:b2:81:d9:88:fa:
                    08:62:5d:49:9b:c8:a4:2e:49:44:8c:48:44:06:bb:
                    5d:9b:b4:de:d3:76:93:65:27:87:13:57:76:8a:3a:
                    b7:0a:3c:97:18:23:03:07:2c:fc:45:38:b2:26:d9:
                    53:d0:f8:d5:9c:91:9f:b3:5b:f2:cc:0f:9a:5e:7e:
                    69:bf:7f:e4:b6:a4:af:3e:80:a3:49:27:9f:86:05:
                    5e:e1:1b:12:cf:4a:64:89:85:93:3b:a5:6d:83:57:
                    14:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:B2:8D:C5:EC:15:EF:93:97:87:A6:74:8C:0A:2E:10:06:FC:EF:FF
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:ec:72:1b:9c:7f:d1:45:f1:c4:6c:34:ea:46:c8:56:bf:19:
         c5:42:f2:45:82:9a:04:e0:9e:f8:3a:62:08:a0:c1:2b:4d:a6:
         18:eb:90:92:23:f7:d1:7c:cf:93:01:da:a0:60:9d:c2:62:1d:
         2f:a4:5a:e9:0e:e2:78:07:80:a2:60:b2:26:b5:2b:ab:51:c6:
         31:f7:77:9c:86:a3:f5:92:fd:6f:14:30:93:9d:fe:d3:fa:91:
         bb:a9:ad:ea:7a:a7:23:f7:44:c4:a5:3c:ae:e0:ad:85:d8:83:
         21:ae:c0:6c:4e:b9:df:2a:4d:4a:f9:e4:5d:94:bc:ec:20:04:
         56:04:2e:ec:5a:fb:28:11:07:67:31:54:4d:36:7d:a1:3e:ca:
         6e:b2:31:b7:89:85:fa:7a:ac:bb:a6:59:48:40:52:04:37:6b:
         e8:e2:20:0c:9e:26:73:d4:7f:af:48:bc:ac:76:98:a1:dc:6c:
         c6:56:45:9a:a2:d8:c9:b5:db:cf:e1:69:c7:e8:03:bf:4a:8f:
         fe:e3:44:3e:e4:b9:59:0a:d1:c0:be:f3:57:0e:05:63:e5:a4:
         0a:a7:68:a8:d5:98:08:6a:05:e3:6a:f8:fe:7b:cc:69:b7:72:
         7b:70:a6:82:e0:91:fb:53:46:72:cf:17:63:ca:03:54:58:7e:
         8a:01:a4:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFFMh8Cn7zgpVmLwvEWGHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODMwMDYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWIyOGRjNWVjMTVlZjkzOTc4N2E2NzQ4YzBhMmUxMDA2ZmNlZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqACEsQXH88PO3YouifiXefJeb2wf
+t7aq4V9qHeuCApbcn8Bwb1v1CsOM3fsW7YugOvR2IXjK4UMvBmiz6oj5skwfFE7
//5Hb0Fgr+AxjaK921DPPkPCjL3nr/23XuP+c9+FnzJziJkn+rC//7Iu1vxSjtfh
SKwGPOmcSg9q6ZMH+5cBULg96tbQz6YZedblM1HDyz3jThRj94cDyiQvsoHZiPoI
Yl1Jm8ikLklEjEhEBrtdm7Te03aTZSeHE1d2ijq3CjyXGCMDByz8RTiyJtlT0PjV
nJGfs1vyzA+aXn5pv3/ktqSvPoCjSSefhgVe4RsSz0pkiYWTO6Vtg1cUOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOWyjcXsFe+Tl4emdIwKLhAG/O//MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNWJLTnhld1Y3NU9YaDZaMGpBb3VFQWI4N184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPschucf9FF8cRsNOpG
yFa/GcVC8kWCmgTgnvg6YgigwStNphjrkJIj99F8z5MB2qBgncJiHS+kWukO4ngH
gKJgsia1K6tRxjH3d5yGo/WS/W8UMJOd/tP6kbuprep6pyP3RMSlPK7grYXYgyGu
wGxOud8qTUr55F2UvOwgBFYELuxa+ygRB2cxVE02faE+ym6yMbeJhfp6rLumWUhA
UgQ3a+jiIAyeJnPUf69IvKx2mKHcbMZWRZqi2Mm128/hacfoA79Kj/7jRD7kuVkK
0cC+81cOBWPlpAqnaKjVmAhqBeNq+P57zGm3cntwpoLgkftTRnLPF2PKA1RYfooB
pGQ=
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:55:36 2025 by rpki-client