Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0nVc7nm0VgwD8IFRc2_XdRZileU.roa
File:                     0nVc7nm0VgwD8IFRc2_XdRZileU.roa (raw, json)
Hash identifier:          wSfiQCbBjOFbp0UkExRh7vnjj+pxywqOZW/9alXe1Zs=
Subject key identifier:   D2:75:5C:EE:79:B4:56:0C:03:F0:81:51:73:6F:D7:75:16:62:95:E5
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01870FE34B21404D9C3E51F1CD113F4E15D3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0nVc7nm0VgwD8IFRc2_XdRZileU.roa
Signing time:             Thu 23 Mar 2023 19:12:46 +0000
ROA not before:           Thu 23 Mar 2023 19:12:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0f:e3:4b:21:40:4d:9c:3e:51:f1:cd:11:3f:4e:15:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 23 19:12:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2755cee79b4560c03f08151736fd775166295e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:5d:d8:5d:99:83:fb:f2:2e:36:bb:fa:26:92:
                    b3:56:91:9b:30:eb:60:fb:68:09:7a:f8:fa:19:1b:
                    7b:78:80:dd:b0:9e:5f:01:94:b0:21:96:d7:0b:3e:
                    1d:a4:60:38:0d:1f:ea:38:42:a2:58:70:8f:28:8e:
                    d5:10:3a:ca:f6:c8:03:a7:38:52:c6:f1:79:6a:a1:
                    3f:7d:b2:30:96:46:26:58:7d:e2:55:33:22:b8:a1:
                    1d:7a:7f:f3:91:bb:5c:c8:b5:b0:f2:9a:fc:e0:a2:
                    44:98:8b:68:b7:48:7e:8b:e0:11:1c:3e:61:fe:d0:
                    3e:33:e6:24:85:4c:e1:23:63:26:47:0c:8d:b6:01:
                    2f:fc:94:e0:e7:77:59:02:68:2b:6c:83:3a:e3:aa:
                    06:48:91:95:0f:e6:8a:de:d8:9d:31:7f:0c:b7:eb:
                    1b:c2:8f:49:ec:f9:3e:64:51:1e:f9:de:15:c8:46:
                    6f:79:b3:9f:52:2f:23:d6:b5:2a:82:ac:ab:6b:b9:
                    93:8c:07:d2:98:0e:82:76:ca:82:c1:9d:a7:fd:23:
                    24:fc:b6:cf:dd:3f:3a:9e:52:37:92:13:44:4d:37:
                    15:02:54:e9:b7:38:b0:ad:a0:f9:39:51:36:80:45:
                    75:e3:ac:19:b0:9e:8e:ab:52:46:16:d6:f2:ea:79:
                    e0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:75:5C:EE:79:B4:56:0C:03:F0:81:51:73:6F:D7:75:16:62:95:E5
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0nVc7nm0VgwD8IFRc2_XdRZileU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:ae:1a:e3:34:59:bf:91:aa:b4:af:76:0b:fd:b8:dd:46:0c:
         c6:42:de:0d:a5:10:22:1a:e9:8b:ca:93:ae:df:0e:a4:af:76:
         b1:a4:25:3c:f2:08:a0:c7:27:6d:4a:ac:c5:37:bc:4a:76:07:
         49:ad:ec:84:dc:0b:a4:57:1a:fe:73:ae:8e:3b:13:7b:5d:a0:
         1e:14:08:00:4e:f3:15:b6:07:78:28:bb:15:24:c5:40:f0:9c:
         b7:a5:1d:f9:96:12:8e:24:d6:3e:eb:6c:c2:ad:77:fe:18:79:
         f8:ab:bb:f4:cd:93:2e:3b:46:ee:74:c0:e8:29:75:35:ca:9b:
         7d:75:8a:b1:ff:12:00:73:82:5d:41:fe:53:ce:a8:78:66:e6:
         1e:d7:51:bf:d2:89:26:30:1d:91:ba:33:2e:be:72:18:1c:c8:
         72:75:0e:2b:11:db:2d:7c:22:8a:c7:c1:f2:d3:c7:3c:c1:e2:
         34:ad:fe:8f:a0:82:b6:5a:2a:53:7b:6d:4d:3e:1f:5e:c6:bb:
         9a:dc:b3:47:9c:d7:42:f5:a6:dd:e0:63:62:7a:22:84:a0:f6:
         61:e3:cd:8b:02:17:58:b3:48:05:61:db:7a:03:71:42:83:6e:
         d4:87:bc:19:f3:0d:84:64:3e:cb:f5:36:b1:fe:be:87:7f:ee:
         4a:46:d3:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcP40shQE2cPlHxzRE/ThXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIzMTkxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc1NWNlZTc5YjQ1NjBjMDNmMDgxNTE3MzZmZDc3NTE2NjI5NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/F3YXZmD+/IuNrv6JpKzVpGbMOtg
+2gJevj6GRt7eIDdsJ5fAZSwIZbXCz4dpGA4DR/qOEKiWHCPKI7VEDrK9sgDpzhS
xvF5aqE/fbIwlkYmWH3iVTMiuKEden/zkbtcyLWw8pr84KJEmItot0h+i+ARHD5h
/tA+M+YkhUzhI2MmRwyNtgEv/JTg53dZAmgrbIM646oGSJGVD+aK3tidMX8Mt+sb
wo9J7Pk+ZFEe+d4VyEZvebOfUi8j1rUqgqyra7mTjAfSmA6CdsqCwZ2n/SMk/LbP
3T86nlI3khNETTcVAlTptziwraD5OVE2gEV146wZsJ6Oq1JGFtby6nngLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJ1XO55tFYMA/CBUXNv13UWYpXlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMG5WYzdubTBWZ3dEOElGUmMyX1hkUlppbGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiuGuM0Wb+RqrSvdgv9
uN1GDMZC3g2lECIa6YvKk67fDqSvdrGkJTzyCKDHJ21KrMU3vEp2B0mt7ITcC6RX
Gv5zro47E3tdoB4UCABO8xW2B3gouxUkxUDwnLelHfmWEo4k1j7rbMKtd/4Yefir
u/TNky47Ru50wOgpdTXKm311irH/EgBzgl1B/lPOqHhm5h7XUb/SiSYwHZG6My6+
chgcyHJ1DisR2y18IorHwfLTxzzB4jSt/o+ggrZaKlN7bU0+H17Gu5rcs0ec10L1
pt3gY2J6IoSg9mHjzYsCF1izSAVh23oDcUKDbtSHvBnzDYRkPsv1NrH+vod/7kpG
05I=
-----END CERTIFICATE-----