Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-0lTUugXRgNjGBrK5K3oX1BUKHU.roa
File:                     1-0lTUugXRgNjGBrK5K3oX1BUKHU.roa (raw, json)
Hash identifier:          RtFYubjOuAHVbkYs18tMmC3TRd0txI6++uLaBAOQqGM=
Subject key identifier:   FB:49:53:52:E8:17:46:03:63:18:1A:CA:E4:AD:E8:5F:50:54:28:75
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018894B06A2360027FDF6C1E383751598D22
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-0lTUugXRgNjGBrK5K3oX1BUKHU.roa
Signing time:             Wed 07 Jun 2023 07:09:29 +0000
ROA not before:           Wed 07 Jun 2023 07:09:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:94:b0:6a:23:60:02:7f:df:6c:1e:38:37:51:59:8d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  7 07:09:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fb495352e817460363181acae4ade85f50542875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f0:aa:d4:62:02:20:94:b4:b7:b8:8a:7a:5a:
                    f7:75:18:aa:e9:1a:93:7a:5f:6e:d4:17:ca:21:24:
                    06:97:e5:b8:4b:62:a9:e4:d5:59:6f:19:ad:16:e2:
                    5a:f1:4d:b1:1c:b2:47:0f:6f:a6:19:0d:14:1f:ab:
                    0e:57:2b:30:11:c7:51:ef:2e:df:38:86:fb:51:88:
                    94:c4:07:5f:f9:0f:23:69:1d:8c:fc:3c:42:92:88:
                    d2:c7:97:79:ab:36:6b:51:83:ab:b5:c5:e9:ba:72:
                    b4:3c:e1:bc:54:62:fe:4f:18:22:fe:ac:e4:65:4b:
                    38:e7:52:c3:99:9c:62:ae:35:12:07:05:6b:7b:20:
                    79:a3:98:75:05:5d:dd:fd:74:bd:82:9a:06:93:19:
                    cf:77:e0:6d:31:d3:33:a4:30:da:e4:01:ec:97:09:
                    88:70:e3:dd:cb:a5:f0:27:78:ed:b2:93:7f:18:ca:
                    f3:20:9b:de:49:d3:70:f4:e9:36:51:49:0a:08:b2:
                    bb:de:b7:53:6f:9a:b3:b5:2c:25:d4:a7:40:d5:bb:
                    db:34:b6:05:b5:d8:c7:68:16:5b:d3:2d:27:ed:2d:
                    e0:32:9f:b0:81:75:48:2a:da:93:a4:59:cd:c9:a7:
                    95:39:39:57:df:1f:3c:7f:02:55:15:43:94:8e:dd:
                    b0:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:49:53:52:E8:17:46:03:63:18:1A:CA:E4:AD:E8:5F:50:54:28:75
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-0lTUugXRgNjGBrK5K3oX1BUKHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:62:a6:e7:b3:7b:be:18:b4:1d:32:69:f1:81:3d:ee:ee:26:
         1c:15:e2:da:c5:a8:50:a6:c8:1e:cd:8f:40:4e:7e:89:02:39:
         6c:43:2d:86:a3:cf:75:6b:ad:10:89:4d:ab:4f:74:67:0c:1c:
         39:7a:ad:d4:1f:b0:e4:42:c5:e3:83:47:f1:29:c5:ad:98:ee:
         62:8b:49:95:30:f1:35:f0:77:f6:11:cb:4d:33:cb:28:06:65:
         11:d5:9c:fc:06:34:02:ae:10:0b:59:07:aa:8c:1f:b6:2e:6a:
         98:6c:98:da:f1:34:ac:a7:31:41:eb:7e:9a:a8:45:e0:39:13:
         9b:35:2e:aa:d0:66:6b:3d:42:f3:2b:cf:63:c7:ef:a9:d9:c5:
         b4:ac:cc:67:40:74:26:9b:af:0a:ad:10:17:08:db:1c:c4:2b:
         39:fd:4a:55:61:a7:66:db:02:2f:18:20:32:2c:a2:40:15:9c:
         5a:4d:f9:f2:25:7d:13:4d:b1:70:8e:66:69:82:52:79:a3:b9:
         f4:e3:50:8a:d5:16:d8:7d:a8:e4:2b:10:f4:ab:da:3f:af:a8:
         52:c8:d0:77:d5:39:5f:7a:33:0a:2c:31:c6:2e:ef:1e:99:ab:
         fe:21:ce:83:8c:63:ca:04:4d:84:5f:05:60:72:29:15:c2:4a:
         81:98:da:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiUsGojYAJ/32weODdRWY0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA3MDcwOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjQ5NTM1MmU4MTc0NjAzNjMxODFhY2FlNGFkZTg1ZjUwNTQyODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPCq1GICIJS0t7iKelr3dRiq6RqT
el9u1BfKISQGl+W4S2Kp5NVZbxmtFuJa8U2xHLJHD2+mGQ0UH6sOVyswEcdR7y7f
OIb7UYiUxAdf+Q8jaR2M/DxCkojSx5d5qzZrUYOrtcXpunK0POG8VGL+Txgi/qzk
ZUs451LDmZxirjUSBwVreyB5o5h1BV3d/XS9gpoGkxnPd+BtMdMzpDDa5AHslwmI
cOPdy6XwJ3jtspN/GMrzIJveSdNw9Ok2UUkKCLK73rdTb5qztSwl1KdA1bvbNLYF
tdjHaBZb0y0n7S3gMp+wgXVIKtqTpFnNyaeVOTlX3x88fwJVFUOUjt2wFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPtJU1LoF0YDYxgayuSt6F9QVCh1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS0wbFRVdWdYUmdOakdCcks1SzNvWDFCVUtIVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCmYqbns3u+GLQdMmnx
gT3u7iYcFeLaxahQpsgezY9ATn6JAjlsQy2Go891a60QiU2rT3RnDBw5eq3UH7Dk
QsXjg0fxKcWtmO5ii0mVMPE18Hf2EctNM8soBmUR1Zz8BjQCrhALWQeqjB+2LmqY
bJja8TSspzFB636aqEXgORObNS6q0GZrPULzK89jx++p2cW0rMxnQHQmm68KrRAX
CNscxCs5/UpVYadm2wIvGCAyLKJAFZxaTfnyJX0TTbFwjmZpglJ5o7n041CK1RbY
fajkKxD0q9o/r6hSyNB31TlfejMKLDHGLu8emav+Ic6DjGPKBE2EXwVgcikVwkqB
mNoz
-----END CERTIFICATE-----