Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-h0q77Ueo4wpiQRkElVu-d0KaZA.roa
File:                     1-h0q77Ueo4wpiQRkElVu-d0KaZA.roa (raw, json)
Hash identifier:          uwLMQJhYegFCxLNwDYQcF+9bWDeUDX+hZT//zDFxaV8=
Subject key identifier:   FA:1D:2A:EF:B5:1E:A3:8C:29:89:04:64:12:55:6E:F9:DD:0A:69:90
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01877DBE615B8D979C41EC90521B1674530A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-h0q77Ueo4wpiQRkElVu-d0KaZA.roa
Signing time:             Fri 14 Apr 2023 03:10:41 +0000
ROA not before:           Fri 14 Apr 2023 03:10:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7d:be:61:5b:8d:97:9c:41:ec:90:52:1b:16:74:53:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 14 03:10:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa1d2aefb51ea38c2989046412556ef9dd0a6990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:07:7d:85:b6:6c:c5:05:96:d0:ca:18:2f:10:
                    8d:da:38:ec:92:0c:30:59:09:2a:fc:58:5b:42:e7:
                    c1:10:cf:e0:90:73:78:c9:7c:f7:29:b2:a6:32:56:
                    76:a1:b6:ba:24:37:57:2c:1b:a7:89:bc:34:d1:94:
                    6f:fa:f8:64:65:df:94:64:f9:f6:14:d0:e7:57:47:
                    a4:6c:66:f5:e5:bb:c5:93:ee:5b:0a:0f:4d:3a:9c:
                    22:75:ca:00:07:8d:f2:bd:60:61:53:61:a7:31:9e:
                    cf:99:68:fa:8d:48:9e:5b:65:61:c8:55:e1:96:bc:
                    ef:b2:d5:2f:88:0c:81:85:99:8f:db:e6:52:57:a5:
                    bf:81:a3:f3:cb:0c:42:88:d7:b0:dc:fa:21:7e:05:
                    54:ad:03:4c:7b:53:f7:f8:3c:3b:13:92:dc:91:dc:
                    9e:b7:e5:83:52:56:9e:17:03:1d:3a:82:95:ef:43:
                    95:2d:76:dc:5f:38:96:c8:0b:0a:1f:3b:2a:b3:ef:
                    af:89:fb:42:de:8a:34:79:41:45:7b:b8:c5:0b:37:
                    56:7c:a9:0e:66:80:89:b0:f3:f8:97:59:1e:d4:7d:
                    72:55:23:2b:c5:4a:83:d3:e4:20:50:cd:38:05:18:
                    06:32:dc:37:20:af:9e:bd:ff:ea:7a:e8:d9:83:9f:
                    51:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:1D:2A:EF:B5:1E:A3:8C:29:89:04:64:12:55:6E:F9:DD:0A:69:90
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-h0q77Ueo4wpiQRkElVu-d0KaZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:02:ac:75:ac:3f:1e:c5:16:05:6f:91:6c:27:fe:8c:3f:71:
         a4:fc:6b:9a:7a:c2:7a:bc:77:84:12:df:69:cd:76:55:12:f6:
         14:75:9a:83:4f:46:c2:45:45:7f:84:dd:43:d8:06:93:76:d7:
         f3:ab:39:f2:02:4b:ac:ae:fb:4a:5c:7c:bd:c6:ef:dd:2f:6e:
         a3:ea:06:64:a2:4d:02:b5:7b:0e:f3:ef:ac:7d:8a:18:3a:18:
         72:0e:cd:3d:c5:15:11:47:ef:fc:c2:e6:64:f4:11:c7:a8:21:
         32:7e:45:70:07:43:63:a9:00:f2:b9:79:32:f6:10:00:7c:12:
         c6:95:8a:ae:5c:c1:c9:be:be:57:7c:cb:08:23:7b:9a:2e:38:
         5e:79:09:13:c5:fe:b1:7d:87:b5:16:e6:5d:19:cb:cc:78:1c:
         7d:46:ac:9b:dd:ea:58:bc:1a:61:88:44:b9:fe:9e:95:0f:58:
         68:6b:f8:8a:1b:7e:83:b1:32:9c:3d:48:35:8f:c3:8b:b2:91:
         68:41:72:85:69:3e:ed:e9:65:1a:b7:2d:91:82:05:db:0e:18:
         a3:4a:7d:1b:e9:94:4a:f1:8c:3d:60:9d:83:24:3d:44:f2:93:
         7d:bf:d9:c6:e8:7d:9f:9d:dd:61:28:a3:55:93:ea:42:df:a5:
         fa:6a:80:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd9vmFbjZecQeyQUhsWdFMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE0MDMxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFkMmFlZmI1MWVhMzhjMjk4OTA0NjQxMjU1NmVmOWRkMGE2OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgd9hbZsxQWW0MoYLxCN2jjskgww
WQkq/FhbQufBEM/gkHN4yXz3KbKmMlZ2oba6JDdXLBunibw00ZRv+vhkZd+UZPn2
FNDnV0ekbGb15bvFk+5bCg9NOpwidcoAB43yvWBhU2GnMZ7PmWj6jUieW2VhyFXh
lrzvstUviAyBhZmP2+ZSV6W/gaPzywxCiNew3PohfgVUrQNMe1P3+Dw7E5Lckdye
t+WDUlaeFwMdOoKV70OVLXbcXziWyAsKHzsqs++viftC3oo0eUFFe7jFCzdWfKkO
ZoCJsPP4l1ke1H1yVSMrxUqD0+QgUM04BRgGMtw3IK+evf/qeujZg59RMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPodKu+1HqOMKYkEZBJVbvndCmmQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1oMHE3N1VlbzR3cGlRUmtFbFZ1LWQwS2FaQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCuAqx1rD8exRYFb5Fs
J/6MP3Gk/GuaesJ6vHeEEt9pzXZVEvYUdZqDT0bCRUV/hN1D2AaTdtfzqznyAkus
rvtKXHy9xu/dL26j6gZkok0CtXsO8++sfYoYOhhyDs09xRURR+/8wuZk9BHHqCEy
fkVwB0NjqQDyuXky9hAAfBLGlYquXMHJvr5XfMsII3uaLjheeQkTxf6xfYe1FuZd
GcvMeBx9Rqyb3epYvBphiES5/p6VD1hoa/iKG36DsTKcPUg1j8OLspFoQXKFaT7t
6WUaty2RggXbDhijSn0b6ZRK8Yw9YJ2DJD1E8pN9v9nG6H2fnd1hKKNVk+pC36X6
aoDm
-----END CERTIFICATE-----