Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yjf-N_ziJ3c9VCP7jfJnpuLLcM.roa
File:                     1yjf-N_ziJ3c9VCP7jfJnpuLLcM.roa (raw, json)
Hash identifier:          Eg7RK1SxeuCPWT1Hggsy5d5ykNLqiqnv+33LW3UkZVM=
Subject key identifier:   D7:28:DF:F8:DF:F3:88:9D:DC:F5:50:8F:EE:37:C9:9E:9B:8B:2D:C3
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188A7C567FDB1AB3E0E58A66CC596993CB6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yjf-N_ziJ3c9VCP7jfJnpuLLcM.roa
Signing time:             Sun 11 Jun 2023 00:05:12 +0000
ROA not before:           Sun 11 Jun 2023 00:05:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:188:a7c4:bb8b/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a7:c5:67:fd:b1:ab:3e:0e:58:a6:6c:c5:96:99:3c:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 11 00:05:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d728dff8dff3889ddcf5508fee37c99e9b8b2dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c7:68:9e:a2:c7:32:86:d5:8a:fd:90:af:72:
                    61:e9:b5:4f:91:84:cb:ab:75:9f:1d:13:8a:d6:6d:
                    de:e9:45:1c:0b:e0:5b:86:f6:de:22:b5:bc:2b:f9:
                    11:e7:f4:db:ee:73:6e:6a:20:9a:4b:1b:e2:7f:84:
                    94:54:9d:51:12:2b:31:47:a4:e9:1c:c3:9a:4f:2d:
                    05:f3:3c:97:56:f2:8b:d5:71:b1:2c:b6:85:6a:8d:
                    8a:af:19:19:38:4e:fb:b1:a3:a8:ca:e4:56:ab:20:
                    fd:06:6c:38:0b:7a:0f:8f:05:59:3b:ab:f4:b6:fe:
                    a2:a9:3f:99:21:c6:71:44:20:e5:cd:9f:e1:f7:14:
                    1c:88:e1:95:ab:73:86:76:18:1d:a6:f2:1d:0d:d3:
                    fe:04:01:b4:30:67:17:93:2d:74:92:f9:53:9d:a7:
                    0b:e6:44:a3:81:f8:90:54:0f:2e:09:4d:9d:2e:5a:
                    57:6b:07:5c:35:9a:6d:26:b4:f2:4f:c4:6d:35:9e:
                    ab:ad:1a:2c:e5:c5:3a:f7:27:22:f0:3a:71:be:34:
                    20:2a:e2:b0:e0:9b:d1:35:ed:4f:99:e6:ff:12:b2:
                    3e:da:15:81:8a:50:73:0c:7f:f7:0f:c8:91:40:23:
                    f4:a1:df:6d:85:0d:5f:55:1c:f8:da:02:32:4e:48:
                    07:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:28:DF:F8:DF:F3:88:9D:DC:F5:50:8F:EE:37:C9:9E:9B:8B:2D:C3
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yjf-N_ziJ3c9VCP7jfJnpuLLcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:05:62:40:a3:5d:2e:35:98:e9:54:ba:91:44:f7:de:64:9d:
         a8:ed:60:75:75:e3:59:21:9d:0d:05:e4:04:d8:00:3c:ad:a7:
         ef:b8:2f:61:c7:58:35:a2:b6:dd:17:51:c4:57:c7:42:f3:24:
         12:8a:fc:b0:97:60:72:9e:f6:65:e5:26:8c:63:7d:4d:f4:46:
         b8:75:49:d6:ba:9d:63:b8:e6:88:0b:d4:60:c1:44:9b:cd:18:
         93:f9:14:e6:4f:be:44:16:b7:a7:15:24:a9:88:b1:92:15:f0:
         bf:d7:ce:05:b5:88:f6:0b:d3:bb:a0:6e:aa:7d:31:0d:52:e2:
         8b:f3:df:3d:77:9b:a5:98:b2:66:66:a5:5d:20:4a:c5:3a:2a:
         aa:e1:fb:40:ed:83:18:de:d8:4c:03:d1:de:56:2c:89:ba:f7:
         b0:c8:d9:2b:bf:71:36:e5:18:d1:19:5e:0c:26:6c:96:db:38:
         02:13:ba:13:e5:ca:76:c8:00:f5:23:b8:04:14:0b:85:a6:9b:
         89:74:2c:07:04:b0:30:5a:30:0a:eb:2f:08:b7:f1:d1:ef:3c:
         85:e2:e4:08:29:ed:00:6e:50:3f:23:01:ae:82:b4:57:f7:40:
         b9:67:91:3c:c5:8d:b4:66:d9:c0:37:ba:5e:d1:3c:07:42:9f:
         d1:79:56:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYinxWf9sas+DlimbMWWmTy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjExMDAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI4ZGZmOGRmZjM4ODlkZGNmNTUwOGZlZTM3Yzk5ZTliOGIyZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsdonqLHMobViv2Qr3Jh6bVPkYTL
q3WfHROK1m3e6UUcC+BbhvbeIrW8K/kR5/Tb7nNuaiCaSxvif4SUVJ1REisxR6Tp
HMOaTy0F8zyXVvKL1XGxLLaFao2KrxkZOE77saOoyuRWqyD9Bmw4C3oPjwVZO6v0
tv6iqT+ZIcZxRCDlzZ/h9xQciOGVq3OGdhgdpvIdDdP+BAG0MGcXky10kvlTnacL
5kSjgfiQVA8uCU2dLlpXawdcNZptJrTyT8RtNZ6rrRos5cU69yci8DpxvjQgKuKw
4JvRNe1Pmeb/ErI+2hWBilBzDH/3D8iRQCP0od9thQ1fVRz42gIyTkgH7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNco3/jf84id3PVQj+43yZ6biy3DMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXlqZi1OX3ppSjNjOVZDUDdqZkpucHVMTGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABAFYkCjXS41mOlUupFE
995knajtYHV141khnQ0F5ATYADytp++4L2HHWDWitt0XUcRXx0LzJBKK/LCXYHKe
9mXlJoxjfU30Rrh1Sda6nWO45ogL1GDBRJvNGJP5FOZPvkQWt6cVJKmIsZIV8L/X
zgW1iPYL07ugbqp9MQ1S4ovz3z13m6WYsmZmpV0gSsU6Kqrh+0Dtgxje2EwD0d5W
LIm697DI2Su/cTblGNEZXgwmbJbbOAITuhPlynbIAPUjuAQUC4Wmm4l0LAcEsDBa
MArrLwi38dHvPIXi5Agp7QBuUD8jAa6CtFf3QLlnkTzFjbRm2cA3ul7RPAdCn9F5
Vnk=
-----END CERTIFICATE-----