Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2jvw1SnRp_w1Ow7scrXwen0Wllk.roa
File:                     2jvw1SnRp_w1Ow7scrXwen0Wllk.roa (raw, json)
Hash identifier:          kVaFiyIsFQZnQy6ImF0sBrcFlEcy1paas1LdLGo0+Mk=
Subject key identifier:   DA:3B:F0:D5:29:D1:A7:FC:35:3B:0E:EC:72:B5:F0:7A:7D:16:96:59
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01884C640AA3356CA7A6CA781A23EB3AE928
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2jvw1SnRp_w1Ow7scrXwen0Wllk.roa
Signing time:             Wed 24 May 2023 06:13:24 +0000
ROA not before:           Wed 24 May 2023 06:13:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4c:64:0a:a3:35:6c:a7:a6:ca:78:1a:23:eb:3a:e9:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 24 06:13:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da3bf0d529d1a7fc353b0eec72b5f07a7d169659
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:73:ef:9a:c4:ec:70:a6:81:65:ef:4e:58:03:
                    ac:b4:03:f7:cf:51:e0:cd:41:92:a2:84:40:ca:be:
                    6d:f3:90:89:ac:ce:5b:38:3e:1a:a9:13:06:4b:4d:
                    bc:3c:17:87:7d:10:e5:56:51:ed:26:50:ca:43:09:
                    2f:f2:43:0a:03:e2:1b:e7:40:97:8f:c1:37:17:0e:
                    de:86:c5:c2:a9:46:67:a9:3b:ff:f9:ea:bb:6d:b3:
                    0b:d9:35:e4:e7:b7:3f:84:78:26:34:fd:7c:6e:c0:
                    a9:c0:19:ec:76:86:64:2e:ab:00:82:a9:e0:30:04:
                    7b:e7:20:c1:4d:d3:9e:62:46:23:d8:65:bf:36:ce:
                    89:a5:d1:71:5d:58:a9:41:0e:73:e6:e5:13:09:27:
                    50:39:81:1d:bf:73:d2:2b:04:34:3d:90:6f:2b:ad:
                    90:f3:4f:3d:a4:81:c5:6e:07:96:d7:0c:49:f2:7b:
                    8a:5a:38:e4:89:a5:25:6d:9f:86:f0:0d:70:fb:23:
                    12:47:31:fa:d6:18:b9:af:24:2a:6e:6b:4d:24:fd:
                    18:99:a2:ce:14:f4:30:21:e5:b4:db:6f:38:ce:5b:
                    97:55:04:90:8a:a9:90:d1:c1:a4:68:63:3e:81:e5:
                    e0:b9:7d:5d:19:ff:23:65:b2:b0:87:19:d5:a6:7d:
                    c3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:3B:F0:D5:29:D1:A7:FC:35:3B:0E:EC:72:B5:F0:7A:7D:16:96:59
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2jvw1SnRp_w1Ow7scrXwen0Wllk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:48:26:19:58:fb:a1:fb:a3:93:e4:07:42:85:7c:5e:58:51:
         93:8f:56:39:69:18:ea:dc:48:86:74:76:7f:a0:ca:c2:69:21:
         74:92:bc:89:b2:36:49:dc:92:23:45:64:b2:86:b4:16:66:86:
         01:0d:53:49:71:53:96:6e:34:c7:5c:77:75:ab:a5:b8:02:30:
         40:39:c4:ca:03:82:86:87:86:63:c3:17:4d:af:35:93:fe:4b:
         12:de:7b:ca:d7:97:e2:bb:70:c2:f4:bd:4a:3a:32:85:93:76:
         ab:01:e2:b5:18:99:dc:5e:dd:a1:c2:b6:43:d3:d4:8e:4c:e8:
         ac:c7:9d:0b:80:45:00:2c:5e:29:a7:0e:47:58:eb:a6:ab:a6:
         0d:99:c7:78:a7:13:49:9b:6c:d1:d0:ff:64:f9:a3:4c:c5:7c:
         10:28:54:45:fc:80:6d:fc:f5:a9:31:b9:c5:02:84:20:6e:30:
         1b:54:1d:fe:b0:9f:2b:8f:d8:cb:db:bd:32:d5:22:4a:1e:f3:
         35:bf:a3:2c:11:10:9b:e6:ca:42:9d:f8:b5:1c:72:6d:16:d2:
         e9:94:a8:8f:9c:37:87:94:0a:21:90:d7:3b:68:37:8f:bb:60:
         0b:e2:fe:4e:03:b6:db:e4:79:b3:8b:39:0d:69:84:8e:00:45:
         9a:84:6d:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhMZAqjNWynpsp4GiPrOukoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI0MDYxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNiZjBkNTI5ZDFhN2ZjMzUzYjBlZWM3MmI1ZjA3YTdkMTY5NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XPvmsTscKaBZe9OWAOstAP3z1Hg
zUGSooRAyr5t85CJrM5bOD4aqRMGS028PBeHfRDlVlHtJlDKQwkv8kMKA+Ib50CX
j8E3Fw7ehsXCqUZnqTv/+eq7bbML2TXk57c/hHgmNP18bsCpwBnsdoZkLqsAgqng
MAR75yDBTdOeYkYj2GW/Ns6JpdFxXVipQQ5z5uUTCSdQOYEdv3PSKwQ0PZBvK62Q
8089pIHFbgeW1wxJ8nuKWjjkiaUlbZ+G8A1w+yMSRzH61hi5ryQqbmtNJP0YmaLO
FPQwIeW02284zluXVQSQiqmQ0cGkaGM+geXguX1dGf8jZbKwhxnVpn3DGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNo78NUp0af8NTsO7HK18Hp9FpZZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmp2dzFTblJwX3cxT3c3c2NyWHdlbjBXbGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZIJhlY+6H7o5PkB0KF
fF5YUZOPVjlpGOrcSIZ0dn+gysJpIXSSvImyNknckiNFZLKGtBZmhgENU0lxU5Zu
NMdcd3WrpbgCMEA5xMoDgoaHhmPDF02vNZP+SxLee8rXl+K7cML0vUo6MoWTdqsB
4rUYmdxe3aHCtkPT1I5M6KzHnQuARQAsXimnDkdY66arpg2Zx3inE0mbbNHQ/2T5
o0zFfBAoVEX8gG389akxucUChCBuMBtUHf6wnyuP2MvbvTLVIkoe8zW/oywREJvm
ykKd+LUccm0W0umUqI+cN4eUCiGQ1ztoN4+7YAvi/k4DttvkebOLOQ1phI4ARZqE
bZA=
-----END CERTIFICATE-----