Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/49_9DeAzNq-wziSXxPWBX6pdNf0.roa
File:                     49_9DeAzNq-wziSXxPWBX6pdNf0.roa (raw, json)
Hash identifier:          UyvZfpAHhfLJGIJud0vSVDvpVBBDtJbTVMmvkD825xo=
Subject key identifier:   E3:DF:FD:0D:E0:33:36:AF:B0:CE:24:97:C4:F5:81:5F:AA:5D:35:FD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188209BEFE2E8A512507A31989B67FA2617
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/49_9DeAzNq-wziSXxPWBX6pdNf0.roa
Signing time:             Mon 15 May 2023 18:11:10 +0000
ROA not before:           Mon 15 May 2023 18:11:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:20:9b:ef:e2:e8:a5:12:50:7a:31:98:9b:67:fa:26:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 15 18:11:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e3dffd0de03336afb0ce2497c4f5815faa5d35fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:55:f2:b6:b2:33:cb:01:79:97:e4:d1:8b:ff:
                    81:03:35:34:02:e4:f9:33:da:d6:80:a4:35:6c:99:
                    26:8e:b5:6c:91:83:bd:97:dc:3e:7f:43:ae:66:8e:
                    71:ee:d1:82:32:49:b3:55:d4:c2:e4:a6:9d:0e:ac:
                    3f:95:04:de:d2:87:1c:44:2b:a9:fd:90:a4:3f:b7:
                    e9:bf:ac:60:de:d3:7d:90:28:0a:7a:cd:8e:37:6d:
                    93:b5:23:c1:67:20:94:b9:c2:3b:f0:3d:ff:c8:87:
                    7f:09:72:ba:4d:22:00:3b:a4:05:59:9a:21:2f:c5:
                    ad:d5:10:38:65:86:0d:4f:b6:bb:88:e1:3f:b7:ab:
                    32:95:c1:40:f5:aa:c8:e7:a1:7e:72:f0:c6:d1:fc:
                    13:6e:d4:fe:7f:bc:c2:67:3e:41:24:8b:06:5a:59:
                    fd:25:3e:25:00:19:64:22:fa:21:d5:9a:46:8f:03:
                    7d:c7:94:e3:42:fe:58:c9:b3:91:bf:bb:fb:7e:da:
                    01:18:33:40:54:ae:7b:7a:04:71:11:c6:f5:23:1f:
                    92:41:83:52:65:43:41:a1:43:e8:bc:0e:5d:63:1a:
                    9f:fc:d7:e3:1f:46:a2:ef:d8:cb:14:48:43:16:0e:
                    3d:7f:d6:e5:db:a6:37:d2:98:bb:41:41:4c:89:b1:
                    2d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:DF:FD:0D:E0:33:36:AF:B0:CE:24:97:C4:F5:81:5F:AA:5D:35:FD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/49_9DeAzNq-wziSXxPWBX6pdNf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:32:1a:07:20:72:bc:28:50:04:c7:3c:96:de:ae:6b:c5:d1:
         13:21:59:0c:ce:3e:29:a4:39:8a:1f:d5:65:ab:d3:af:27:37:
         3b:90:e0:f0:d1:19:c0:5f:b6:11:01:c0:7b:d3:20:6b:84:22:
         b3:3f:6b:12:b9:de:37:7f:33:d3:19:1e:45:d7:52:25:1a:ca:
         26:d7:3a:e0:43:2a:9b:ff:36:2b:1e:49:70:02:94:00:76:53:
         68:ab:9b:61:4f:2f:c2:15:0c:06:cc:f2:a9:1f:1c:56:2e:45:
         66:fb:5b:3d:3c:7d:f4:6c:a1:10:c5:fe:e6:f4:bf:b0:a5:9e:
         ea:1e:ce:4d:b8:9c:1f:ae:3b:2e:76:50:32:fd:c2:68:7d:6d:
         4c:80:fa:80:3a:d5:21:99:62:7d:2f:19:e2:08:c2:c8:06:71:
         3d:03:fc:77:29:4c:f2:6b:ec:36:a9:e5:eb:f0:55:a8:a7:55:
         ec:13:29:50:3b:37:f7:3e:c5:d4:d7:bc:a0:23:0e:aa:a6:6e:
         2f:b5:87:2f:9a:81:a6:0b:e8:9a:e4:13:f8:5b:d9:9b:3c:9c:
         d2:14:13:4b:c0:71:15:bf:fc:3f:f3:9f:27:d6:b6:1a:2e:7c:
         f8:c1:23:a4:c4:36:3e:93:41:bc:ee:f7:50:d0:a0:9a:f7:78:
         09:31:5f:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYggm+/i6KUSUHoxmJtn+iYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE1MTgxMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RmZmQwZGUwMzMzNmFmYjBjZTI0OTdjNGY1ODE1ZmFhNWQzNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1XytrIzywF5l+TRi/+BAzU0AuT5
M9rWgKQ1bJkmjrVskYO9l9w+f0OuZo5x7tGCMkmzVdTC5KadDqw/lQTe0occRCup
/ZCkP7fpv6xg3tN9kCgKes2ON22TtSPBZyCUucI78D3/yId/CXK6TSIAO6QFWZoh
L8Wt1RA4ZYYNT7a7iOE/t6sylcFA9arI56F+cvDG0fwTbtT+f7zCZz5BJIsGWln9
JT4lABlkIvoh1ZpGjwN9x5TjQv5YybORv7v7ftoBGDNAVK57egRxEcb1Ix+SQYNS
ZUNBoUPovA5dYxqf/NfjH0ai79jLFEhDFg49f9bl26Y30pi7QUFMibEt3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPf/Q3gMzavsM4kl8T1gV+qXTX9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNDlfOURlQXpOcS13emlTWHhQV0JYNnBkTmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGUyGgcgcrwoUATHPJbe
rmvF0RMhWQzOPimkOYof1WWr068nNzuQ4PDRGcBfthEBwHvTIGuEIrM/axK53jd/
M9MZHkXXUiUayibXOuBDKpv/NiseSXAClAB2U2irm2FPL8IVDAbM8qkfHFYuRWb7
Wz08ffRsoRDF/ub0v7Clnuoezk24nB+uOy52UDL9wmh9bUyA+oA61SGZYn0vGeII
wsgGcT0D/HcpTPJr7Dap5evwVainVewTKVA7N/c+xdTXvKAjDqqmbi+1hy+agaYL
6JrkE/hb2Zs8nNIUE0vAcRW//D/znyfWthoufPjBI6TENj6TQbzu91DQoJr3eAkx
X4A=
-----END CERTIFICATE-----