Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4UXkoCSBayNmBxePYFROLNAgISY.roa
File:                     4UXkoCSBayNmBxePYFROLNAgISY.roa (raw, json)
Hash identifier:          +6lNYsiiLNfqwLJaAHdDP1rz2fZCMsJ85HLfJ+53wtg=
Subject key identifier:   E1:45:E4:A0:24:81:6B:23:66:07:17:8F:60:54:4E:2C:D0:20:21:26
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01884DADA237226F6E7D4C2ACE7E062BF27B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4UXkoCSBayNmBxePYFROLNAgISY.roa
Signing time:             Wed 24 May 2023 12:13:24 +0000
ROA not before:           Wed 24 May 2023 12:13:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4d:ad:a2:37:22:6f:6e:7d:4c:2a:ce:7e:06:2b:f2:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 24 12:13:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e145e4a024816b236607178f60544e2cd0202126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0e:80:59:dd:b8:96:ae:9e:2a:9f:0a:e5:36:
                    22:b7:c3:6e:30:4b:3e:f1:59:ed:4e:d9:98:1d:45:
                    0f:4b:57:db:fd:a9:55:80:eb:9a:1b:21:8f:28:8a:
                    42:a2:43:61:75:cb:95:18:63:92:0e:18:ef:6e:55:
                    cf:f8:b3:a3:8b:55:51:70:27:bb:a7:c6:31:53:56:
                    bc:36:73:b6:48:37:67:1d:77:67:5e:08:ec:74:be:
                    ea:c3:69:ca:61:cd:78:13:c0:92:eb:01:8f:7a:12:
                    4a:57:b3:48:ba:53:c1:d1:fc:de:9c:53:70:3a:5e:
                    ed:4c:3b:89:e5:65:10:8d:7c:a9:98:c4:fb:af:ca:
                    de:81:1d:56:b1:8b:ea:7a:01:7f:93:97:49:42:16:
                    05:e8:c1:1f:f9:6c:05:9f:d0:3a:80:0a:83:09:9c:
                    72:06:22:4e:69:fb:35:69:1a:d1:0d:98:13:a5:15:
                    c1:62:57:59:64:02:71:56:ab:db:82:6a:ab:c5:d6:
                    6f:1b:ea:56:0e:1c:84:98:21:34:83:a5:46:b1:54:
                    14:23:ee:63:b8:d8:2a:7a:26:73:04:0d:ce:79:ef:
                    f5:2d:ac:01:1d:a9:25:15:a3:ed:b1:20:e9:90:38:
                    03:31:aa:25:87:eb:ca:61:ee:6f:e1:54:05:94:80:
                    ac:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:45:E4:A0:24:81:6B:23:66:07:17:8F:60:54:4E:2C:D0:20:21:26
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4UXkoCSBayNmBxePYFROLNAgISY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:26:61:bd:3e:ce:27:15:c9:59:f5:4f:8b:5e:6a:b3:2d:f0:
         2f:a2:64:82:ab:23:76:db:49:f7:11:3a:5a:c1:33:aa:ba:a0:
         82:ad:a8:cc:e5:77:22:86:f0:e7:d3:58:67:07:e4:bb:11:18:
         e3:0b:f3:ed:e9:a9:5a:af:03:43:74:af:58:ec:ae:59:e8:e9:
         dc:d3:0d:e8:67:cc:a6:08:4a:53:37:27:4f:e6:eb:8e:cf:9b:
         2a:99:c8:94:3c:07:0e:78:3d:92:a8:ca:1d:f0:83:24:23:68:
         78:9c:96:97:96:ed:fe:1b:95:c5:75:39:08:f5:53:04:b6:9f:
         7c:4a:e2:c4:2b:e5:66:ba:bf:4a:97:12:6e:b0:a4:d4:d3:59:
         a8:19:5d:97:70:9f:c1:8a:6f:b7:10:3b:e7:b8:06:43:d3:4e:
         40:5e:df:7e:c5:fa:ef:f4:46:fd:54:75:42:5f:b8:4b:33:a4:
         5c:a7:9b:ba:b3:f3:f4:c8:5e:ee:7e:84:9c:c0:63:66:ed:53:
         fb:0b:b3:17:53:fe:aa:89:f4:4a:db:3b:b1:5c:c7:8b:b4:9d:
         18:8f:63:63:bc:db:26:d2:c1:e0:1b:77:93:4e:4d:73:36:77:
         aa:60:e9:67:ca:70:d4:cf:62:f1:a4:f1:f8:92:0f:0a:fb:21:
         51:ee:da:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhNraI3Im9ufUwqzn4GK/J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI0MTIxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ1ZTRhMDI0ODE2YjIzNjYwNzE3OGY2MDU0NGUyY2QwMjAyMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA6AWd24lq6eKp8K5TYit8NuMEs+
8VntTtmYHUUPS1fb/alVgOuaGyGPKIpCokNhdcuVGGOSDhjvblXP+LOji1VRcCe7
p8YxU1a8NnO2SDdnHXdnXgjsdL7qw2nKYc14E8CS6wGPehJKV7NIulPB0fzenFNw
Ol7tTDuJ5WUQjXypmMT7r8regR1WsYvqegF/k5dJQhYF6MEf+WwFn9A6gAqDCZxy
BiJOafs1aRrRDZgTpRXBYldZZAJxVqvbgmqrxdZvG+pWDhyEmCE0g6VGsVQUI+5j
uNgqeiZzBA3Oee/1LawBHaklFaPtsSDpkDgDMaolh+vKYe5v4VQFlICsjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOFF5KAkgWsjZgcXj2BUTizQICEmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNFVYa29DU0JheU5tQnhlUFlGUk9MTkFnSVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADEmYb0+zicVyVn1T4te
arMt8C+iZIKrI3bbSfcROlrBM6q6oIKtqMzldyKG8OfTWGcH5LsRGOML8+3pqVqv
A0N0r1jsrlno6dzTDehnzKYISlM3J0/m647PmyqZyJQ8Bw54PZKoyh3wgyQjaHic
lpeW7f4blcV1OQj1UwS2n3xK4sQr5Wa6v0qXEm6wpNTTWagZXZdwn8GKb7cQO+e4
BkPTTkBe337F+u/0Rv1UdUJfuEszpFynm7qz8/TIXu5+hJzAY2btU/sLsxdT/qqJ
9ErbO7Fcx4u0nRiPY2O82ybSweAbd5NOTXM2d6pg6WfKcNTPYvGk8fiSDwr7IVHu
2uw=
-----END CERTIFICATE-----