Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4Zx5ldI15a4UKkTF8pVYiYBLb-0.roa
File:                     4Zx5ldI15a4UKkTF8pVYiYBLb-0.roa (raw, json)
Hash identifier:          p6c2NARz1hx9+NcQpevoaFnkI6BeuXexwSmbxp6h0Tw=
Subject key identifier:   E1:9C:79:95:D2:35:E5:AE:14:2A:44:C5:F2:95:58:89:80:4B:6F:ED
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188999F938E3077C629CDC07EAF0487820C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4Zx5ldI15a4UKkTF8pVYiYBLb-0.roa
Signing time:             Thu 08 Jun 2023 06:09:11 +0000
ROA not before:           Thu 08 Jun 2023 06:09:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:99:9f:93:8e:30:77:c6:29:cd:c0:7e:af:04:87:82:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  8 06:09:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e19c7995d235e5ae142a44c5f2955889804b6fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:6e:f6:3d:29:bb:32:3d:47:70:ef:de:1c:af:
                    23:9d:8e:fa:38:cb:b3:f5:0e:7d:cc:04:38:aa:eb:
                    9b:18:6a:3e:a9:f5:c0:55:90:6d:8e:cd:02:fa:9f:
                    f1:b9:21:e1:48:68:2d:1f:c3:6d:01:c9:3c:38:4c:
                    cd:67:5b:0b:be:a3:bb:1a:59:00:ff:04:72:c5:53:
                    f9:6c:12:eb:b0:e6:9b:a7:c0:31:f2:6f:1c:58:f3:
                    41:eb:13:c5:0b:25:eb:31:48:1a:d6:92:8e:b0:d6:
                    b7:9f:f6:f7:a5:6d:b3:94:d0:7e:fc:40:ef:94:74:
                    13:62:76:64:01:dd:ee:bf:dd:f4:da:19:84:8c:ac:
                    80:3e:32:a8:13:e8:b9:ed:a5:d5:80:63:a3:6b:0f:
                    5d:27:ce:bc:67:e7:29:10:c6:ce:c1:f8:0c:cf:39:
                    3f:b1:77:02:e1:5a:8d:44:6d:08:a3:bd:6e:c7:94:
                    55:83:a1:e9:22:3a:93:b3:ae:96:af:fa:63:17:39:
                    b7:5f:9a:dd:5c:3e:24:fb:f3:1c:e0:8c:38:1f:ba:
                    26:5a:49:9e:bb:85:46:5c:49:86:a9:55:9e:e7:f8:
                    95:53:27:8d:d2:ed:f7:18:fc:0a:7a:dd:55:10:be:
                    b0:d8:5d:cf:0e:f9:13:af:0e:4a:45:31:62:00:26:
                    65:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:9C:79:95:D2:35:E5:AE:14:2A:44:C5:F2:95:58:89:80:4B:6F:ED
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4Zx5ldI15a4UKkTF8pVYiYBLb-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:a5:1b:61:17:65:e0:c1:45:ae:ae:86:c2:fc:d1:66:44:d3:
         db:60:26:70:92:c1:d6:ab:4c:da:b2:99:bb:9e:6f:fc:43:70:
         96:ac:ed:2d:ea:dc:84:29:69:f8:d8:2b:52:ab:c0:31:8c:f9:
         aa:ef:89:a5:50:78:3c:e5:f4:73:e6:df:f5:cc:4f:03:ba:8e:
         92:a2:91:37:e2:ba:ff:f7:ae:b2:56:bf:63:0e:2d:60:13:ec:
         67:37:91:ce:13:75:58:2e:83:15:ea:32:ef:f6:1e:cb:fb:95:
         da:f6:cd:70:4b:23:97:3c:69:35:c3:dc:9d:8a:3a:ed:61:33:
         53:38:54:52:e1:8f:89:e2:81:ba:54:69:47:a5:e0:35:e1:71:
         19:3a:f1:58:92:38:4d:b4:f0:03:85:3e:7b:a9:7d:25:60:7e:
         f0:d8:13:11:54:d9:26:ae:f7:36:5f:c9:5f:4d:a0:de:c3:5f:
         ee:32:e7:48:fe:3d:08:32:cd:4f:da:8d:77:fd:76:0a:54:39:
         15:1c:ed:1a:61:33:07:a7:ab:7d:0b:71:e7:e7:17:69:33:72:
         23:5d:e1:e6:97:dc:92:94:05:f6:74:68:1d:07:d8:ed:ea:de:
         f6:cb:cc:02:9b:8e:a9:46:03:06:00:9a:d5:91:43:f7:25:ba:
         1f:f0:57:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiZn5OOMHfGKc3Afq8Eh4IMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA4MDYwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTljNzk5NWQyMzVlNWFlMTQyYTQ0YzVmMjk1NTg4OTgwNGI2ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG72PSm7Mj1HcO/eHK8jnY76OMuz
9Q59zAQ4quubGGo+qfXAVZBtjs0C+p/xuSHhSGgtH8NtAck8OEzNZ1sLvqO7GlkA
/wRyxVP5bBLrsOabp8Ax8m8cWPNB6xPFCyXrMUga1pKOsNa3n/b3pW2zlNB+/EDv
lHQTYnZkAd3uv9302hmEjKyAPjKoE+i57aXVgGOjaw9dJ868Z+cpEMbOwfgMzzk/
sXcC4VqNRG0Io71ux5RVg6HpIjqTs66Wr/pjFzm3X5rdXD4k+/Mc4Iw4H7omWkme
u4VGXEmGqVWe5/iVUyeN0u33GPwKet1VEL6w2F3PDvkTrw5KRTFiACZlWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOGceZXSNeWuFCpExfKVWImAS2/tMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNFp4NWxkSTE1YTRVS2tURjhwVllpWUJMYi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKilG2EXZeDBRa6uhsL8
0WZE09tgJnCSwdarTNqymbueb/xDcJas7S3q3IQpafjYK1KrwDGM+arviaVQeDzl
9HPm3/XMTwO6jpKikTfiuv/3rrJWv2MOLWAT7Gc3kc4TdVgugxXqMu/2Hsv7ldr2
zXBLI5c8aTXD3J2KOu1hM1M4VFLhj4nigbpUaUel4DXhcRk68ViSOE208AOFPnup
fSVgfvDYExFU2Sau9zZfyV9NoN7DX+4y50j+PQgyzU/ajXf9dgpUORUc7RphMwen
q30LcefnF2kzciNd4eaX3JKUBfZ0aB0H2O3q3vbLzAKbjqlGAwYAmtWRQ/cluh/w
V44=
-----END CERTIFICATE-----