Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/50sd9qQO6SMQTVvPZYsUvlpr-Fk.roa
File:                     50sd9qQO6SMQTVvPZYsUvlpr-Fk.roa (raw, json)
Hash identifier:          zB7TrQKBpCNb0Pk+PdoDHd7ZJfGeeF7OHg5/Eb727d4=
Subject key identifier:   E7:4B:1D:F6:A4:0E:E9:23:10:4D:5B:CF:65:8B:14:BE:5A:6B:F8:59
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01889C32C17F91EECD8D690900578AC330A3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/50sd9qQO6SMQTVvPZYsUvlpr-Fk.roa
Signing time:             Thu 08 Jun 2023 18:09:11 +0000
ROA not before:           Thu 08 Jun 2023 18:09:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9c:32:c1:7f:91:ee:cd:8d:69:09:00:57:8a:c3:30:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  8 18:09:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e74b1df6a40ee923104d5bcf658b14be5a6bf859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:be:27:87:c9:6a:3d:a2:c5:8e:8f:21:db:f6:
                    4c:08:7a:ab:1d:fa:7a:50:af:2b:82:a3:9b:cf:03:
                    f2:90:32:a4:9e:b9:3c:f6:12:53:00:27:3f:96:d5:
                    b3:b7:a0:49:9b:f5:f9:e0:96:e0:e7:82:9e:a6:be:
                    f6:9e:e8:8d:94:c0:48:81:96:01:2d:89:5c:d1:fe:
                    27:94:c1:87:a4:20:83:12:de:71:df:d6:3c:a8:0c:
                    94:b8:c6:cf:5a:64:d9:0e:11:e0:db:9b:df:9e:8b:
                    31:64:6a:3d:21:3b:95:1f:65:3c:6e:37:42:06:cc:
                    a5:52:fd:7e:86:27:fd:a2:92:0b:2d:cf:c1:bd:be:
                    50:e9:e9:c7:30:64:b4:3d:b3:94:5e:8c:ca:ec:69:
                    17:c3:46:d4:dc:88:07:0a:b2:b5:4f:8f:ee:1c:0e:
                    91:8f:bc:a8:1a:0c:85:74:fe:5c:8c:6c:a4:ad:2d:
                    a0:71:da:30:98:a7:6f:02:4b:80:40:01:60:79:62:
                    6d:b6:74:14:42:9f:06:ab:ca:f7:fa:ef:36:21:e0:
                    3e:50:27:eb:9f:55:44:c7:1b:8a:92:84:24:be:b4:
                    1f:b2:ea:6f:36:61:dc:21:3d:2b:ba:c3:86:88:6c:
                    fb:d9:f0:0f:82:fb:91:7b:18:9d:3e:d0:68:db:03:
                    10:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:4B:1D:F6:A4:0E:E9:23:10:4D:5B:CF:65:8B:14:BE:5A:6B:F8:59
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/50sd9qQO6SMQTVvPZYsUvlpr-Fk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:92:c6:25:f9:8d:1d:ab:b0:a8:8d:87:02:72:01:ff:d1:c3:
         86:df:2e:4f:93:52:7e:57:81:c4:8f:86:36:a3:e9:bb:6c:15:
         c0:bc:c8:05:4e:4d:48:58:da:6b:e5:0b:24:d6:96:69:fb:fa:
         8e:48:ed:19:f4:a2:f2:ce:1c:5b:11:a7:9c:f0:92:a7:3a:4f:
         61:07:55:74:59:0f:31:cf:c5:d9:11:3b:1c:78:fd:bb:42:26:
         93:c5:bd:e7:3d:fe:81:38:52:b1:7a:c1:df:12:a5:ef:72:c5:
         8d:69:14:ff:5a:c5:04:29:56:b9:bd:69:f9:ef:0e:4f:58:de:
         56:4b:b8:c5:01:f1:3c:85:77:87:6f:ff:25:6f:35:c7:0e:da:
         f6:19:96:e0:df:d1:2b:78:4d:b6:75:a7:f9:ba:ac:30:a4:03:
         21:6e:2b:38:08:d6:ad:77:1c:ab:2d:e6:df:6f:26:e7:c0:24:
         d6:66:d4:ee:17:3d:03:3c:1e:61:56:38:d5:b7:12:bc:81:7a:
         39:0b:6e:c2:8c:1f:45:c8:56:15:20:8b:93:05:82:72:1e:75:
         f8:4a:8a:21:9d:4d:fb:b1:4a:b4:f9:98:d2:a8:6b:b7:ae:66:
         d6:ba:20:5c:b6:68:80:29:6b:72:ed:d6:cb:e9:f8:0f:89:55:
         d3:02:63:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYicMsF/ke7NjWkJAFeKwzCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA4MTgwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRiMWRmNmE0MGVlOTIzMTA0ZDViY2Y2NThiMTRiZTVhNmJmODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb4nh8lqPaLFjo8h2/ZMCHqrHfp6
UK8rgqObzwPykDKknrk89hJTACc/ltWzt6BJm/X54Jbg54Kepr72nuiNlMBIgZYB
LYlc0f4nlMGHpCCDEt5x39Y8qAyUuMbPWmTZDhHg25vfnosxZGo9ITuVH2U8bjdC
BsylUv1+hif9opILLc/Bvb5Q6enHMGS0PbOUXozK7GkXw0bU3IgHCrK1T4/uHA6R
j7yoGgyFdP5cjGykrS2gcdowmKdvAkuAQAFgeWJttnQUQp8Gq8r3+u82IeA+UCfr
n1VExxuKkoQkvrQfsupvNmHcIT0rusOGiGz72fAPgvuRexidPtBo2wMQOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOdLHfakDukjEE1bz2WLFL5aa/hZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNTBzZDlxUU82U01RVFZ2UFpZc1V2bHByLUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKmSxiX5jR2rsKiNhwJy
Af/Rw4bfLk+TUn5XgcSPhjaj6btsFcC8yAVOTUhY2mvlCyTWlmn7+o5I7Rn0ovLO
HFsRp5zwkqc6T2EHVXRZDzHPxdkROxx4/btCJpPFvec9/oE4UrF6wd8Spe9yxY1p
FP9axQQpVrm9afnvDk9Y3lZLuMUB8TyFd4dv/yVvNccO2vYZluDf0St4TbZ1p/m6
rDCkAyFuKzgI1q13HKst5t9vJufAJNZm1O4XPQM8HmFWONW3EryBejkLbsKMH0XI
VhUgi5MFgnIedfhKiiGdTfuxSrT5mNKoa7euZta6IFy2aIApa3Lt1svp+A+JVdMC
Ywo=
-----END CERTIFICATE-----