Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6JB9Ca3dmXae6hm9ddMqUc9Kp8Y.roa
File:                     6JB9Ca3dmXae6hm9ddMqUc9Kp8Y.roa (raw, json)
Hash identifier:          Qg+iaNxNFKlyihZlX+s81Rm2eDgUriRleez53TUiMpw=
Subject key identifier:   E8:90:7D:09:AD:DD:99:76:9E:EA:19:BD:75:D3:2A:51:CF:4A:A7:C6
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188164F35C5A6BDF73E030E602D6C2DFEE8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6JB9Ca3dmXae6hm9ddMqUc9Kp8Y.roa
Signing time:             Sat 13 May 2023 18:11:09 +0000
ROA not before:           Sat 13 May 2023 18:11:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:16:4f:35:c5:a6:bd:f7:3e:03:0e:60:2d:6c:2d:fe:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 13 18:11:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8907d09addd99769eea19bd75d32a51cf4aa7c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2a:ac:cb:83:df:e4:b9:8d:6b:a2:3d:9d:61:
                    a0:04:87:13:b9:0a:b6:c3:84:0b:c8:17:78:ea:6e:
                    1f:37:fe:97:de:ae:35:3f:12:d0:67:9d:c2:64:34:
                    4f:36:41:1d:71:5b:92:4a:f1:80:ac:41:d0:75:70:
                    c0:ca:13:bd:1e:43:85:96:fc:00:fc:67:0f:fd:92:
                    e3:ff:98:82:3f:03:7a:62:15:87:1b:38:5c:05:c3:
                    13:98:10:c1:71:61:c0:2e:85:15:16:2b:f5:a8:d3:
                    a5:a3:c0:20:7b:86:ea:a4:e2:7b:ee:82:7a:8d:49:
                    df:a1:67:7a:19:f4:58:ea:e2:af:f4:3e:00:74:2f:
                    c0:73:bc:e5:40:5e:33:37:7b:e6:c5:8e:93:ec:09:
                    71:82:c9:e1:bc:2d:5b:9a:62:d6:d2:99:6b:e8:7d:
                    28:f7:f4:7f:f5:9b:3a:7c:67:4d:11:9e:25:8e:a5:
                    dd:c2:6d:ce:33:a7:b7:c2:91:82:88:b4:21:b6:e9:
                    71:52:82:76:fc:91:6d:60:98:10:99:bc:b1:25:e2:
                    61:61:87:8c:99:f3:a7:aa:35:f6:48:43:3e:8c:3f:
                    38:9f:13:5a:69:77:d7:5a:42:55:69:69:41:4a:4a:
                    30:7e:d8:67:ab:ee:14:a7:4f:b3:1c:5c:a1:a7:3d:
                    33:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:90:7D:09:AD:DD:99:76:9E:EA:19:BD:75:D3:2A:51:CF:4A:A7:C6
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6JB9Ca3dmXae6hm9ddMqUc9Kp8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:e4:c3:e7:04:50:89:e8:bf:8f:9f:5b:bd:de:ca:f8:8d:a5:
         6f:b2:b2:30:df:e2:eb:d6:95:34:fc:59:79:5a:2b:85:c1:28:
         31:08:df:3f:87:fa:22:2c:d2:3a:d7:95:ae:e4:28:57:85:43:
         f7:44:f4:d8:76:6b:b7:3c:88:0b:07:7f:30:e6:d7:4d:4b:54:
         a3:20:65:b1:28:4f:02:93:57:39:64:09:bf:1d:00:e8:f9:3a:
         33:0d:26:0f:aa:2a:c7:cb:7f:ec:70:88:e8:fd:f7:59:12:c2:
         b1:db:19:29:d5:5d:60:24:2d:11:27:d6:cc:79:1a:98:c1:22:
         be:70:43:6f:59:d2:30:e4:af:76:fe:9d:fb:e7:74:61:9b:38:
         91:d8:f6:d6:e2:2e:4b:c0:25:1e:42:f3:9c:25:9e:1b:49:62:
         b5:99:99:04:bf:48:0d:d6:2a:43:5f:29:49:f8:76:b3:1d:5c:
         4d:73:03:4f:cb:69:e2:42:13:58:53:04:6e:57:15:8f:38:69:
         b8:33:98:25:f0:ff:38:47:e2:b4:3a:51:54:1e:ee:b8:d7:ae:
         5e:42:4b:44:36:a4:c1:9f:f4:9c:65:5c:00:4e:8f:5a:05:b6:
         13:d3:b3:e4:5d:85:e8:78:2e:25:7c:60:45:e1:01:62:35:a7:
         7a:56:2a:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgWTzXFpr33PgMOYC1sLf7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTEzMTgxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODkwN2QwOWFkZGQ5OTc2OWVlYTE5YmQ3NWQzMmE1MWNmNGFhN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviqsy4Pf5LmNa6I9nWGgBIcTuQq2
w4QLyBd46m4fN/6X3q41PxLQZ53CZDRPNkEdcVuSSvGArEHQdXDAyhO9HkOFlvwA
/GcP/ZLj/5iCPwN6YhWHGzhcBcMTmBDBcWHALoUVFiv1qNOlo8Age4bqpOJ77oJ6
jUnfoWd6GfRY6uKv9D4AdC/Ac7zlQF4zN3vmxY6T7AlxgsnhvC1bmmLW0plr6H0o
9/R/9Zs6fGdNEZ4ljqXdwm3OM6e3wpGCiLQhtulxUoJ2/JFtYJgQmbyxJeJhYYeM
mfOnqjX2SEM+jD84nxNaaXfXWkJVaWlBSkowfthnq+4Up0+zHFyhpz0zUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOiQfQmt3Zl2nuoZvXXTKlHPSqfGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNkpCOUNhM2RtWGFlNmhtOWRkTXFVYzlLcDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIzkw+cEUInov4+fW73e
yviNpW+ysjDf4uvWlTT8WXlaK4XBKDEI3z+H+iIs0jrXla7kKFeFQ/dE9Nh2a7c8
iAsHfzDm101LVKMgZbEoTwKTVzlkCb8dAOj5OjMNJg+qKsfLf+xwiOj991kSwrHb
GSnVXWAkLREn1sx5GpjBIr5wQ29Z0jDkr3b+nfvndGGbOJHY9tbiLkvAJR5C85wl
nhtJYrWZmQS/SA3WKkNfKUn4drMdXE1zA0/LaeJCE1hTBG5XFY84abgzmCXw/zhH
4rQ6UVQe7rjXrl5CS0Q2pMGf9JxlXABOj1oFthPTs+Rdheh4LiV8YEXhAWI1p3pW
Koc=
-----END CERTIFICATE-----