Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/71VfKDukQFbVJ4wEqFr8QsYO3Vs.roa
File:                     71VfKDukQFbVJ4wEqFr8QsYO3Vs.roa (raw, json)
Hash identifier:          CQkSdEO78Jjuq+pS7eGlWD5iutPPZerwoyYqtWMgU78=
Subject key identifier:   EF:55:5F:28:3B:A4:40:56:D5:27:8C:04:A8:5A:FC:42:C6:0E:DD:5B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188518315A0918CE60537A473F86C4D73FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/71VfKDukQFbVJ4wEqFr8QsYO3Vs.roa
Signing time:             Thu 25 May 2023 06:05:25 +0000
ROA not before:           Thu 25 May 2023 06:05:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5182:6e13/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:51:83:15:a0:91:8c:e6:05:37:a4:73:f8:6c:4d:73:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 25 06:05:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef555f283ba44056d5278c04a85afc42c60edd5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d0:9e:f4:5f:a4:8a:9c:57:d6:11:4a:e8:71:
                    84:98:0b:b9:07:8f:5a:ce:18:4e:7b:f9:8a:70:33:
                    ff:16:4a:b1:94:ab:cf:cc:68:f5:0b:a1:d8:3b:96:
                    53:6f:6e:19:ba:ad:c2:2b:97:12:9c:93:58:ac:cd:
                    0d:8c:95:75:60:c7:fd:c5:84:7c:05:36:ae:8d:9e:
                    4e:3e:8c:b8:b8:98:b4:ce:0e:00:57:d2:39:ee:b4:
                    d8:2f:97:4f:43:9e:99:23:12:f5:2f:16:99:ca:74:
                    12:c4:20:62:e5:22:f6:a3:57:1a:31:12:33:47:61:
                    37:72:59:02:48:6c:38:3f:1d:3f:23:6a:19:97:e6:
                    63:f5:44:74:3c:97:7f:cb:48:42:2d:02:12:62:ec:
                    c1:8a:cd:e6:9e:8d:74:af:ce:a5:6e:c6:a8:6d:f4:
                    b7:0f:23:ed:28:69:ee:94:4f:08:3a:f0:9c:97:45:
                    0b:27:be:bd:75:1c:ac:1d:57:3e:c1:10:85:cd:9f:
                    dd:be:36:cd:15:dd:9a:a3:75:24:5d:ab:f9:9f:89:
                    ec:52:1f:8c:38:96:74:e4:fa:c7:40:33:99:19:a1:
                    8d:63:25:dd:90:d2:bb:fc:fc:2e:b6:5f:1a:07:d1:
                    88:b0:8a:41:53:48:91:37:74:70:f4:fe:6a:91:e2:
                    ff:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:55:5F:28:3B:A4:40:56:D5:27:8C:04:A8:5A:FC:42:C6:0E:DD:5B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/71VfKDukQFbVJ4wEqFr8QsYO3Vs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:76:6a:59:06:59:77:0a:52:bf:22:35:ae:63:a3:64:48:cc:
         52:24:98:82:30:2a:97:44:44:17:ca:a3:b4:4b:a2:00:50:3b:
         2a:63:fc:02:68:12:a5:53:58:8e:55:ce:16:b1:b1:40:52:a7:
         42:d7:02:4f:5e:cc:7b:c2:f9:4e:39:ac:f6:52:fd:33:f9:f7:
         2b:97:61:58:58:88:79:76:de:e9:8f:fb:a3:f6:79:72:a9:05:
         ea:76:c4:4a:ad:c8:d9:38:16:04:7e:70:e4:e0:08:40:45:ee:
         84:65:1e:62:da:81:e6:84:5c:9d:7a:70:bb:14:59:64:ce:6d:
         1b:0f:14:0f:25:86:c2:09:f6:c5:93:50:96:18:cf:fd:85:9f:
         db:b9:c2:75:1b:a4:fa:03:cb:79:28:08:b6:2a:8f:68:e3:58:
         07:ee:cc:6d:40:ab:a4:4f:c2:b7:6b:8e:04:2f:b8:b4:8a:c4:
         e8:88:0b:5d:92:e9:f2:b5:bf:e7:83:b4:e6:b1:8f:dd:4f:e7:
         9c:a7:34:14:0b:6f:75:14:f8:5e:4d:da:9e:ef:3f:f3:7e:eb:
         c9:fb:fe:26:3c:cd:f7:c6:78:64:ae:94:16:c7:2e:8d:47:6e:
         a6:47:7d:66:10:5d:cc:e2:00:1d:da:0c:aa:d9:c3:1f:bb:68:
         cd:7c:ae:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhRgxWgkYzmBTekc/hsTXP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI1MDYwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU1NWYyODNiYTQ0MDU2ZDUyNzhjMDRhODVhZmM0MmM2MGVkZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNCe9F+kipxX1hFK6HGEmAu5B49a
zhhOe/mKcDP/FkqxlKvPzGj1C6HYO5ZTb24Zuq3CK5cSnJNYrM0NjJV1YMf9xYR8
BTaujZ5OPoy4uJi0zg4AV9I57rTYL5dPQ56ZIxL1LxaZynQSxCBi5SL2o1caMRIz
R2E3clkCSGw4Px0/I2oZl+Zj9UR0PJd/y0hCLQISYuzBis3mno10r86lbsaobfS3
DyPtKGnulE8IOvCcl0ULJ769dRysHVc+wRCFzZ/dvjbNFd2ao3UkXav5n4nsUh+M
OJZ05PrHQDOZGaGNYyXdkNK7/Pwutl8aB9GIsIpBU0iRN3Rw9P5qkeL/NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9VXyg7pEBW1SeMBKha/ELGDt1bMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNzFWZktEdWtRRmJWSjR3RXFGcjhRc1lPM1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJ2alkGWXcKUr8iNa5j
o2RIzFIkmIIwKpdERBfKo7RLogBQOypj/AJoEqVTWI5VzhaxsUBSp0LXAk9ezHvC
+U45rPZS/TP59yuXYVhYiHl23umP+6P2eXKpBep2xEqtyNk4FgR+cOTgCEBF7oRl
HmLageaEXJ16cLsUWWTObRsPFA8lhsIJ9sWTUJYYz/2Fn9u5wnUbpPoDy3koCLYq
j2jjWAfuzG1Aq6RPwrdrjgQvuLSKxOiIC12S6fK1v+eDtOaxj91P55ynNBQLb3UU
+F5N2p7vP/N+68n7/iY8zffGeGSulBbHLo1HbqZHfWYQXcziAB3aDKrZwx+7aM18
rvg=
-----END CERTIFICATE-----