Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/77o0JDArssD1izlIsFwUiahDhRk.roa
File:                     77o0JDArssD1izlIsFwUiahDhRk.roa (raw, json)
Hash identifier:          QmZ0XnW1BAQ8nlB4SPAXCehCds4MQp+JoJ4rGxJz1QI=
Subject key identifier:   EF:BA:34:24:30:2B:B2:C0:F5:8B:39:48:B0:5C:14:89:A8:43:85:19
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188BE87AF85E41CDB4EC036FA83CE601A63
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/77o0JDArssD1izlIsFwUiahDhRk.roa
Signing time:             Thu 15 Jun 2023 10:09:03 +0000
ROA not before:           Thu 15 Jun 2023 10:09:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:be:87:af:85:e4:1c:db:4e:c0:36:fa:83:ce:60:1a:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 15 10:09:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=efba3424302bb2c0f58b3948b05c1489a8438519
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:18:86:e2:bc:da:f9:31:35:ae:f1:19:51:16:
                    51:7b:51:02:b4:71:23:78:2d:56:c0:aa:4d:a7:22:
                    9a:94:49:ab:b3:b2:b8:1d:66:96:4c:65:51:7b:38:
                    b9:39:e1:8e:8a:cb:04:be:40:45:79:8e:c1:d4:6f:
                    21:26:14:ac:72:c8:3b:67:af:2c:d8:0a:58:a2:04:
                    17:ae:20:8c:c9:ae:2c:c1:25:88:2e:05:ac:f4:93:
                    ce:ca:d7:a3:f0:b8:d8:f3:64:a6:5c:f9:59:a4:5b:
                    42:5b:e7:49:7a:a4:f2:81:3e:37:db:2e:05:6d:09:
                    7a:08:7b:49:11:04:98:77:e9:4d:b6:7e:24:82:ec:
                    13:74:d4:91:7f:d5:ae:6e:c9:b4:e5:bd:a7:9d:30:
                    09:39:97:a2:5c:35:9d:a3:44:c4:1a:9b:c1:ae:ce:
                    e5:f4:2a:80:ae:de:e6:19:71:cd:f8:9b:e3:83:8d:
                    5e:8e:02:d8:69:bd:0e:7e:30:a7:12:2e:41:d0:59:
                    02:45:ec:d5:3a:5e:df:99:1f:c7:38:c3:ca:0f:2c:
                    0c:b8:54:08:3b:8b:a0:5b:bb:ee:0f:20:79:5d:9b:
                    63:50:b5:62:47:cf:3a:f1:e2:64:c0:74:75:78:62:
                    a4:af:8b:49:de:23:fd:c7:a1:ad:8e:4e:f3:00:a7:
                    cb:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:BA:34:24:30:2B:B2:C0:F5:8B:39:48:B0:5C:14:89:A8:43:85:19
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/77o0JDArssD1izlIsFwUiahDhRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:54:1f:6e:14:f9:db:99:e5:3e:cb:5b:10:ee:cf:e1:00:43:
         9c:23:18:79:3b:b9:ba:67:c9:8e:ba:44:41:a0:6f:82:bd:4d:
         6c:39:1b:99:54:3c:2e:30:65:9f:ff:49:4e:0f:64:39:5d:cf:
         8c:d9:62:4f:45:e1:ce:d6:98:6b:ca:50:cb:ea:6f:56:7d:ad:
         2f:dd:07:f4:7a:58:d1:a5:db:01:fc:cc:c7:f5:f8:bc:7a:81:
         d6:56:49:20:6d:12:a3:c8:8d:d0:aa:68:52:54:5c:02:cc:ff:
         d1:ff:aa:08:be:03:34:e2:be:d6:89:5f:a7:cd:8c:53:77:85:
         16:98:f9:8e:40:f5:e7:6b:f1:44:87:da:fe:7d:8c:06:de:ff:
         de:b0:52:2d:17:5a:a9:94:4d:4f:9e:d1:77:77:88:26:50:2e:
         fc:29:e7:d2:db:92:45:23:80:73:c7:b6:a3:1b:0a:1a:1f:34:
         9c:23:11:61:24:3b:51:17:19:ed:9c:11:ef:3a:36:89:61:fc:
         13:2b:94:99:4d:96:e8:eb:34:02:6e:09:4d:b8:57:e8:0e:e8:
         82:bd:55:41:6e:81:94:2b:d9:78:07:c9:88:77:e9:b7:c8:d4:
         f9:1a:b9:8b:79:eb:34:e6:73:1d:99:8f:2d:92:eb:a1:c9:10:
         52:8b:92:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi+h6+F5BzbTsA2+oPOYBpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE1MTAwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmJhMzQyNDMwMmJiMmMwZjU4YjM5NDhiMDVjMTQ4OWE4NDM4NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBiG4rza+TE1rvEZURZRe1ECtHEj
eC1WwKpNpyKalEmrs7K4HWaWTGVRezi5OeGOissEvkBFeY7B1G8hJhSscsg7Z68s
2ApYogQXriCMya4swSWILgWs9JPOytej8LjY82SmXPlZpFtCW+dJeqTygT432y4F
bQl6CHtJEQSYd+lNtn4kguwTdNSRf9Wubsm05b2nnTAJOZeiXDWdo0TEGpvBrs7l
9CqArt7mGXHN+Jvjg41ejgLYab0OfjCnEi5B0FkCRezVOl7fmR/HOMPKDywMuFQI
O4ugW7vuDyB5XZtjULViR8868eJkwHR1eGKkr4tJ3iP9x6Gtjk7zAKfLIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO+6NCQwK7LA9Ys5SLBcFImoQ4UZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNzdvMEpEQXJzc0QxaXpsSXNGd1VpYWhEaFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZUH24U+duZ5T7LWxDu
z+EAQ5wjGHk7ubpnyY66REGgb4K9TWw5G5lUPC4wZZ//SU4PZDldz4zZYk9F4c7W
mGvKUMvqb1Z9rS/dB/R6WNGl2wH8zMf1+Lx6gdZWSSBtEqPIjdCqaFJUXALM/9H/
qgi+AzTivtaJX6fNjFN3hRaY+Y5A9edr8USH2v59jAbe/96wUi0XWqmUTU+e0Xd3
iCZQLvwp59LbkkUjgHPHtqMbChofNJwjEWEkO1EXGe2cEe86Nolh/BMrlJlNlujr
NAJuCU24V+gO6IK9VUFugZQr2XgHyYh36bfI1PkauYt56zTmcx2Zjy2S66HJEFKL
kt0=
-----END CERTIFICATE-----