Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7d1lKujQAjIa4_Z42FKOlUyWK0o.roa
File:                     7d1lKujQAjIa4_Z42FKOlUyWK0o.roa (raw, json)
Hash identifier:          x1ts/djwOx2OPxtWtlk+G/xtQSDUyrM5o8VmoeasYBA=
Subject key identifier:   ED:DD:65:2A:E8:D0:02:32:1A:E3:F6:78:D8:52:8E:95:4C:96:2B:4A
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018839B63F9347ABD198B838E00DA9739E1D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7d1lKujQAjIa4_Z42FKOlUyWK0o.roa
Signing time:             Sat 20 May 2023 15:10:25 +0000
ROA not before:           Sat 20 May 2023 15:10:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:39:b6:3f:93:47:ab:d1:98:b8:38:e0:0d:a9:73:9e:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 20 15:10:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eddd652ae8d002321ae3f678d8528e954c962b4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:19:f3:c6:c9:5a:9e:11:d5:5b:11:4d:98:70:
                    e9:1f:db:e4:7d:b2:c8:b1:7d:76:85:12:14:f1:c6:
                    37:ab:fe:70:77:d8:9d:d5:93:70:a1:d3:63:12:a2:
                    20:fa:be:09:c2:87:56:bb:cf:bc:1c:47:51:dc:d8:
                    d7:87:31:6f:40:08:ae:e6:c8:2c:d8:37:80:5d:15:
                    80:f4:54:58:08:80:ec:d5:c1:82:3e:b4:7a:ce:dd:
                    ae:5a:9c:86:8e:9f:3c:5d:9a:0c:f1:f2:1f:0f:19:
                    c6:73:5b:f0:6f:fa:97:12:cc:81:30:44:13:47:48:
                    72:61:c3:2d:30:5e:d7:1b:d3:59:50:2c:8c:84:95:
                    8b:70:ee:64:c2:56:d0:c3:21:38:f8:2e:e7:a0:85:
                    a1:bd:c6:78:bd:87:08:37:0f:2e:56:e2:5f:db:fd:
                    0f:9e:65:ed:ca:5c:78:83:8a:c0:0e:49:1f:0c:6a:
                    eb:36:3c:a9:2d:0c:60:98:e5:41:86:c3:be:ed:3a:
                    2d:29:6d:55:06:b1:1e:4f:5d:48:40:cb:47:5a:1e:
                    e1:a9:07:95:54:09:88:e8:67:87:8d:89:33:88:c3:
                    f4:cc:9f:28:66:6b:fa:10:6c:37:0b:e8:b2:2f:61:
                    8f:9b:27:9f:33:03:df:c1:58:ea:74:f6:34:0c:c4:
                    df:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:DD:65:2A:E8:D0:02:32:1A:E3:F6:78:D8:52:8E:95:4C:96:2B:4A
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7d1lKujQAjIa4_Z42FKOlUyWK0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:17:d5:09:37:a4:48:9b:84:5f:39:8b:a6:a2:ce:df:37:81:
         2f:0e:fc:b4:c3:f7:f3:5b:7c:6b:20:5a:ff:e6:49:e3:36:14:
         7b:42:8c:c0:f7:ff:f2:70:e9:a9:fb:9c:c6:e8:3a:2a:4c:4d:
         7a:7f:b3:bd:9c:83:82:8d:f1:0f:92:e9:74:71:0a:f7:db:89:
         95:7e:f4:d2:ab:c9:a2:8b:f1:a9:c6:50:7a:50:77:fd:b9:ef:
         63:f8:36:7e:0f:7f:3c:31:74:8f:d3:27:3f:7d:c2:58:28:10:
         0d:a5:1a:18:67:c2:70:79:80:29:af:39:8d:4a:53:66:b2:da:
         e8:8e:de:68:b4:e7:c2:08:16:74:78:52:71:7d:21:fb:36:78:
         c3:84:b5:ee:a3:2f:b0:4c:8d:cb:cd:40:47:5d:04:f3:3d:0f:
         ab:7b:8e:6d:ce:df:86:69:e6:9b:73:02:aa:7a:73:88:07:f0:
         33:9c:b3:87:59:e3:35:de:4c:4b:8a:dd:4d:54:2b:7e:1f:ef:
         23:32:09:aa:b3:23:c9:fe:92:5e:1b:3b:61:81:ea:4a:8b:02:
         ad:20:b6:63:20:cc:ce:3e:8f:ae:34:e1:f5:be:44:48:8c:e4:
         a8:ab:4c:e0:27:fc:2e:06:2b:3b:36:cb:34:5a:07:65:0a:29:
         cb:e4:d7:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYg5tj+TR6vRmLg44A2pc54dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIwMTUxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGRkNjUyYWU4ZDAwMjMyMWFlM2Y2NzhkODUyOGU5NTRjOTYyYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBnzxslanhHVWxFNmHDpH9vkfbLI
sX12hRIU8cY3q/5wd9id1ZNwodNjEqIg+r4JwodWu8+8HEdR3NjXhzFvQAiu5sgs
2DeAXRWA9FRYCIDs1cGCPrR6zt2uWpyGjp88XZoM8fIfDxnGc1vwb/qXEsyBMEQT
R0hyYcMtMF7XG9NZUCyMhJWLcO5kwlbQwyE4+C7noIWhvcZ4vYcINw8uVuJf2/0P
nmXtylx4g4rADkkfDGrrNjypLQxgmOVBhsO+7TotKW1VBrEeT11IQMtHWh7hqQeV
VAmI6GeHjYkziMP0zJ8oZmv6EGw3C+iyL2GPmyefMwPfwVjqdPY0DMTfIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO3dZSro0AIyGuP2eNhSjpVMlitKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN2QxbEt1alFBaklhNF9aNDJGS09sVXlXSzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEkX1Qk3pEibhF85i6ai
zt83gS8O/LTD9/NbfGsgWv/mSeM2FHtCjMD3//Jw6an7nMboOipMTXp/s72cg4KN
8Q+S6XRxCvfbiZV+9NKryaKL8anGUHpQd/2572P4Nn4PfzwxdI/TJz99wlgoEA2l
GhhnwnB5gCmvOY1KU2ay2uiO3mi058IIFnR4UnF9Ifs2eMOEte6jL7BMjcvNQEdd
BPM9D6t7jm3O34Zp5ptzAqp6c4gH8DOcs4dZ4zXeTEuK3U1UK34f7yMyCaqzI8n+
kl4bO2GB6kqLAq0gtmMgzM4+j6404fW+REiM5KirTOAn/C4GKzs2yzRaB2UKKcvk
1+U=
-----END CERTIFICATE-----