Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7pKHZt1lPrWY7PCPCl3vhCe5qM0.roa
File:                     7pKHZt1lPrWY7PCPCl3vhCe5qM0.roa (raw, json)
Hash identifier:          kgsLP+Rv/4NTuzP7X5zTH5yjZByrK+Qdkb1s5sXHlrU=
Subject key identifier:   EE:92:87:66:DD:65:3E:B5:98:EC:F0:8F:0A:5D:EF:84:27:B9:A8:CD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189375257BD21B44C89B98E900BFB07888C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7pKHZt1lPrWY7PCPCl3vhCe5qM0.roa
Signing time:             Sat 08 Jul 2023 21:04:50 +0000
ROA not before:           Sat 08 Jul 2023 21:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:189:3751:b7b2/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:37:52:57:bd:21:b4:4c:89:b9:8e:90:0b:fb:07:88:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul  8 21:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee928766dd653eb598ecf08f0a5def8427b9a8cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:21:b1:c8:d3:f5:cb:4d:29:54:67:9f:59:ab:
                    c3:f4:a7:f2:f3:9d:bc:83:ac:31:20:db:a4:fa:63:
                    af:79:e2:67:1b:87:ec:b2:53:a2:78:ee:74:2a:91:
                    ab:a8:86:24:ce:81:9c:16:52:31:32:3e:79:41:43:
                    fe:e6:83:60:7f:d2:25:fe:ec:d8:4f:2c:ce:64:3b:
                    71:6b:6b:31:6b:d3:d3:79:e0:7f:ce:d2:a5:fc:4e:
                    c5:9c:8f:c9:34:1b:d3:46:bc:b8:62:0d:2f:95:9e:
                    aa:d2:03:7d:ec:b2:d8:fb:7a:c7:21:c7:f2:5a:67:
                    3a:da:66:e2:87:90:1d:28:7b:cb:48:64:6b:98:cf:
                    10:45:c2:c4:cf:71:ce:fd:34:b6:9a:9c:98:75:2b:
                    19:9f:af:df:75:19:1a:0b:2e:4f:52:d9:ab:d3:93:
                    26:9b:4b:ca:32:ad:1c:1d:8a:3d:a3:f9:f9:af:3f:
                    de:29:b3:df:a1:5a:3b:d1:c0:b3:28:2e:f1:74:6d:
                    68:63:a0:32:dd:a5:43:64:76:8c:d3:32:b2:6b:44:
                    1c:75:26:53:a8:e8:c0:76:9a:b8:27:be:1b:33:10:
                    8b:80:a5:91:db:46:a2:c3:72:b1:c8:43:5a:06:96:
                    0e:11:89:29:d2:a8:92:41:7e:23:2d:df:ee:69:87:
                    87:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:92:87:66:DD:65:3E:B5:98:EC:F0:8F:0A:5D:EF:84:27:B9:A8:CD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7pKHZt1lPrWY7PCPCl3vhCe5qM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:bd:ab:38:af:6e:99:aa:ef:f9:47:64:56:02:4c:47:0a:4f:
         dc:42:cb:84:b3:d9:2d:ef:9e:cf:8f:53:78:e0:b2:a9:c5:a2:
         bc:4f:9e:f3:a5:2c:6a:cc:05:a3:b5:2f:59:75:cc:eb:72:e0:
         82:4f:52:b4:dd:29:bc:f0:13:c5:81:82:e4:cd:ae:ac:51:03:
         bc:d9:f5:d9:5c:41:f8:e0:b7:f7:89:0a:8f:21:7e:cb:25:1c:
         bb:c4:9b:96:9b:39:82:f5:e7:47:0f:e8:98:c8:68:1e:9a:a5:
         09:d2:30:73:d6:68:9b:c4:e3:9f:22:51:ac:e4:82:6c:07:ee:
         5a:47:42:64:d3:19:ba:0f:06:a1:ed:ba:18:1d:4f:f2:ba:8e:
         15:da:b1:03:6f:48:0e:25:35:9d:c4:be:b3:c0:67:8e:f6:4b:
         05:bd:92:7b:97:a0:0a:3b:37:fe:7e:0b:2c:c5:eb:ea:7c:12:
         65:ae:e6:3c:f4:c2:94:cd:2c:b7:f8:57:30:11:f4:7e:24:70:
         6e:a3:26:32:b6:d3:3a:ca:5e:cd:7d:2f:56:0f:b5:ab:fa:84:
         d0:18:42:6a:16:21:ca:14:4b:25:57:85:0e:87:07:ff:b6:b5:
         23:d5:9f:5a:e1:79:93:70:6f:b1:5b:7e:9d:55:04:09:ec:4b:
         16:3a:ca:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYk3Ule9IbRMibmOkAv7B4iMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzA4MjEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkyODc2NmRkNjUzZWI1OThlY2YwOGYwYTVkZWY4NDI3YjlhOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiGxyNP1y00pVGefWavD9Kfy8528
g6wxINuk+mOveeJnG4fsslOieO50KpGrqIYkzoGcFlIxMj55QUP+5oNgf9Il/uzY
TyzOZDtxa2sxa9PTeeB/ztKl/E7FnI/JNBvTRry4Yg0vlZ6q0gN97LLY+3rHIcfy
Wmc62mbih5AdKHvLSGRrmM8QRcLEz3HO/TS2mpyYdSsZn6/fdRkaCy5PUtmr05Mm
m0vKMq0cHYo9o/n5rz/eKbPfoVo70cCzKC7xdG1oY6Ay3aVDZHaM0zKya0QcdSZT
qOjAdpq4J74bMxCLgKWR20aiw3KxyENaBpYOEYkp0qiSQX4jLd/uaYeHXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO6Sh2bdZT61mOzwjwpd74QnuajNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN3BLSFp0MWxQcldZN1BDUENsM3ZoQ2U1cU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+9qzivbpmq7/lHZFYC
TEcKT9xCy4Sz2S3vns+PU3jgsqnForxPnvOlLGrMBaO1L1l1zOty4IJPUrTdKbzw
E8WBguTNrqxRA7zZ9dlcQfjgt/eJCo8hfsslHLvEm5abOYL150cP6JjIaB6apQnS
MHPWaJvE458iUazkgmwH7lpHQmTTGboPBqHtuhgdT/K6jhXasQNvSA4lNZ3EvrPA
Z472SwW9knuXoAo7N/5+CyzF6+p8EmWu5jz0wpTNLLf4VzAR9H4kcG6jJjK20zrK
Xs19L1YPtav6hNAYQmoWIcoUSyVXhQ6HB/+2tSPVn1rheZNwb7Fbfp1VBAnsSxY6
yoA=
-----END CERTIFICATE-----