Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/807GDFIH8eIFA5hs44A12nGiydo.roa
File:                     807GDFIH8eIFA5hs44A12nGiydo.roa (raw, json)
Hash identifier:          S3haf3u+vvDZx09BktEkjYdirLoLnH6o11Du7ec3jbo=
Subject key identifier:   F3:4E:C6:0C:52:07:F1:E2:05:03:98:6C:E3:80:35:DA:71:A2:C9:DA
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187F2B16877E3BC9981484356EA8083EE17
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/807GDFIH8eIFA5hs44A12nGiydo.roa
Signing time:             Sat 06 May 2023 20:12:05 +0000
ROA not before:           Sat 06 May 2023 20:12:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f2:b1:68:77:e3:bc:99:81:48:43:56:ea:80:83:ee:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  6 20:12:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f34ec60c5207f1e20503986ce38035da71a2c9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:91:18:91:06:1e:61:7b:8f:7d:f3:51:7a:b1:
                    26:6a:2a:f6:ce:3c:ee:17:b2:d9:bd:25:89:41:7c:
                    4c:e2:93:88:86:8a:83:66:60:30:9d:4a:4b:85:82:
                    27:1b:78:28:5b:22:3b:63:63:9e:b4:e6:2c:84:19:
                    79:b6:2d:c3:28:e0:b5:45:38:72:fe:5d:76:5a:b9:
                    bd:e0:77:1d:63:d4:bd:08:02:d2:85:d1:20:c3:9b:
                    ec:98:0e:da:46:6f:3c:b6:80:ed:8b:04:d2:f8:ab:
                    77:72:aa:11:d3:91:0d:4e:d1:38:a5:7d:f2:f9:37:
                    ce:f5:4c:99:d9:20:b5:02:55:18:4c:b8:3c:09:8b:
                    8d:c4:a2:ea:df:00:fa:c0:3a:92:32:71:88:e3:1f:
                    df:6b:18:7a:00:10:45:ab:48:16:e6:e3:49:f3:bb:
                    d2:9b:87:65:38:04:4e:36:f5:c1:e5:f7:09:3d:be:
                    29:79:48:f7:83:78:0c:27:d4:da:dc:d4:8c:91:20:
                    34:bd:43:a0:43:be:9c:41:b6:46:70:e2:0c:a4:c2:
                    0f:32:26:9c:fe:20:22:d3:f4:a7:cd:b9:1f:41:35:
                    7d:42:82:5e:69:8a:99:84:99:03:0c:b3:1a:59:cb:
                    d1:cd:04:cc:f7:27:c8:94:07:ea:4c:0f:ef:45:9c:
                    2e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:4E:C6:0C:52:07:F1:E2:05:03:98:6C:E3:80:35:DA:71:A2:C9:DA
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/807GDFIH8eIFA5hs44A12nGiydo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:0c:37:9d:11:b7:30:f4:2d:a4:6f:13:61:ff:ac:73:cc:48:
         33:2f:54:2f:9d:71:b9:70:fe:85:1f:a7:a3:50:75:66:96:17:
         a8:60:6d:2d:31:1d:c4:52:af:02:4a:a5:cf:91:4f:08:b8:22:
         29:7a:19:26:9c:c0:da:12:3d:af:18:24:e3:f6:14:dd:27:36:
         cf:8c:31:ee:66:89:07:86:6f:29:a5:db:73:7e:21:5d:07:2a:
         ce:3d:ec:d9:37:bd:91:dd:90:64:fb:c2:08:ad:f3:90:9d:12:
         a7:03:10:f0:78:c8:a9:9c:e4:69:39:c0:b6:88:53:a7:f9:15:
         95:03:68:3b:b9:20:c2:99:f8:cd:90:0e:75:4f:f9:33:7b:26:
         38:8c:69:b2:73:3e:8e:94:9f:2b:c1:ae:6f:a9:09:10:29:f6:
         85:a9:c2:ee:95:26:da:51:50:d6:60:4b:4a:49:b4:d9:5b:df:
         85:7c:5a:06:85:06:91:e8:8b:b0:f7:d4:bc:bf:d0:31:53:bd:
         1f:24:72:1e:64:fc:95:21:4b:2a:b4:7f:cf:0d:9f:f9:79:b6:
         15:ea:6e:0c:bd:4f:9b:15:e1:79:a7:24:a4:69:fd:20:41:1a:
         01:bf:7c:b9:a8:df:6f:b5:01:78:cd:d0:19:91:24:29:f6:6c:
         d0:dd:43:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfysWh347yZgUhDVuqAg+4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA2MjAxMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRlYzYwYzUyMDdmMWUyMDUwMzk4NmNlMzgwMzVkYTcxYTJjOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15EYkQYeYXuPffNRerEmair2zjzu
F7LZvSWJQXxM4pOIhoqDZmAwnUpLhYInG3goWyI7Y2OetOYshBl5ti3DKOC1RThy
/l12Wrm94HcdY9S9CALShdEgw5vsmA7aRm88toDtiwTS+Kt3cqoR05ENTtE4pX3y
+TfO9UyZ2SC1AlUYTLg8CYuNxKLq3wD6wDqSMnGI4x/faxh6ABBFq0gW5uNJ87vS
m4dlOARONvXB5fcJPb4peUj3g3gMJ9Ta3NSMkSA0vUOgQ76cQbZGcOIMpMIPMiac
/iAi0/SnzbkfQTV9QoJeaYqZhJkDDLMaWcvRzQTM9yfIlAfqTA/vRZwu3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNOxgxSB/HiBQOYbOOANdpxosnaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvODA3R0RGSUg4ZUlGQTVoczQ0QTEybkdpeWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEkMN50RtzD0LaRvE2H/
rHPMSDMvVC+dcblw/oUfp6NQdWaWF6hgbS0xHcRSrwJKpc+RTwi4Iil6GSacwNoS
Pa8YJOP2FN0nNs+MMe5miQeGbyml23N+IV0HKs497Nk3vZHdkGT7wgit85CdEqcD
EPB4yKmc5Gk5wLaIU6f5FZUDaDu5IMKZ+M2QDnVP+TN7JjiMabJzPo6UnyvBrm+p
CRAp9oWpwu6VJtpRUNZgS0pJtNlb34V8WgaFBpHoi7D31Ly/0DFTvR8kch5k/JUh
Syq0f88Nn/l5thXqbgy9T5sV4XmnJKRp/SBBGgG/fLmo32+1AXjN0BmRJCn2bNDd
Qzk=
-----END CERTIFICATE-----