Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5Rz6noPcPdHNH4jpND2KX5P4OU.roa
File:                     A5Rz6noPcPdHNH4jpND2KX5P4OU.roa (raw, json)
Hash identifier:          OqoSkyVCfr2eza3GzfJc2VpI1KnGg281JG47xx0d4yI=
Subject key identifier:   03:94:73:EA:7A:0F:70:F7:47:34:7E:23:A4:D0:F6:29:7E:4F:E0:E5
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186EFB42A6BEFAA178F933B30FD89AF4806
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5Rz6noPcPdHNH4jpND2KX5P4OU.roa
Signing time:             Fri 17 Mar 2023 13:13:27 +0000
ROA not before:           Fri 17 Mar 2023 13:13:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:b4:2a:6b:ef:aa:17:8f:93:3b:30:fd:89:af:48:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 17 13:13:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=039473ea7a0f70f747347e23a4d0f6297e4fe0e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:7f:65:42:5c:d7:7b:14:24:44:8f:a8:48:76:
                    0d:58:e5:a4:c1:2b:0f:d3:a1:a8:f5:f4:e1:82:2c:
                    4e:17:be:9a:e6:fd:95:6c:f6:ba:f8:d3:6f:ed:3c:
                    66:94:ec:1e:8f:90:4b:1f:34:f0:05:e6:87:c4:3c:
                    58:84:fe:0c:a4:91:d3:43:13:8f:4c:1f:f8:e8:c0:
                    35:fa:e8:e3:78:69:bf:67:af:14:2e:78:d7:a9:68:
                    9d:d3:fa:4a:f1:e2:f0:98:36:49:30:14:8a:9e:83:
                    10:cb:54:99:cb:5c:c7:46:dc:df:8b:a3:fc:b4:45:
                    a0:f3:3b:94:82:7d:2d:3d:72:cf:53:f0:69:83:c8:
                    53:aa:a5:16:b6:0e:26:74:82:6b:f8:a2:28:54:dd:
                    20:07:78:7e:c1:0c:9c:41:17:b5:c6:de:2f:f7:f6:
                    44:af:f2:73:5f:fa:bc:53:35:23:51:ea:bc:87:40:
                    66:b2:f0:6c:46:6f:4e:44:c1:a1:2e:3f:b8:5b:f7:
                    e2:dc:a2:e0:3f:a5:f8:a3:55:8b:ad:a8:53:2c:4c:
                    8f:6b:5c:27:10:48:2e:28:67:89:c3:7b:f8:56:e4:
                    7b:2c:7d:16:de:8c:c4:82:31:5f:db:55:0b:1d:e1:
                    90:46:2c:93:af:fb:ed:8f:a7:49:38:6f:ba:c8:46:
                    8c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:94:73:EA:7A:0F:70:F7:47:34:7E:23:A4:D0:F6:29:7E:4F:E0:E5
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5Rz6noPcPdHNH4jpND2KX5P4OU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:47:fa:34:a0:7e:41:dc:78:e0:b3:46:67:f4:7a:6c:ca:59:
         f4:94:5a:61:eb:c9:dc:52:f8:dd:6f:eb:22:52:0f:83:ea:21:
         d4:10:00:bd:2b:f1:10:f4:bd:63:93:59:6e:66:ef:f4:eb:38:
         9e:c2:07:14:85:06:1f:69:1f:e7:89:b4:c5:4b:be:87:34:35:
         14:ce:2b:da:5c:e0:fc:8d:55:47:5d:da:5d:5b:f4:97:14:df:
         fc:9b:8e:8f:37:55:11:96:67:0e:24:40:8c:96:46:0c:eb:bf:
         c0:30:a3:1d:c0:99:3d:be:d9:d5:9f:12:56:1d:51:b9:17:1a:
         a8:e2:39:93:33:76:1b:91:46:95:d3:ae:be:fb:30:a3:0f:83:
         3d:eb:70:56:21:f7:28:54:14:94:0b:e1:f9:9f:cc:1c:89:50:
         36:4d:d5:65:38:62:7e:a8:7e:02:26:98:54:65:d1:5c:bc:29:
         c7:20:d1:ea:73:54:08:be:65:71:b2:a2:c9:07:ac:23:bd:65:
         f8:44:56:4e:b8:fe:66:21:e3:ce:0d:ba:25:fb:d1:71:2b:cf:
         ad:1d:55:0f:0f:b5:1e:67:b7:b9:59:f3:d2:f6:e5:bc:67:72:
         e5:66:9f:4a:6e:84:fa:cd:10:8d:7c:46:74:11:3b:63:3a:61:
         6f:01:90:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbvtCpr76oXj5M7MP2Jr0gGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE3MTMxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk0NzNlYTdhMGY3MGY3NDczNDdlMjNhNGQwZjYyOTdlNGZlMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX9lQlzXexQkRI+oSHYNWOWkwSsP
06Go9fThgixOF76a5v2VbPa6+NNv7TxmlOwej5BLHzTwBeaHxDxYhP4MpJHTQxOP
TB/46MA1+ujjeGm/Z68ULnjXqWid0/pK8eLwmDZJMBSKnoMQy1SZy1zHRtzfi6P8
tEWg8zuUgn0tPXLPU/Bpg8hTqqUWtg4mdIJr+KIoVN0gB3h+wQycQRe1xt4v9/ZE
r/JzX/q8UzUjUeq8h0BmsvBsRm9ORMGhLj+4W/fi3KLgP6X4o1WLrahTLEyPa1wn
EEguKGeJw3v4VuR7LH0W3ozEgjFf21ULHeGQRiyTr/vtj6dJOG+6yEaMlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAOUc+p6D3D3RzR+I6TQ9il+T+DlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQTVSejZub1BjUGRITkg0anBORDJLWDVQNE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACRH+jSgfkHceOCzRmf0
emzKWfSUWmHrydxS+N1v6yJSD4PqIdQQAL0r8RD0vWOTWW5m7/TrOJ7CBxSFBh9p
H+eJtMVLvoc0NRTOK9pc4PyNVUdd2l1b9JcU3/ybjo83VRGWZw4kQIyWRgzrv8Aw
ox3AmT2+2dWfElYdUbkXGqjiOZMzdhuRRpXTrr77MKMPgz3rcFYh9yhUFJQL4fmf
zByJUDZN1WU4Yn6ofgImmFRl0Vy8Kccg0epzVAi+ZXGyoskHrCO9ZfhEVk64/mYh
484NuiX70XErz60dVQ8PtR5nt7lZ89L25bxncuVmn0puhPrNEI18RnQRO2M6YW8B
kDI=
-----END CERTIFICATE-----