Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AtF0Le2_xlUOWy3n2BE9jNa3ID4.roa
File:                     AtF0Le2_xlUOWy3n2BE9jNa3ID4.roa (raw, json)
Hash identifier:          1YY8DsJysC5T131XybvpdpwdJVYjeVFDwsuNsgVHkjI=
Subject key identifier:   02:D1:74:2D:ED:BF:C6:55:0E:5B:2D:E7:D8:11:3D:8C:D6:B7:20:3E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188AA8E99CF083D49BC3A1E150343824EC0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AtF0Le2_xlUOWy3n2BE9jNa3ID4.roa
Signing time:             Sun 11 Jun 2023 13:04:12 +0000
ROA not before:           Sun 11 Jun 2023 13:04:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:188:aa8e:87a1/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:aa:8e:99:cf:08:3d:49:bc:3a:1e:15:03:43:82:4e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 11 13:04:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02d1742dedbfc6550e5b2de7d8113d8cd6b7203e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:23:44:74:ad:c8:b0:ee:0d:13:5c:ed:cb:5e:
                    ca:bb:d9:d0:1c:1c:51:e8:f8:92:6e:f0:f7:89:33:
                    83:c9:37:c2:88:b7:c7:07:9d:79:9b:26:7d:27:35:
                    83:2a:33:56:34:a4:9b:a5:e5:d2:3a:0c:f7:88:12:
                    00:01:08:5b:eb:f7:9f:15:49:17:38:a9:34:fb:56:
                    b5:ee:5d:76:e7:dd:43:27:49:22:97:8b:06:04:13:
                    8e:62:25:c4:89:05:6d:fa:04:95:ca:50:83:82:55:
                    14:d9:2e:8b:97:fb:9e:48:45:d9:f7:58:5e:80:38:
                    0a:2d:55:e8:fd:d0:0e:21:a0:aa:d0:b5:c6:ec:81:
                    67:86:19:fd:77:27:50:7e:7e:9f:b9:31:f0:de:e3:
                    8c:75:e8:ba:a5:ff:68:e9:66:2a:fe:31:ca:f3:53:
                    da:8f:41:fb:1b:29:4c:72:df:49:08:fe:0a:93:e9:
                    27:82:ca:4b:30:d2:75:1c:c8:f7:25:3b:4c:73:d1:
                    52:90:e0:64:d6:c1:bb:68:ef:b9:5c:f1:0f:94:6b:
                    c7:b7:3f:63:b2:4b:0f:23:34:c6:38:27:4e:c2:cb:
                    38:05:fc:9f:59:b1:f4:60:e3:da:ee:84:eb:89:f4:
                    c8:41:3d:5b:af:8a:82:0e:18:05:d7:9d:ac:99:89:
                    cc:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:D1:74:2D:ED:BF:C6:55:0E:5B:2D:E7:D8:11:3D:8C:D6:B7:20:3E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AtF0Le2_xlUOWy3n2BE9jNa3ID4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:b2:b8:9c:0e:22:e1:5a:63:f7:ac:1e:9f:02:04:ba:2b:27:
         89:1d:f6:04:f1:4c:5d:fc:7c:8d:80:a9:9e:ca:8c:be:3a:18:
         19:a3:c6:2a:00:40:0c:d2:ca:bd:a6:19:bb:1d:ba:48:cb:44:
         b5:d1:d9:0a:1d:e0:bb:1f:a3:9e:f4:ea:20:06:ab:58:5b:e7:
         01:66:6f:9b:ec:0a:b3:9d:1e:6c:3e:78:31:36:5d:c7:c4:92:
         e7:53:50:2f:f0:7f:98:50:fd:e8:cf:ab:1c:71:23:f5:d8:e2:
         d6:da:18:8d:7b:65:63:45:5b:d3:fe:b7:95:f7:46:11:e9:fd:
         ef:df:1f:d5:3d:a2:b8:46:98:1e:7c:08:73:b7:65:ac:64:6e:
         d3:b0:8d:0f:09:30:5b:b6:e3:ed:dc:df:56:97:f7:30:a9:5c:
         e5:9a:0b:e9:54:96:a0:2a:17:2d:91:f0:99:07:87:62:36:75:
         b9:7d:41:bd:f5:7b:b8:18:16:fe:5a:ea:ce:f4:d7:85:24:24:
         0e:4e:f1:c5:22:67:d5:8d:47:c3:ec:a2:a9:7c:d3:08:67:06:
         3f:c3:9a:cd:61:4c:73:77:f3:bb:de:8e:ce:72:de:0c:06:88:
         19:c8:08:7e:73:09:cc:cb:36:3e:81:bf:d9:c1:21:80:a4:c4:
         da:aa:a2:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiqjpnPCD1JvDoeFQNDgk7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjExMTMwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQxNzQyZGVkYmZjNjU1MGU1YjJkZTdkODExM2Q4Y2Q2YjcyMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SNEdK3IsO4NE1zty17Ku9nQHBxR
6PiSbvD3iTODyTfCiLfHB515myZ9JzWDKjNWNKSbpeXSOgz3iBIAAQhb6/efFUkX
OKk0+1a17l12591DJ0kil4sGBBOOYiXEiQVt+gSVylCDglUU2S6Ll/ueSEXZ91he
gDgKLVXo/dAOIaCq0LXG7IFnhhn9dydQfn6fuTHw3uOMdei6pf9o6WYq/jHK81Pa
j0H7GylMct9JCP4Kk+kngspLMNJ1HMj3JTtMc9FSkOBk1sG7aO+5XPEPlGvHtz9j
sksPIzTGOCdOwss4BfyfWbH0YOPa7oTrifTIQT1br4qCDhgF152smYnMOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFALRdC3tv8ZVDlst59gRPYzWtyA+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQXRGMExlMl94bFVPV3kzbjJCRTlqTmEzSUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI+yuJwOIuFaY/esHp8C
BLorJ4kd9gTxTF38fI2AqZ7KjL46GBmjxioAQAzSyr2mGbsdukjLRLXR2Qod4Lsf
o5706iAGq1hb5wFmb5vsCrOdHmw+eDE2XcfEkudTUC/wf5hQ/ejPqxxxI/XY4tba
GI17ZWNFW9P+t5X3RhHp/e/fH9U9orhGmB58CHO3ZaxkbtOwjQ8JMFu24+3c31aX
9zCpXOWaC+lUlqAqFy2R8JkHh2I2dbl9Qb31e7gYFv5a6s7014UkJA5O8cUiZ9WN
R8Psoql80whnBj/Dms1hTHN387vejs5y3gwGiBnICH5zCczLNj6Bv9nBIYCkxNqq
otE=
-----END CERTIFICATE-----