Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Co5xHBviiTkfXFh4MUHStgANvtY.roa
File:                     Co5xHBviiTkfXFh4MUHStgANvtY.roa (raw, json)
Hash identifier:          q/6+Drob7bNVPsBhOIMBnCLME8gEqZqvXOMcZvswjyY=
Subject key identifier:   0A:8E:71:1C:1B:E2:89:39:1F:5C:58:78:31:41:D2:B6:00:0D:BE:D6
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E9E0C61358AB0D02880DF6CFEE0E3B1E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Co5xHBviiTkfXFh4MUHStgANvtY.roa
Signing time:             Thu 16 Mar 2023 10:04:27 +0000
ROA not before:           Thu 16 Mar 2023 10:04:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:e9e0:899d/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e9:e0:c6:13:58:ab:0d:02:88:0d:f6:cf:ee:0e:3b:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 16 10:04:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a8e711c1be289391f5c58783141d2b6000dbed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:cd:d9:8f:73:d6:90:65:3f:e0:64:f2:3b:20:
                    7f:5c:5b:07:cc:83:eb:b4:47:9e:ef:1f:42:62:9e:
                    96:b9:94:71:4c:c9:81:ed:c0:38:46:22:d0:8f:59:
                    ad:ae:ca:b4:06:8c:8d:45:8f:4f:cc:69:bf:5e:3c:
                    4d:4c:0c:fb:c2:6e:79:3a:34:9d:cf:c7:de:88:64:
                    e3:85:28:3f:bf:3d:9e:eb:d8:41:5f:c3:cb:a7:63:
                    a4:aa:d0:36:5e:86:39:17:b8:fd:29:f9:67:fa:24:
                    03:1d:96:fe:b8:52:c4:34:71:85:f7:a9:87:88:29:
                    58:f9:2d:86:8a:4b:58:1e:d0:16:8c:0a:00:e3:66:
                    f9:04:5d:55:8b:03:73:18:38:bd:12:0f:e7:23:84:
                    d1:a2:b5:ec:fd:a5:70:15:3a:7d:b9:40:ec:54:98:
                    c1:2b:51:5a:ca:19:57:5d:56:55:e5:14:f1:93:14:
                    b6:b5:45:a6:88:87:d3:79:bb:84:96:97:9c:11:99:
                    18:d3:00:a0:93:eb:42:42:8e:27:b1:0f:74:88:e6:
                    2d:79:39:94:77:6b:e1:67:53:66:41:41:6a:34:87:
                    41:d9:1d:70:ff:51:90:ac:e5:7c:45:33:9e:b5:2d:
                    e7:25:d1:99:10:02:3c:bb:9a:01:74:3e:db:3d:23:
                    85:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:8E:71:1C:1B:E2:89:39:1F:5C:58:78:31:41:D2:B6:00:0D:BE:D6
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Co5xHBviiTkfXFh4MUHStgANvtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:31:0a:0b:95:cd:53:28:73:85:c3:ad:8d:f7:09:39:19:5b:
         9d:98:9b:62:aa:a7:af:96:f7:6e:ab:da:7f:d2:44:f1:ad:0e:
         48:32:94:cd:83:93:be:d0:28:d8:d7:30:df:51:e6:a3:02:09:
         b9:ee:b4:4b:15:90:f8:94:90:7a:da:f0:83:cd:63:be:2a:c7:
         de:1b:81:93:62:13:68:58:76:1a:e7:a6:86:0b:26:90:bb:b8:
         e6:31:18:94:00:53:c9:02:00:81:eb:dc:9e:bd:ea:18:f7:3e:
         8b:a8:89:31:a5:1a:07:47:d6:e6:a2:34:cd:90:74:a9:3d:dd:
         9f:79:93:5f:92:71:79:f0:31:d7:27:9b:0b:db:3e:16:a2:64:
         75:69:22:85:57:69:99:e8:6f:73:e9:9d:d2:70:0c:b0:80:ad:
         24:25:1c:5f:13:52:d8:35:1e:41:eb:92:51:ae:e3:e7:7d:65:
         21:92:10:77:be:3d:26:7a:59:bb:75:48:e0:fa:64:30:ab:cc:
         55:68:1a:3f:1e:50:c2:56:15:30:42:87:44:d4:c4:a7:29:5b:
         a5:19:6e:c5:2d:8f:de:f4:56:da:88:ba:f4:bb:51:56:e1:23:
         46:cb:24:42:c6:c7:f0:42:26:b9:70:4b:cf:fd:8a:63:4d:71:
         8e:d9:ee:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbp4MYTWKsNAogN9s/uDjseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE2MTAwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYThlNzExYzFiZTI4OTM5MWY1YzU4NzgzMTQxZDJiNjAwMGRiZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos3Zj3PWkGU/4GTyOyB/XFsHzIPr
tEee7x9CYp6WuZRxTMmB7cA4RiLQj1mtrsq0BoyNRY9PzGm/XjxNTAz7wm55OjSd
z8feiGTjhSg/vz2e69hBX8PLp2OkqtA2XoY5F7j9Kfln+iQDHZb+uFLENHGF96mH
iClY+S2GiktYHtAWjAoA42b5BF1ViwNzGDi9Eg/nI4TRorXs/aVwFTp9uUDsVJjB
K1FayhlXXVZV5RTxkxS2tUWmiIfTebuElpecEZkY0wCgk+tCQo4nsQ90iOYteTmU
d2vhZ1NmQUFqNIdB2R1w/1GQrOV8RTOetS3nJdGZEAI8u5oBdD7bPSOFKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAqOcRwb4ok5H1xYeDFB0rYADb7WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQ281eEhCdmlpVGtmWEZoNE1VSFN0Z0FOdnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwxCguVzVMoc4XDrY33
CTkZW52Ym2Kqp6+W926r2n/SRPGtDkgylM2Dk77QKNjXMN9R5qMCCbnutEsVkPiU
kHra8IPNY74qx94bgZNiE2hYdhrnpoYLJpC7uOYxGJQAU8kCAIHr3J696hj3Pouo
iTGlGgdH1uaiNM2QdKk93Z95k1+ScXnwMdcnmwvbPhaiZHVpIoVXaZnob3PpndJw
DLCArSQlHF8TUtg1HkHrklGu4+d9ZSGSEHe+PSZ6Wbt1SOD6ZDCrzFVoGj8eUMJW
FTBCh0TUxKcpW6UZbsUtj970VtqIuvS7UVbhI0bLJELGx/BCJrlwS8/9imNNcY7Z
7ng=
-----END CERTIFICATE-----