Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EjMiWnB9Iw5rriPwMMi_Pmr9Sxs.roa
File:                     EjMiWnB9Iw5rriPwMMi_Pmr9Sxs.roa (raw, json)
Hash identifier:          ylV3vYz0KfyTYlLk69zSBHp9R+BcsLHbgAo0UqCFaKI=
Subject key identifier:   12:33:22:5A:70:7D:23:0E:6B:AE:23:F0:30:C8:BF:3E:6A:FD:4B:1B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187FD325F0D3A28628BF64C74A449E046D3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EjMiWnB9Iw5rriPwMMi_Pmr9Sxs.roa
Signing time:             Mon 08 May 2023 21:09:09 +0000
ROA not before:           Mon 08 May 2023 21:09:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fd:32:5f:0d:3a:28:62:8b:f6:4c:74:a4:49:e0:46:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  8 21:09:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1233225a707d230e6bae23f030c8bf3e6afd4b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:24:29:18:27:b3:76:78:16:ca:0c:b6:25:02:
                    ab:1a:6d:6a:73:00:dc:fe:50:12:9d:51:80:b4:d4:
                    88:15:91:2f:a3:f2:4d:f5:b0:a3:8e:73:48:ab:34:
                    ff:cd:68:97:41:c4:12:40:e9:3e:4d:01:ff:9c:7c:
                    09:fc:a0:ba:fc:6a:f8:4b:b5:97:67:2e:46:f3:d8:
                    0f:b4:b8:6b:55:a8:a8:67:d4:b3:34:0d:a7:92:8c:
                    3e:2a:91:45:eb:07:be:86:f9:25:92:eb:ed:aa:d3:
                    a0:52:f1:cf:41:14:60:63:c8:38:90:6c:b2:4c:36:
                    5b:40:c7:62:42:3d:1a:57:7e:e3:b6:fc:e6:37:8a:
                    4a:ae:d8:f4:69:bb:d4:16:8e:2b:a5:97:44:36:b4:
                    9f:8e:10:f9:c2:ed:af:c9:67:c0:9d:c2:2e:ce:7e:
                    39:5a:62:b7:b1:07:8d:fb:7c:27:b9:91:4a:76:9c:
                    7b:a0:69:a4:cd:3b:58:3c:64:3d:eb:a7:ed:9b:5e:
                    10:9d:d3:43:83:00:8b:c2:f6:93:7f:bd:c8:1a:58:
                    ef:f8:c7:3c:46:8f:aa:dc:50:94:a4:54:eb:43:ce:
                    9d:8a:c3:4c:21:d5:bb:29:0c:93:e2:d1:fc:a9:bb:
                    cd:b2:1a:b2:59:a7:61:2a:f9:ad:b4:b2:43:08:c5:
                    50:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:33:22:5A:70:7D:23:0E:6B:AE:23:F0:30:C8:BF:3E:6A:FD:4B:1B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EjMiWnB9Iw5rriPwMMi_Pmr9Sxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:e6:73:0b:f3:9b:05:40:21:42:32:f0:04:46:8d:d9:6e:47:
         e8:b3:9a:3c:53:e4:be:f9:9d:d4:5c:24:30:25:1b:20:2c:7d:
         24:c3:ea:32:ae:1f:59:dc:57:5b:c9:9b:36:c3:22:be:38:e8:
         32:cf:2c:b7:1d:8f:81:cc:13:c4:6c:c3:3f:df:38:29:fa:99:
         e4:90:bf:86:b7:c9:6f:aa:36:ef:21:22:13:46:15:6b:d6:2b:
         2d:22:78:48:12:f7:6b:83:a0:09:50:75:5f:2d:ff:5f:17:49:
         76:05:b1:14:87:3d:cd:2c:ad:93:db:17:14:a2:1a:55:98:53:
         d7:e1:ed:18:c7:3b:9e:cb:6e:31:e1:c1:17:4a:77:65:ed:96:
         d5:ed:f1:49:33:d2:52:5d:47:bf:76:a3:53:ea:07:7f:21:42:
         d5:ca:6d:29:6d:bf:2c:fc:40:ea:1c:e0:a3:cd:97:83:44:62:
         38:1a:73:53:ed:76:53:96:5e:3c:82:ec:eb:14:d0:68:5e:c4:
         78:66:97:23:da:d2:c6:d0:13:7e:2b:52:59:37:5e:c3:57:30:
         74:30:ba:dd:86:5c:82:61:06:9b:60:cf:86:f7:e5:f7:d8:6a:
         c8:3c:63:54:1a:f0:f8:17:f4:f9:a1:6f:56:35:0a:72:09:b0:
         21:65:60:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYf9Ml8NOihii/ZMdKRJ4EbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA4MjEwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjMzMjI1YTcwN2QyMzBlNmJhZTIzZjAzMGM4YmYzZTZhZmQ0YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyQpGCezdngWygy2JQKrGm1qcwDc
/lASnVGAtNSIFZEvo/JN9bCjjnNIqzT/zWiXQcQSQOk+TQH/nHwJ/KC6/Gr4S7WX
Zy5G89gPtLhrVaioZ9SzNA2nkow+KpFF6we+hvklkuvtqtOgUvHPQRRgY8g4kGyy
TDZbQMdiQj0aV37jtvzmN4pKrtj0abvUFo4rpZdENrSfjhD5wu2vyWfAncIuzn45
WmK3sQeN+3wnuZFKdpx7oGmkzTtYPGQ966ftm14QndNDgwCLwvaTf73IGljv+Mc8
Ro+q3FCUpFTrQ86disNMIdW7KQyT4tH8qbvNshqyWadhKvmttLJDCMVQEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBIzIlpwfSMOa64j8DDIvz5q/UsbMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRWpNaVduQjlJdzVycmlQd01NaV9QbXI5U3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJbmcwvzmwVAIUIy8ARG
jdluR+izmjxT5L75ndRcJDAlGyAsfSTD6jKuH1ncV1vJmzbDIr446DLPLLcdj4HM
E8Rswz/fOCn6meSQv4a3yW+qNu8hIhNGFWvWKy0ieEgS92uDoAlQdV8t/18XSXYF
sRSHPc0srZPbFxSiGlWYU9fh7RjHO57LbjHhwRdKd2XtltXt8Ukz0lJdR792o1Pq
B38hQtXKbSltvyz8QOoc4KPNl4NEYjgac1PtdlOWXjyC7OsU0GhexHhmlyPa0sbQ
E34rUlk3XsNXMHQwut2GXIJhBptgz4b35ffYasg8Y1Qa8PgX9Pmhb1Y1CnIJsCFl
YOw=
-----END CERTIFICATE-----