Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F1zZjKlFbE1n4gQVyn5_1B8TQ_E.roa
File:                     F1zZjKlFbE1n4gQVyn5_1B8TQ_E.roa (raw, json)
Hash identifier:          HlGiW7pVwkDzsI+9RYjbhiOWUtUo/SHo/r+QjEgpdPQ=
Subject key identifier:   17:5C:D9:8C:A9:45:6C:4D:67:E2:04:15:CA:7E:7F:D4:1F:13:43:F1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01872BC9F8499F5A2202F8C8BFED612CEDEE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F1zZjKlFbE1n4gQVyn5_1B8TQ_E.roa
Signing time:             Wed 29 Mar 2023 05:14:29 +0000
ROA not before:           Wed 29 Mar 2023 05:14:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2b:c9:f8:49:9f:5a:22:02:f8:c8:bf:ed:61:2c:ed:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 29 05:14:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=175cd98ca9456c4d67e20415ca7e7fd41f1343f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b6:29:5a:7b:25:1e:b0:9d:8a:c2:f0:69:30:
                    33:8d:3a:e1:4c:30:c8:8f:83:d2:a0:2f:4a:ff:bf:
                    75:53:8e:07:84:1e:c1:a8:54:0e:d1:13:89:cd:bd:
                    3a:a5:f7:78:37:28:df:0f:31:6a:3c:db:15:68:75:
                    37:6e:b0:3c:5d:c0:ba:f5:ca:e8:5c:61:88:d6:73:
                    7c:6a:fb:11:9d:17:1d:dc:df:a5:84:56:5a:1b:8f:
                    d0:ef:8b:bb:d9:ad:52:fc:44:f0:66:f6:75:a1:64:
                    87:f2:43:da:60:0a:38:4f:c1:52:11:d6:16:c5:11:
                    72:07:d2:14:a1:7d:31:9d:e1:d8:6b:53:2c:15:3b:
                    fd:6c:ce:cd:86:4f:54:b4:19:00:01:2c:ed:d3:88:
                    ac:fd:11:c6:11:2d:a5:57:b8:9c:36:df:4e:7c:26:
                    a2:47:f6:7f:0c:55:3c:37:ff:f9:48:f4:d3:19:f7:
                    8d:ee:8a:89:48:bc:34:8e:f1:8b:21:a9:79:a5:ea:
                    e1:85:25:94:3b:2e:bb:14:3b:fc:33:92:fc:bd:e6:
                    03:04:95:2d:d2:0d:02:75:ed:36:e5:f7:82:91:20:
                    5e:51:84:08:35:41:62:1d:d5:aa:0b:84:50:9a:4d:
                    fe:24:a7:71:a0:83:36:b6:03:48:1c:ef:97:ce:d0:
                    f0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:5C:D9:8C:A9:45:6C:4D:67:E2:04:15:CA:7E:7F:D4:1F:13:43:F1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F1zZjKlFbE1n4gQVyn5_1B8TQ_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:a8:c8:bd:58:ae:d5:a5:5f:d3:ae:03:5f:14:bd:4c:6b:c1:
         e0:96:52:b2:4b:64:68:06:d1:77:69:da:17:a4:ff:1d:05:ae:
         8e:f2:9b:92:38:5a:43:6b:28:e0:dd:b8:b7:b9:bd:42:f7:46:
         6d:7c:a6:28:22:fa:83:82:f3:ce:d4:bb:43:6c:1a:57:44:28:
         f5:0c:6f:c6:fa:48:64:29:5a:5f:f5:e3:3d:ed:1f:70:28:99:
         ee:f6:7f:36:f5:8d:00:df:cb:9e:3d:ba:d0:d7:62:23:82:16:
         c1:a7:c5:1e:11:2d:35:a6:95:63:bb:6b:9b:37:7e:a6:79:3d:
         20:e3:63:fe:f0:2d:df:c5:82:91:4d:2c:a5:e0:99:dd:6e:b0:
         70:a7:b5:cd:5e:c4:16:f5:bd:87:76:cf:84:71:9b:98:cb:c7:
         c9:8f:f6:4a:9d:d7:7b:e5:30:2a:7b:47:44:1b:5a:33:b2:3c:
         7a:41:b3:77:98:3a:2a:99:5c:e1:9b:5a:2a:30:29:40:12:07:
         80:57:78:73:65:1a:d5:90:9d:55:2b:d1:ff:0d:53:1c:91:8a:
         89:83:e3:2b:61:d6:ab:23:b3:a5:c3:8f:0c:53:42:05:5a:80:
         52:33:37:a1:1a:35:ec:63:4b:0f:84:2f:7a:35:27:76:34:10:
         66:32:aa:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcryfhJn1oiAvjIv+1hLO3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI5MDUxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVjZDk4Y2E5NDU2YzRkNjdlMjA0MTVjYTdlN2ZkNDFmMTM0M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLYpWnslHrCdisLwaTAzjTrhTDDI
j4PSoC9K/791U44HhB7BqFQO0ROJzb06pfd4NyjfDzFqPNsVaHU3brA8XcC69cro
XGGI1nN8avsRnRcd3N+lhFZaG4/Q74u72a1S/ETwZvZ1oWSH8kPaYAo4T8FSEdYW
xRFyB9IUoX0xneHYa1MsFTv9bM7Nhk9UtBkAASzt04is/RHGES2lV7icNt9OfCai
R/Z/DFU8N//5SPTTGfeN7oqJSLw0jvGLIal5perhhSWUOy67FDv8M5L8veYDBJUt
0g0Cde025feCkSBeUYQINUFiHdWqC4RQmk3+JKdxoIM2tgNIHO+XztDwYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBdc2YypRWxNZ+IEFcp+f9QfE0PxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRjF6WmpLbEZiRTFuNGdRVnluNV8xQjhUUV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAESoyL1YrtWlX9OuA18U
vUxrweCWUrJLZGgG0Xdp2hek/x0Fro7ym5I4WkNrKODduLe5vUL3Rm18pigi+oOC
887Uu0NsGldEKPUMb8b6SGQpWl/14z3tH3Aome72fzb1jQDfy549utDXYiOCFsGn
xR4RLTWmlWO7a5s3fqZ5PSDjY/7wLd/FgpFNLKXgmd1usHCntc1exBb1vYd2z4Rx
m5jLx8mP9kqd13vlMCp7R0QbWjOyPHpBs3eYOiqZXOGbWiowKUASB4BXeHNlGtWQ
nVUr0f8NUxyRiomD4yth1qsjs6XDjwxTQgVagFIzN6EaNexjSw+EL3o1J3Y0EGYy
qn8=
-----END CERTIFICATE-----