Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FVljzUsA34oZfCz_G5mqXZDFcRU.roa
File:                     FVljzUsA34oZfCz_G5mqXZDFcRU.roa (raw, json)
Hash identifier:          w81g6jNjKmNhjJh251k8q34taS3xBG2uyeEVcQjhlzM=
Subject key identifier:   15:59:63:CD:4B:00:DF:8A:19:7C:2C:FF:1B:99:AA:5D:90:C5:71:15
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01886B0F9B92ADA1DE11A030F3EA9937A7FE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FVljzUsA34oZfCz_G5mqXZDFcRU.roa
Signing time:             Tue 30 May 2023 05:09:24 +0000
ROA not before:           Tue 30 May 2023 05:09:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6b:0f:9b:92:ad:a1:de:11:a0:30:f3:ea:99:37:a7:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 30 05:09:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=155963cd4b00df8a197c2cff1b99aa5d90c57115
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:42:78:0d:a3:2f:5f:cb:51:ba:01:5a:26:2f:
                    ca:67:87:7c:32:c9:4e:3f:cd:93:21:d2:67:d4:bc:
                    e0:3c:f2:51:2f:f5:f6:fd:b0:0f:5a:05:64:c9:3f:
                    c7:ff:43:96:d0:3d:dd:d5:e9:02:e7:e3:64:16:33:
                    ed:63:e4:4d:d8:a9:86:39:64:a7:74:8b:33:5b:90:
                    98:9e:36:26:c4:68:8e:cd:ac:37:13:8c:c4:5c:50:
                    55:8d:7e:b1:fa:ea:ee:49:f5:f0:07:18:fa:11:cf:
                    35:ac:54:0a:40:30:db:0f:47:08:23:c3:66:dc:55:
                    53:4e:11:41:87:b7:c7:06:6c:6b:ea:43:0f:3b:fb:
                    39:4d:67:fb:62:ad:d0:a7:40:a4:eb:75:f7:5b:7c:
                    98:e3:63:a5:43:44:fb:0f:dd:3e:3a:73:15:39:86:
                    eb:13:bc:80:ea:35:e3:7b:cf:5c:a6:9c:d0:1d:fb:
                    09:ab:e7:2a:11:60:53:16:50:3d:09:7b:81:97:6d:
                    b9:a7:a9:a6:5f:7c:8e:17:f4:74:68:a0:5d:b8:57:
                    8d:e6:03:71:0f:b0:53:cc:95:d8:09:5f:d2:f7:bb:
                    38:38:ba:65:b7:0f:64:df:45:16:4c:53:fd:89:c5:
                    71:d9:09:5a:09:8b:4d:76:0a:50:0a:a7:3d:71:48:
                    25:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:59:63:CD:4B:00:DF:8A:19:7C:2C:FF:1B:99:AA:5D:90:C5:71:15
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FVljzUsA34oZfCz_G5mqXZDFcRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:12:92:13:14:9c:78:50:46:f8:ea:04:cf:b0:ab:ea:1b:1d:
         ce:34:5b:f2:ed:82:4d:be:a4:c2:2a:58:8c:9b:3a:59:e7:0d:
         62:96:b5:d8:fc:01:af:8d:4a:9b:d9:51:b3:ae:8b:49:10:93:
         b6:21:97:0a:60:94:0e:05:90:1d:e4:42:48:0b:9b:9f:99:04:
         da:b7:58:bb:c5:42:76:a9:79:52:f1:15:7d:fe:67:d4:4c:62:
         ed:9e:4d:87:93:0a:e6:58:2e:7e:14:83:b0:a9:5e:96:33:f0:
         bb:28:8f:a9:8c:80:fa:bf:96:ee:b9:19:25:8f:12:81:3f:47:
         23:86:ac:1b:c2:01:bb:bc:1c:77:a7:4c:d9:da:b5:65:75:58:
         23:8e:72:08:bf:4a:fe:7b:a1:b1:68:26:d4:90:f0:89:17:9f:
         7f:a3:f9:fe:fa:57:73:48:e9:94:fb:10:c8:0c:b3:9a:29:6d:
         f8:cf:ea:dd:0c:05:68:d9:7e:03:0b:c7:14:f9:30:7e:fa:d4:
         34:6a:94:3d:b4:30:19:f0:ee:25:82:71:d2:31:59:32:bc:cb:
         e3:45:9c:b1:c0:69:dc:6d:2d:ca:4a:b8:52:73:42:1a:84:b7:
         3c:ff:b8:c1:0b:8b:9b:d6:b0:e4:25:4e:78:e5:6c:ac:6c:9f:
         b2:f3:5f:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhrD5uSraHeEaAw8+qZN6f+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTMwMDUwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTU5NjNjZDRiMDBkZjhhMTk3YzJjZmYxYjk5YWE1ZDkwYzU3MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEJ4DaMvX8tRugFaJi/KZ4d8MslO
P82TIdJn1LzgPPJRL/X2/bAPWgVkyT/H/0OW0D3d1ekC5+NkFjPtY+RN2KmGOWSn
dIszW5CYnjYmxGiOzaw3E4zEXFBVjX6x+uruSfXwBxj6Ec81rFQKQDDbD0cII8Nm
3FVTThFBh7fHBmxr6kMPO/s5TWf7Yq3Qp0Ck63X3W3yY42OlQ0T7D90+OnMVOYbr
E7yA6jXje89cppzQHfsJq+cqEWBTFlA9CXuBl225p6mmX3yOF/R0aKBduFeN5gNx
D7BTzJXYCV/S97s4OLpltw9k30UWTFP9icVx2QlaCYtNdgpQCqc9cUgl1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBVZY81LAN+KGXws/xuZql2QxXEVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRlZsanpVc0EzNG9aZkN6X0c1bXFYWkRGY1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIQSkhMUnHhQRvjqBM+w
q+obHc40W/Ltgk2+pMIqWIybOlnnDWKWtdj8Aa+NSpvZUbOui0kQk7YhlwpglA4F
kB3kQkgLm5+ZBNq3WLvFQnapeVLxFX3+Z9RMYu2eTYeTCuZYLn4Ug7CpXpYz8Lso
j6mMgPq/lu65GSWPEoE/RyOGrBvCAbu8HHenTNnatWV1WCOOcgi/Sv57obFoJtSQ
8IkXn3+j+f76V3NI6ZT7EMgMs5opbfjP6t0MBWjZfgMLxxT5MH761DRqlD20MBnw
7iWCcdIxWTK8y+NFnLHAadxtLcpKuFJzQhqEtzz/uMELi5vWsOQlTnjlbKxsn7Lz
X7w=
-----END CERTIFICATE-----