Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F_WXl9_pQSu9Y7aaa5030_xj5Z0.roa
File:                     F_WXl9_pQSu9Y7aaa5030_xj5Z0.roa (raw, json)
Hash identifier:          +wuzHmRex7LzJPxBOC9Fb9rsq5qUxAsjvP/hyJnqDOo=
Subject key identifier:   17:F5:97:97:DF:E9:41:2B:BD:63:B6:9A:6B:9D:37:D3:FC:63:E5:9D
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01884B85915DD74212FA072247B7C2322B47
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F_WXl9_pQSu9Y7aaa5030_xj5Z0.roa
Signing time:             Wed 24 May 2023 02:10:24 +0000
ROA not before:           Wed 24 May 2023 02:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4b:85:91:5d:d7:42:12:fa:07:22:47:b7:c2:32:2b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 24 02:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=17f59797dfe9412bbd63b69a6b9d37d3fc63e59d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e7:d1:04:06:26:d3:b3:19:04:3f:d2:3c:65:
                    75:b3:35:eb:5a:b8:22:08:2d:3c:83:1e:83:a3:a1:
                    c9:53:a5:64:5f:dd:90:0f:cc:5a:e7:eb:9f:6a:5a:
                    d3:6f:6f:77:d0:70:36:b0:cc:60:1b:fe:e1:60:3a:
                    75:5e:39:bf:26:05:c9:2a:65:88:43:3e:c3:93:47:
                    7c:f2:e5:a0:9d:2c:02:44:ff:70:04:9a:d7:ab:59:
                    b8:5a:f8:c9:f5:8f:0e:12:fa:85:99:30:0f:8d:7c:
                    d9:5f:c9:62:ae:78:58:c7:9a:4b:a2:c8:a1:13:b9:
                    12:ec:bb:17:a3:5f:6d:d7:58:b2:f1:2b:6d:e0:49:
                    3e:0f:9e:da:bb:6b:54:a9:45:43:ff:62:9e:84:13:
                    47:10:d5:fa:ad:8c:f9:b2:16:0a:eb:00:d1:d4:3b:
                    cc:54:62:5d:c0:f1:93:80:5c:32:e2:76:bf:f4:48:
                    8c:ec:b8:fe:07:fd:66:9d:89:4d:c9:0b:48:a4:2c:
                    52:07:dc:1b:fe:c3:24:c9:b5:f1:a2:0b:29:2f:6b:
                    47:2b:8e:01:75:f8:d3:a7:83:2c:9a:59:16:dc:e4:
                    98:b5:39:c9:35:21:f7:00:cd:3b:ae:12:b4:8d:1a:
                    77:88:7e:01:74:d1:23:32:96:35:20:83:f1:cb:6b:
                    0b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:F5:97:97:DF:E9:41:2B:BD:63:B6:9A:6B:9D:37:D3:FC:63:E5:9D
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F_WXl9_pQSu9Y7aaa5030_xj5Z0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:d5:86:71:20:f6:f1:ec:ba:ff:f6:d3:3c:af:4a:0c:8c:66:
         14:38:1f:b4:03:e2:e7:72:0a:b2:25:c8:4d:7f:72:9b:54:89:
         1d:83:c1:4d:1d:fe:b8:a3:0c:98:c1:aa:26:4e:24:8e:4b:16:
         d9:09:b6:e2:ad:18:5a:f4:52:f4:21:74:51:9a:42:6a:32:8d:
         ae:a2:8e:41:b2:a6:29:f4:4c:30:c4:a7:e0:b3:3d:3a:4c:e8:
         ea:07:93:30:49:19:5e:fd:26:32:b2:41:b9:fd:f2:40:3d:99:
         f6:11:82:d2:96:56:89:ea:f1:a2:c8:d0:fb:97:4c:be:ac:62:
         d8:48:63:0b:9d:d7:d5:0f:b9:4f:6e:72:9f:2e:64:ae:e0:bb:
         b4:b5:ba:23:1a:f7:c6:8c:df:ec:07:ca:8a:d7:12:65:49:e8:
         ee:29:8f:fa:fd:e8:57:32:9e:9a:b9:48:fd:57:7b:e7:68:61:
         ee:cb:7e:f2:2a:e4:5b:0d:a9:04:b8:60:8b:d0:32:a6:88:9b:
         33:da:7a:65:f2:36:30:e0:82:88:57:c8:f0:60:d3:d3:d3:07:
         97:70:ce:de:9b:4f:8c:df:22:db:d7:49:28:3f:4b:31:86:e1:
         ee:43:f5:26:85:52:e6:55:1d:ed:34:fa:cc:6d:00:cf:69:da:
         a1:c9:67:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhLhZFd10IS+gciR7fCMitHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI0MDIxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Y1OTc5N2RmZTk0MTJiYmQ2M2I2OWE2YjlkMzdkM2ZjNjNlNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+fRBAYm07MZBD/SPGV1szXrWrgi
CC08gx6Do6HJU6VkX92QD8xa5+ufalrTb2930HA2sMxgG/7hYDp1Xjm/JgXJKmWI
Qz7Dk0d88uWgnSwCRP9wBJrXq1m4WvjJ9Y8OEvqFmTAPjXzZX8lirnhYx5pLosih
E7kS7LsXo19t11iy8Stt4Ek+D57au2tUqUVD/2KehBNHENX6rYz5shYK6wDR1DvM
VGJdwPGTgFwy4na/9EiM7Lj+B/1mnYlNyQtIpCxSB9wb/sMkybXxogspL2tHK44B
dfjTp4MsmlkW3OSYtTnJNSH3AM07rhK0jRp3iH4BdNEjMpY1IIPxy2sLLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBf1l5ff6UErvWO2mmudN9P8Y+WdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRl9XWGw5X3BRU3U5WTdhYWE1MDMwX3hqNVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErVhnEg9vHsuv/20zyv
SgyMZhQ4H7QD4udyCrIlyE1/cptUiR2DwU0d/rijDJjBqiZOJI5LFtkJtuKtGFr0
UvQhdFGaQmoyja6ijkGypin0TDDEp+CzPTpM6OoHkzBJGV79JjKyQbn98kA9mfYR
gtKWVonq8aLI0PuXTL6sYthIYwud19UPuU9ucp8uZK7gu7S1uiMa98aM3+wHyorX
EmVJ6O4pj/r96Fcynpq5SP1Xe+doYe7LfvIq5FsNqQS4YIvQMqaImzPaemXyNjDg
gohXyPBg09PTB5dwzt6bT4zfItvXSSg/SzGG4e5D9SaFUuZVHe00+sxtAM9p2qHJ
Z4Q=
-----END CERTIFICATE-----