Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FftlkEjy0axEh0cUZ57jknKk5Qc.roa
File:                     FftlkEjy0axEh0cUZ57jknKk5Qc.roa (raw, json)
Hash identifier:          Dff0r5n34NqEgPQLcGIq1srnaZ6JkfdT2F7rKjARkHE=
Subject key identifier:   15:FB:65:90:48:F2:D1:AC:44:87:47:14:67:9E:E3:92:72:A4:E5:07
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187E718C2B680CA917503072D7F37EB7DB9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FftlkEjy0axEh0cUZ57jknKk5Qc.roa
Signing time:             Thu 04 May 2023 14:09:32 +0000
ROA not before:           Thu 04 May 2023 14:09:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e7:18:c2:b6:80:ca:91:75:03:07:2d:7f:37:eb:7d:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  4 14:09:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=15fb659048f2d1ac44874714679ee39272a4e507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:ad:00:be:e3:a8:69:0e:ea:87:49:9c:31:39:
                    05:f9:4f:0b:3e:0b:24:31:08:e6:16:9a:3a:4e:a5:
                    c8:36:9f:62:ef:2f:b0:ae:81:c6:7f:cc:4e:51:10:
                    60:07:27:07:0d:33:0b:37:72:d6:11:1c:ce:b8:75:
                    58:49:14:3e:cf:3c:c2:b4:50:97:e2:c1:70:11:b1:
                    3a:8d:fe:74:8a:9b:3f:cb:5f:7b:ac:38:44:4c:c9:
                    33:c3:d1:94:dd:37:c3:94:43:c5:6e:2a:02:7a:bf:
                    a8:d1:a3:84:db:a2:a3:62:1f:1b:de:16:9f:ee:0f:
                    0f:68:8d:d7:64:cf:8a:ac:02:65:1d:0d:2b:e9:cd:
                    19:82:01:41:92:93:e1:53:61:8a:a3:d2:29:74:ed:
                    a3:9f:b6:27:91:6f:f7:6d:37:fa:cc:04:c5:d5:4c:
                    4a:cb:52:69:11:d9:bf:a3:56:01:44:58:fc:c7:58:
                    8d:14:39:f6:a5:52:55:78:45:da:a0:7a:db:73:f2:
                    b3:15:ef:0d:df:88:dc:8c:f9:3a:2a:6f:d4:b1:f4:
                    a8:a5:6f:d8:6f:3d:35:18:1a:6b:c6:44:15:87:b2:
                    33:1c:f0:c6:ad:8e:e9:78:d1:30:64:72:fe:38:17:
                    95:04:bd:12:41:f0:88:3d:b6:e1:e8:04:38:06:93:
                    5c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:FB:65:90:48:F2:D1:AC:44:87:47:14:67:9E:E3:92:72:A4:E5:07
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FftlkEjy0axEh0cUZ57jknKk5Qc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:59:78:ce:1f:bf:d8:61:0c:9a:ba:4f:c3:bb:21:2f:f8:34:
         1c:01:a5:52:3e:44:8c:0a:60:48:36:8b:1e:f4:a5:c3:91:8b:
         65:17:0f:8c:b2:09:c1:8f:13:db:64:9b:66:23:1b:c8:39:87:
         77:af:8c:8b:a2:a6:81:9c:fd:21:47:04:56:93:ce:25:2a:22:
         f1:2e:45:40:6d:ff:28:bf:c7:65:07:b1:4d:eb:d6:cc:14:fa:
         a9:7d:9a:18:d3:01:2a:e3:3c:dc:d3:bc:36:54:9c:8b:a2:30:
         65:c8:fa:aa:67:47:9e:63:eb:66:16:d5:c4:98:d8:9b:56:9c:
         d5:01:ab:91:1c:1b:55:54:4b:ca:6c:ea:88:e0:92:23:c4:bc:
         c2:5e:7b:8f:73:14:6f:73:4e:70:dd:ff:17:28:67:35:85:9d:
         07:b3:7a:da:92:8a:c7:b7:a5:00:2c:88:41:ea:f4:20:39:05:
         8e:00:a1:1e:79:a6:d6:93:98:82:1f:5c:97:e0:85:c2:b7:1e:
         02:30:34:51:52:b2:8b:1f:0e:e6:94:6b:cd:15:80:5c:28:f5:
         9a:86:d5:75:aa:42:36:66:f5:b3:f9:73:57:42:75:14:b9:be:
         b9:95:5a:64:6a:fe:e3:37:cd:1b:59:28:5c:ca:2e:60:89:c9:
         22:de:17:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfnGMK2gMqRdQMHLX836325MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA0MTQwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWZiNjU5MDQ4ZjJkMWFjNDQ4NzQ3MTQ2NzllZTM5MjcyYTRlNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6K0AvuOoaQ7qh0mcMTkF+U8LPgsk
MQjmFpo6TqXINp9i7y+wroHGf8xOURBgBycHDTMLN3LWERzOuHVYSRQ+zzzCtFCX
4sFwEbE6jf50ips/y197rDhETMkzw9GU3TfDlEPFbioCer+o0aOE26KjYh8b3haf
7g8PaI3XZM+KrAJlHQ0r6c0ZggFBkpPhU2GKo9IpdO2jn7YnkW/3bTf6zATF1UxK
y1JpEdm/o1YBRFj8x1iNFDn2pVJVeEXaoHrbc/KzFe8N34jcjPk6Km/UsfSopW/Y
bz01GBprxkQVh7IzHPDGrY7peNEwZHL+OBeVBL0SQfCIPbbh6AQ4BpNceQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBX7ZZBI8tGsRIdHFGee45JypOUHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRmZ0bGtFankwYXhFaDBjVVo1N2prbktrNVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5ZeM4fv9hhDJq6T8O7
IS/4NBwBpVI+RIwKYEg2ix70pcORi2UXD4yyCcGPE9tkm2YjG8g5h3evjIuipoGc
/SFHBFaTziUqIvEuRUBt/yi/x2UHsU3r1swU+ql9mhjTASrjPNzTvDZUnIuiMGXI
+qpnR55j62YW1cSY2JtWnNUBq5EcG1VUS8ps6ojgkiPEvMJee49zFG9zTnDd/xco
ZzWFnQezetqSise3pQAsiEHq9CA5BY4AoR55ptaTmIIfXJfghcK3HgIwNFFSsosf
DuaUa80VgFwo9ZqG1XWqQjZm9bP5c1dCdRS5vrmVWmRq/uM3zRtZKFzKLmCJySLe
Fxs=
-----END CERTIFICATE-----