Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1baGOyucybE5XM6Y9Rw6TBpo8k.roa
File:                     G1baGOyucybE5XM6Y9Rw6TBpo8k.roa (raw, json)
Hash identifier:          bIobtnkxFxDGnZKpun1xeuGl1dsWJTIQiSQ2w1/+O4k=
Subject key identifier:   1B:56:DA:18:EC:AE:73:26:C4:E5:73:3A:63:D4:70:E9:30:69:A3:C9
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018705981BBF96E1750A71B32B8DE79FDDE8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1baGOyucybE5XM6Y9Rw6TBpo8k.roa
Signing time:             Tue 21 Mar 2023 19:14:27 +0000
ROA not before:           Tue 21 Mar 2023 19:14:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:05:98:1b:bf:96:e1:75:0a:71:b3:2b:8d:e7:9f:dd:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 21 19:14:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b56da18ecae7326c4e5733a63d470e93069a3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:97:ee:ec:bf:59:86:7b:dd:4f:72:47:22:4a:
                    04:a5:dd:3d:1f:13:9b:94:f1:2b:e3:91:71:8a:4a:
                    4d:dc:72:06:70:d8:95:2a:ca:86:7a:10:61:5e:a9:
                    f4:3b:11:0a:1d:ae:73:42:a1:84:67:b4:dc:49:64:
                    e4:3c:97:eb:80:e6:93:d6:2b:06:e2:59:3d:7e:2f:
                    51:0b:86:4a:9b:62:aa:8f:ee:a8:b9:a3:70:f9:ab:
                    c0:3f:20:78:18:d3:3e:e7:3f:f0:a4:5b:d1:db:af:
                    63:eb:e7:ad:a3:86:1c:ee:91:d4:46:fe:cc:05:7a:
                    b5:5b:f4:d0:cb:e8:65:d2:7b:93:18:14:0d:c2:07:
                    02:a0:c1:7f:71:2b:f9:39:1a:ec:3d:4b:3a:16:10:
                    3b:0e:cd:ef:1a:fc:ae:c2:03:80:05:db:f4:60:c1:
                    ba:9d:45:2b:e0:8f:a1:75:b6:41:92:8d:eb:fb:6a:
                    b6:14:6a:9c:92:2d:b9:3c:41:bb:70:77:40:43:a6:
                    0c:e7:99:bd:7d:8b:bd:07:6f:b7:e0:a7:29:23:42:
                    36:85:51:cc:80:99:cd:d8:c5:3c:51:9b:82:98:6a:
                    d7:e8:3b:7c:5d:d2:1b:79:ce:63:22:e7:50:4d:90:
                    e6:09:77:41:74:bf:f0:ba:2b:e2:4e:0a:75:48:d4:
                    be:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:56:DA:18:EC:AE:73:26:C4:E5:73:3A:63:D4:70:E9:30:69:A3:C9
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G1baGOyucybE5XM6Y9Rw6TBpo8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:a9:67:86:8a:2a:6f:c4:d4:b8:65:bf:66:62:e9:65:ee:eb:
         f6:d2:95:95:e2:cd:14:6d:d8:85:83:4e:d3:bf:01:12:b0:ae:
         71:67:48:df:cb:a6:2c:e3:41:e1:33:d7:0c:d3:b2:09:7d:96:
         85:a7:34:c9:24:55:8a:26:7d:ac:19:ce:6a:3c:2c:06:90:44:
         49:db:5f:59:63:b5:90:86:6a:f3:b8:52:17:f0:84:90:d1:46:
         c5:b2:e3:9c:f3:dc:db:28:20:22:42:ca:1f:2c:98:22:a7:8a:
         21:b7:9d:01:bd:88:3c:9d:ee:e1:68:b6:46:b8:cb:1e:08:3e:
         67:d1:36:d0:bc:f3:47:63:6d:86:d4:05:a9:b8:57:b5:a0:a2:
         b7:a7:5a:10:1f:4b:16:6b:ce:53:0c:b1:54:3e:02:92:87:21:
         ee:16:d2:ed:50:e6:b3:50:78:8a:ea:da:b3:56:d1:02:d8:2a:
         17:b2:05:1a:b0:df:38:f6:94:ac:3f:10:f5:0c:b0:14:88:fe:
         b9:d2:ec:d0:ef:f5:17:7b:bf:2b:d8:5d:6f:11:ea:bb:99:ca:
         b1:46:db:84:29:16:b1:d3:70:0a:0e:39:e2:de:93:4c:b4:2f:
         c4:c7:24:b9:0e:69:7d:25:a6:1a:e5:4e:eb:55:4f:d8:4e:6f:
         5a:8c:ce:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcFmBu/luF1CnGzK43nn93oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIxMTkxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU2ZGExOGVjYWU3MzI2YzRlNTczM2E2M2Q0NzBlOTMwNjlhM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Zfu7L9ZhnvdT3JHIkoEpd09HxOb
lPEr45FxikpN3HIGcNiVKsqGehBhXqn0OxEKHa5zQqGEZ7TcSWTkPJfrgOaT1isG
4lk9fi9RC4ZKm2Kqj+6ouaNw+avAPyB4GNM+5z/wpFvR269j6+eto4Yc7pHURv7M
BXq1W/TQy+hl0nuTGBQNwgcCoMF/cSv5ORrsPUs6FhA7Ds3vGvyuwgOABdv0YMG6
nUUr4I+hdbZBko3r+2q2FGqcki25PEG7cHdAQ6YM55m9fYu9B2+34KcpI0I2hVHM
gJnN2MU8UZuCmGrX6Dt8XdIbec5jIudQTZDmCXdBdL/wuiviTgp1SNS+swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtW2hjsrnMmxOVzOmPUcOkwaaPJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzFiYUdPeXVjeWJFNVhNNlk5Unc2VEJwbzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOpZ4aKKm/E1Lhlv2Zi
6WXu6/bSlZXizRRt2IWDTtO/ARKwrnFnSN/LpizjQeEz1wzTsgl9loWnNMkkVYom
fawZzmo8LAaQREnbX1ljtZCGavO4UhfwhJDRRsWy45zz3NsoICJCyh8smCKniiG3
nQG9iDyd7uFotka4yx4IPmfRNtC880djbYbUBam4V7WgorenWhAfSxZrzlMMsVQ+
ApKHIe4W0u1Q5rNQeIrq2rNW0QLYKheyBRqw3zj2lKw/EPUMsBSI/rnS7NDv9Rd7
vyvYXW8R6ruZyrFG24QpFrHTcAoOOeLek0y0L8THJLkOaX0lphrlTutVT9hOb1qM
zmw=
-----END CERTIFICATE-----