Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H5u8Fogu4XMQ3gIkVCjvKPVC9TA.roa
File:                     H5u8Fogu4XMQ3gIkVCjvKPVC9TA.roa (raw, json)
Hash identifier:          suqIsZD4GEiV/RtZSSb3qR3M9p8mswsjmv4L5S+3Ppw=
Subject key identifier:   1F:9B:BC:16:88:2E:E1:73:10:DE:02:24:54:28:EF:28:F5:42:F5:30
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187EE2D17956B25953747D56C2581827EA6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H5u8Fogu4XMQ3gIkVCjvKPVC9TA.roa
Signing time:             Fri 05 May 2023 23:09:05 +0000
ROA not before:           Fri 05 May 2023 23:09:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ee:2d:17:95:6b:25:95:37:47:d5:6c:25:81:82:7e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  5 23:09:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f9bbc16882ee17310de02245428ef28f542f530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e4:e6:e5:15:5b:a7:72:11:ba:70:67:51:2d:
                    d4:bb:60:2f:50:71:2c:11:d3:f2:d0:ac:bb:7c:a8:
                    3e:69:49:70:e5:ef:8e:52:de:3a:5d:54:d4:50:1c:
                    2b:e0:b7:d4:b3:3a:c7:dc:98:18:70:dd:d2:4c:17:
                    60:da:bd:ec:c5:a1:37:30:23:1a:d3:f2:b8:1b:13:
                    6a:da:78:ac:3d:47:91:cd:3f:18:b9:fe:30:21:c8:
                    4d:3a:7f:79:fb:32:b9:80:ff:15:4c:eb:91:a3:02:
                    16:3c:e7:94:6b:56:f0:af:99:3f:a0:3c:04:7f:30:
                    19:be:3e:11:cc:e2:aa:4d:df:e5:db:3e:3e:78:f6:
                    57:af:a2:63:1f:cd:75:75:91:8d:a2:57:bf:3f:8b:
                    4a:7a:cc:cf:f3:f4:4f:66:71:a5:b6:db:1f:c8:f9:
                    a9:6c:15:36:93:df:a4:75:20:fa:ba:77:c7:04:78:
                    f1:d9:1e:fa:59:48:aa:6a:9a:34:41:3f:97:0e:d6:
                    ef:57:31:fc:14:cb:8c:32:9e:16:23:4a:71:30:cb:
                    a1:64:10:f7:cc:cb:c0:dd:6b:b1:49:bc:31:df:50:
                    32:89:a2:6d:3a:38:fd:1b:d3:7a:a4:f0:92:21:ed:
                    36:d2:f1:3e:08:69:66:f0:df:d6:84:0f:24:18:cf:
                    ad:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:9B:BC:16:88:2E:E1:73:10:DE:02:24:54:28:EF:28:F5:42:F5:30
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H5u8Fogu4XMQ3gIkVCjvKPVC9TA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:b5:5a:de:58:de:c0:e2:fe:91:ca:7c:1f:3f:57:4b:d4:75:
         cf:f0:86:ea:ff:6d:b0:26:dd:b8:54:37:1a:7b:10:75:51:d3:
         88:4d:d5:dc:7d:50:93:a9:c6:1a:bd:f1:27:86:98:90:35:fc:
         d6:f3:d9:98:b3:0f:9d:c8:10:ee:b5:0d:be:1e:b1:eb:7f:41:
         67:9a:eb:6d:09:c2:4e:0a:4b:ca:f1:33:5f:04:01:76:18:84:
         d1:24:e3:f7:1b:ff:58:62:3e:7a:15:35:2c:9a:01:03:ec:e7:
         83:9f:6d:bc:79:b9:d9:b8:da:7e:37:52:bf:c3:62:a5:15:ae:
         6e:22:e3:7f:77:2b:a0:0c:58:b0:64:23:97:23:fb:63:a1:95:
         0f:6a:2d:21:02:3d:32:26:b8:e6:aa:40:e4:ca:a8:c4:ed:29:
         25:7d:40:45:54:2f:1c:dc:2d:78:ec:90:05:d4:22:7a:47:93:
         2c:9b:65:42:77:85:50:66:e0:c9:3b:a1:5b:4d:97:8a:27:3e:
         b5:a7:4e:af:d2:aa:98:2d:77:6f:d2:ee:58:28:77:33:dc:11:
         2b:3d:be:71:f5:f8:c8:00:5c:43:63:76:fa:2d:55:5b:f3:d9:
         9f:b6:37:52:5b:a8:1d:93:ca:b2:ac:6e:c2:7e:e6:04:f7:0c:
         6c:b5:0d:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfuLReVayWVN0fVbCWBgn6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA1MjMwOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjliYmMxNjg4MmVlMTczMTBkZTAyMjQ1NDI4ZWYyOGY1NDJmNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuTm5RVbp3IRunBnUS3Uu2AvUHEs
EdPy0Ky7fKg+aUlw5e+OUt46XVTUUBwr4LfUszrH3JgYcN3STBdg2r3sxaE3MCMa
0/K4GxNq2nisPUeRzT8Yuf4wIchNOn95+zK5gP8VTOuRowIWPOeUa1bwr5k/oDwE
fzAZvj4RzOKqTd/l2z4+ePZXr6JjH811dZGNole/P4tKeszP8/RPZnGlttsfyPmp
bBU2k9+kdSD6unfHBHjx2R76WUiqapo0QT+XDtbvVzH8FMuMMp4WI0pxMMuhZBD3
zMvA3WuxSbwx31AyiaJtOjj9G9N6pPCSIe020vE+CGlm8N/WhA8kGM+tJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB+bvBaILuFzEN4CJFQo7yj1QvUwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSDV1OEZvZ3U0WE1RM2dJa1ZDanZLUFZDOVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIK1Wt5Y3sDi/pHKfB8/
V0vUdc/whur/bbAm3bhUNxp7EHVR04hN1dx9UJOpxhq98SeGmJA1/Nbz2ZizD53I
EO61Db4eset/QWea620Jwk4KS8rxM18EAXYYhNEk4/cb/1hiPnoVNSyaAQPs54Of
bbx5udm42n43Ur/DYqUVrm4i4393K6AMWLBkI5cj+2OhlQ9qLSECPTImuOaqQOTK
qMTtKSV9QEVULxzcLXjskAXUInpHkyybZUJ3hVBm4Mk7oVtNl4onPrWnTq/Sqpgt
d2/S7lgodzPcESs9vnH1+MgAXENjdvotVVvz2Z+2N1JbqB2TyrKsbsJ+5gT3DGy1
Dcw=
-----END CERTIFICATE-----