Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JZiymdYbeDPJhl02HPmyG7IteM4.roa
File:                     JZiymdYbeDPJhl02HPmyG7IteM4.roa (raw, json)
Hash identifier:          Q14N4ykrN311muzI4KkclQ5KskRfW3ZPy85iSEc+y70=
Subject key identifier:   25:98:B2:99:D6:1B:78:33:C9:86:5D:36:1C:F9:B2:1B:B2:2D:78:CE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187462D1D34EFF200C1783C765D4B0CB818
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JZiymdYbeDPJhl02HPmyG7IteM4.roa
Signing time:             Mon 03 Apr 2023 08:12:54 +0000
ROA not before:           Mon 03 Apr 2023 08:12:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:46:2d:1d:34:ef:f2:00:c1:78:3c:76:5d:4b:0c:b8:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  3 08:12:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2598b299d61b7833c9865d361cf9b21bb22d78ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:72:bb:13:64:19:6c:3b:d0:21:7b:34:e5:46:
                    1a:1a:77:82:95:63:32:ec:df:a1:f8:cf:42:51:aa:
                    4e:02:10:81:77:3d:11:5a:4e:75:af:2d:5e:5d:ff:
                    d8:3f:12:62:31:87:53:4e:64:14:cb:6f:90:00:1c:
                    f8:d5:52:3c:82:63:52:9d:7f:9c:92:57:0e:33:55:
                    77:5d:d4:59:23:3f:df:ad:ed:24:c6:9c:f4:8e:e5:
                    7c:50:b2:ca:e5:00:6c:56:76:b5:8e:9e:77:81:0b:
                    f4:ba:77:91:96:b7:b2:8f:f7:c0:39:ab:5f:79:35:
                    d0:b7:79:d2:74:59:ca:09:53:ca:1c:69:74:19:a7:
                    4a:51:8d:ee:65:fa:29:ae:73:36:2e:2b:13:1b:c1:
                    59:28:1a:53:a5:7f:bd:c9:83:82:63:fe:13:a2:84:
                    89:f7:f6:e3:39:d6:07:7f:cc:b3:db:95:bf:fd:b0:
                    62:c4:7d:29:da:e4:4f:3a:cb:a9:6f:c8:a6:3a:ba:
                    60:9d:75:73:f9:ae:be:af:d0:73:91:03:a2:d4:c5:
                    8e:f5:7e:3d:19:ee:52:52:4f:08:ae:82:e5:5c:12:
                    0f:5e:77:26:16:a5:0c:d0:72:94:f9:4a:82:a3:67:
                    6c:55:57:b4:d2:2e:22:a0:b0:33:fc:61:1e:9e:00:
                    ef:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:98:B2:99:D6:1B:78:33:C9:86:5D:36:1C:F9:B2:1B:B2:2D:78:CE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JZiymdYbeDPJhl02HPmyG7IteM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:4a:c6:42:29:4f:95:42:56:a2:f0:f4:f6:8f:7e:1f:7e:41:
         63:c3:88:cc:87:8a:ac:bd:aa:bf:9a:63:33:27:7e:44:56:5c:
         08:9e:49:fd:38:83:36:24:c9:8b:a8:7f:19:c8:83:7d:ae:ba:
         68:48:39:7f:01:38:e7:da:ab:de:ae:ff:39:39:4e:50:5e:c3:
         ec:83:a3:9b:e0:75:cc:7c:24:fb:07:3a:eb:1c:07:cd:19:da:
         66:e9:ff:77:48:8c:ff:67:8c:d7:bc:8b:1d:dc:c6:74:56:0b:
         4e:ed:f6:cf:bf:32:fc:6e:ff:a8:0d:7e:27:d6:57:d4:b6:f4:
         11:06:8f:73:ed:fd:7e:a3:b5:2e:09:9e:c6:de:95:5a:03:09:
         c2:8c:ce:ca:12:a4:09:4e:e7:37:0a:40:72:a6:68:2f:54:81:
         95:1f:1d:d9:24:e4:3b:18:d1:1b:bc:51:c0:2a:34:3c:9e:59:
         55:be:9e:af:9c:45:00:14:8f:77:a2:42:fd:2f:ea:6a:85:f4:
         38:7a:e5:e8:9d:a8:a6:52:fa:80:86:73:09:96:69:44:64:b0:
         45:77:0e:da:0f:f7:7d:15:5b:31:f7:a0:49:8e:45:be:29:1c:
         87:7c:f2:21:e8:7a:e3:b7:9d:f5:14:68:44:6a:df:bb:d0:8d:
         97:0c:d5:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdGLR007/IAwXg8dl1LDLgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDAzMDgxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTk4YjI5OWQ2MWI3ODMzYzk4NjVkMzYxY2Y5YjIxYmIyMmQ3OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHK7E2QZbDvQIXs05UYaGneClWMy
7N+h+M9CUapOAhCBdz0RWk51ry1eXf/YPxJiMYdTTmQUy2+QABz41VI8gmNSnX+c
klcOM1V3XdRZIz/fre0kxpz0juV8ULLK5QBsVna1jp53gQv0uneRlreyj/fAOatf
eTXQt3nSdFnKCVPKHGl0GadKUY3uZfoprnM2LisTG8FZKBpTpX+9yYOCY/4TooSJ
9/bjOdYHf8yz25W//bBixH0p2uRPOsupb8imOrpgnXVz+a6+r9BzkQOi1MWO9X49
Ge5SUk8IroLlXBIPXncmFqUM0HKU+UqCo2dsVVe00i4ioLAz/GEengDvvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCWYspnWG3gzyYZdNhz5shuyLXjOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSlppeW1kWWJlRFBKaGwwMkhQbXlHN0l0ZU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADZKxkIpT5VCVqLw9PaP
fh9+QWPDiMyHiqy9qr+aYzMnfkRWXAieSf04gzYkyYuofxnIg32uumhIOX8BOOfa
q96u/zk5TlBew+yDo5vgdcx8JPsHOuscB80Z2mbp/3dIjP9njNe8ix3cxnRWC07t
9s+/Mvxu/6gNfifWV9S29BEGj3Pt/X6jtS4JnsbelVoDCcKMzsoSpAlO5zcKQHKm
aC9UgZUfHdkk5DsY0Ru8UcAqNDyeWVW+nq+cRQAUj3eiQv0v6mqF9Dh65eidqKZS
+oCGcwmWaURksEV3DtoP930VWzH3oEmORb4pHId88iHoeuO3nfUUaERq37vQjZcM
1Tk=
-----END CERTIFICATE-----