Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JwRGkPZYPYd10bc-9vWw0tLSpgY.roa
File:                     JwRGkPZYPYd10bc-9vWw0tLSpgY.roa (raw, json)
Hash identifier:          fsjHy+CnGfZqr4l1sCbRbhlERaByYvO0n7m9WQKPtJE=
Subject key identifier:   27:04:46:90:F6:58:3D:87:75:D1:B7:3E:F6:F5:B0:D2:D2:D2:A6:06
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187DE7EC6ED6C6CDA8D76704E6FF2DDC6AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JwRGkPZYPYd10bc-9vWw0tLSpgY.roa
Signing time:             Tue 02 May 2023 22:04:23 +0000
ROA not before:           Tue 02 May 2023 22:04:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:187:de7e:8da8/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:de:7e:c6:ed:6c:6c:da:8d:76:70:4e:6f:f2:dd:c6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  2 22:04:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27044690f6583d8775d1b73ef6f5b0d2d2d2a606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:0a:e9:96:74:87:2b:b8:f0:ae:6b:36:ad:8c:
                    f3:b6:02:ec:71:b5:21:26:fb:d3:52:a7:a9:26:d7:
                    a5:14:fa:31:80:29:45:82:8d:d3:3f:dc:23:d7:0c:
                    27:59:d3:aa:96:f1:62:58:21:91:8f:91:37:25:9f:
                    bc:91:00:e1:ae:4f:7f:c5:02:eb:c5:be:7f:48:fc:
                    77:64:d6:49:10:b1:70:07:6c:7a:85:d1:7e:d6:b2:
                    c3:71:86:ae:1d:19:84:a5:26:12:02:40:e8:07:c4:
                    80:71:f9:ef:31:26:a5:89:7c:a2:15:91:a2:e9:f0:
                    f9:09:ea:20:58:5b:7e:e6:b1:ae:45:46:48:65:e2:
                    11:a4:51:a6:b4:dc:32:53:28:ea:63:7d:0c:79:ee:
                    f2:4a:1c:fe:37:0c:56:c8:88:82:0c:b8:e9:b5:12:
                    63:78:4a:29:54:ec:63:d0:e1:c9:82:85:b4:a7:74:
                    f6:a6:3e:5f:c6:c7:8a:76:d1:f7:e5:ea:0e:c6:20:
                    da:d4:43:b2:08:68:6c:ee:fb:a8:11:fd:38:43:a7:
                    97:bb:80:a6:ee:c5:c2:ef:68:ee:84:82:e7:0e:36:
                    0c:96:fe:96:dd:cf:ba:62:df:2a:10:5a:13:03:43:
                    62:16:c5:dc:21:44:4e:e6:16:5d:ea:9a:fd:01:96:
                    be:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:04:46:90:F6:58:3D:87:75:D1:B7:3E:F6:F5:B0:D2:D2:D2:A6:06
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JwRGkPZYPYd10bc-9vWw0tLSpgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:8f:14:68:a7:46:f4:2f:87:d8:57:f9:f8:3b:96:45:a0:58:
         d7:cf:4e:81:1f:56:c7:f6:57:0e:8b:ab:11:ed:0d:ec:69:2e:
         7d:14:2a:bf:a5:1c:30:d8:a7:81:61:2f:24:2b:f1:7a:e1:1a:
         85:57:75:56:70:23:27:4d:70:9c:17:02:86:7a:0b:34:3d:aa:
         52:04:32:76:88:23:21:ed:dc:6a:4f:d8:af:46:80:11:59:48:
         57:4d:2d:d6:bf:cc:d8:4e:e2:b5:c8:8b:1e:6e:39:9f:2d:39:
         2b:8b:b2:f5:78:16:dd:1d:a4:1b:cf:1b:2f:c3:20:91:1a:d8:
         da:1c:f8:6b:ef:97:6a:59:15:06:be:18:41:59:75:93:a6:9c:
         cd:6f:22:b6:b6:b3:f1:07:f4:76:42:5a:1b:87:04:fe:48:fb:
         ac:c9:74:0b:29:48:75:ab:6d:c8:c8:26:20:da:5b:3d:22:21:
         c1:38:5e:b6:86:80:e8:62:de:97:87:cb:14:81:0a:50:26:ef:
         40:bc:d6:4a:4f:2a:a4:9a:19:61:68:5e:e8:cf:bf:3b:86:87:
         75:81:a1:14:f3:3e:ce:1d:18:e7:2f:fc:85:0b:ac:49:34:3b:
         45:c0:c3:c5:00:fa:1e:e2:55:b0:15:1c:8a:e4:ae:f5:e2:33:
         10:b2:ea:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfefsbtbGzajXZwTm/y3catMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAyMjIwNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA0NDY5MGY2NTgzZDg3NzVkMWI3M2VmNmY1YjBkMmQyZDJhNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2grplnSHK7jwrms2rYzztgLscbUh
JvvTUqepJtelFPoxgClFgo3TP9wj1wwnWdOqlvFiWCGRj5E3JZ+8kQDhrk9/xQLr
xb5/SPx3ZNZJELFwB2x6hdF+1rLDcYauHRmEpSYSAkDoB8SAcfnvMSaliXyiFZGi
6fD5CeogWFt+5rGuRUZIZeIRpFGmtNwyUyjqY30Mee7yShz+NwxWyIiCDLjptRJj
eEopVOxj0OHJgoW0p3T2pj5fxseKdtH35eoOxiDa1EOyCGhs7vuoEf04Q6eXu4Cm
7sXC72juhILnDjYMlv6W3c+6Yt8qEFoTA0NiFsXcIURO5hZd6pr9AZa+JQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCcERpD2WD2HddG3Pvb1sNLS0qYGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSndSR2tQWllQWWQxMGJjLTl2V3cwdExTcGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK6PFGinRvQvh9hX+fg7
lkWgWNfPToEfVsf2Vw6LqxHtDexpLn0UKr+lHDDYp4FhLyQr8XrhGoVXdVZwIydN
cJwXAoZ6CzQ9qlIEMnaIIyHt3GpP2K9GgBFZSFdNLda/zNhO4rXIix5uOZ8tOSuL
svV4Ft0dpBvPGy/DIJEa2Noc+Gvvl2pZFQa+GEFZdZOmnM1vIra2s/EH9HZCWhuH
BP5I+6zJdAspSHWrbcjIJiDaWz0iIcE4XraGgOhi3peHyxSBClAm70C81kpPKqSa
GWFoXujPvzuGh3WBoRTzPs4dGOcv/IULrEk0O0XAw8UA+h7iVbAVHIrkrvXiMxCy
6jk=
-----END CERTIFICATE-----