Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KEsjFVfEQRSWf5WIyMkB7NKmAws.roa
File:                     KEsjFVfEQRSWf5WIyMkB7NKmAws.roa (raw, json)
Hash identifier:          sWZq760Ey2xNnDHO81mT8z81lVW2iheTSBVjlFQ5joo=
Subject key identifier:   28:4B:23:15:57:C4:41:14:96:7F:95:88:C8:C9:01:EC:D2:A6:03:0B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E8D74475E216F10643C0D94B7454AF11
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KEsjFVfEQRSWf5WIyMkB7NKmAws.roa
Signing time:             Thu 16 Mar 2023 05:14:27 +0000
ROA not before:           Thu 16 Mar 2023 05:14:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e8:d7:44:75:e2:16:f1:06:43:c0:d9:4b:74:54:af:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 16 05:14:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=284b231557c44114967f9588c8c901ecd2a6030b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:84:02:b7:54:48:0f:a2:d8:da:b4:b3:0f:2c:
                    67:4f:19:27:0a:d7:54:ea:35:11:e6:76:43:f1:b7:
                    3f:3c:f3:15:91:ab:6b:01:e0:69:4b:2a:cb:a6:a8:
                    7e:7a:ff:ba:d4:7e:f7:90:db:cd:6b:93:d0:55:ac:
                    40:1d:56:e6:90:16:00:3a:15:a0:2b:7e:30:54:ee:
                    55:f7:6a:f3:52:73:80:f4:51:b6:85:ea:08:fd:f7:
                    90:1d:ef:d3:22:36:3d:38:83:89:8e:a6:52:3e:6e:
                    df:26:28:c6:02:c5:94:1c:8c:68:70:dc:46:e8:36:
                    2d:29:37:1b:16:72:89:fa:7f:f1:1a:56:8a:b4:c2:
                    60:58:ce:0f:72:36:1e:4c:1f:aa:d3:01:59:39:84:
                    4b:9f:45:19:36:6c:15:a1:60:dc:c2:4c:cd:59:a5:
                    09:b8:85:61:c2:e8:ad:ae:da:6c:7f:4f:08:77:71:
                    d6:bc:45:31:c8:56:03:a8:18:9f:e4:f0:ef:f3:56:
                    29:41:79:58:96:cd:77:59:87:74:77:ab:5d:0b:30:
                    99:48:33:0c:65:77:60:08:85:5e:6b:fa:0c:00:c7:
                    09:11:aa:c5:85:32:6f:1a:a3:0b:fe:3b:ee:68:1c:
                    74:f7:a9:5b:3b:31:a6:7e:39:e0:28:6a:ec:92:7b:
                    7d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:4B:23:15:57:C4:41:14:96:7F:95:88:C8:C9:01:EC:D2:A6:03:0B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KEsjFVfEQRSWf5WIyMkB7NKmAws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:b0:d4:e6:ce:6b:0f:e7:7d:67:aa:74:ee:31:a1:81:0f:bf:
         1a:bf:91:4c:25:a5:4f:e0:d9:03:9d:f8:e7:7b:f2:b6:93:57:
         ae:97:76:4b:0b:6b:fd:c3:71:19:53:30:9c:5d:3f:9e:c5:66:
         62:ae:13:c6:03:9f:0f:38:c2:32:db:d3:cc:65:07:a7:73:8a:
         2f:c1:25:45:c5:26:db:70:93:51:f4:6f:fc:50:ef:33:59:3d:
         07:49:f3:70:30:64:1e:a4:8f:22:e8:48:a4:7f:b8:d8:7c:47:
         d9:c0:cd:dd:69:ef:34:09:ec:8d:27:4f:a8:77:0a:75:7e:99:
         ee:ca:3f:f1:70:83:72:33:4d:88:81:d7:64:7c:ce:72:ed:1d:
         6a:da:3d:dc:58:70:37:f5:54:da:d2:a3:c5:4f:b6:be:5d:69:
         c9:21:57:0e:2e:b9:9a:51:59:10:c8:c2:a8:34:c3:c6:a3:30:
         6f:c9:c6:92:9d:06:95:df:11:aa:f8:0a:9f:c4:0e:8a:45:01:
         69:de:87:63:e1:8c:11:83:6c:a8:73:28:68:0f:cf:13:59:67:
         2a:e9:d1:54:f9:20:99:4b:2c:ee:0b:1b:66:4e:0a:85:88:37:
         61:ec:d1:dc:fb:fc:ed:20:eb:3b:83:a0:51:49:56:ad:62:12:
         8f:0c:e3:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbo10R14hbxBkPA2Ut0VK8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE2MDUxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRiMjMxNTU3YzQ0MTE0OTY3Zjk1ODhjOGM5MDFlY2QyYTYwMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYQCt1RID6LY2rSzDyxnTxknCtdU
6jUR5nZD8bc/PPMVkatrAeBpSyrLpqh+ev+61H73kNvNa5PQVaxAHVbmkBYAOhWg
K34wVO5V92rzUnOA9FG2heoI/feQHe/TIjY9OIOJjqZSPm7fJijGAsWUHIxocNxG
6DYtKTcbFnKJ+n/xGlaKtMJgWM4PcjYeTB+q0wFZOYRLn0UZNmwVoWDcwkzNWaUJ
uIVhwuitrtpsf08Id3HWvEUxyFYDqBif5PDv81YpQXlYls13WYd0d6tdCzCZSDMM
ZXdgCIVea/oMAMcJEarFhTJvGqML/jvuaBx096lbOzGmfjngKGrsknt9cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChLIxVXxEEUln+ViMjJAezSpgMLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0VzakZWZkVRUlNXZjVXSXlNa0I3TkttQXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICw1ObOaw/nfWeqdO4x
oYEPvxq/kUwlpU/g2QOd+Od78raTV66XdksLa/3DcRlTMJxdP57FZmKuE8YDnw84
wjLb08xlB6dzii/BJUXFJttwk1H0b/xQ7zNZPQdJ83AwZB6kjyLoSKR/uNh8R9nA
zd1p7zQJ7I0nT6h3CnV+me7KP/Fwg3IzTYiB12R8znLtHWraPdxYcDf1VNrSo8VP
tr5dackhVw4uuZpRWRDIwqg0w8ajMG/JxpKdBpXfEar4Cp/EDopFAWneh2PhjBGD
bKhzKGgPzxNZZyrp0VT5IJlLLO4LG2ZOCoWIN2Hs0dz7/O0g6zuDoFFJVq1iEo8M
4/g=
-----END CERTIFICATE-----