Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KceqSlrQO7KwvQnvbCJ77IqDqMM.roa
File:                     KceqSlrQO7KwvQnvbCJ77IqDqMM.roa (raw, json)
Hash identifier:          cr8jm7/KYvVzdNQBUI9I8gVQlzW7T1TOEqYFKFXA7dM=
Subject key identifier:   29:C7:AA:4A:5A:D0:3B:B2:B0:BD:09:EF:6C:22:7B:EC:8A:83:A8:C3
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187E89948AE4DE631AB945C489759E76F2D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KceqSlrQO7KwvQnvbCJ77IqDqMM.roa
Signing time:             Thu 04 May 2023 21:09:32 +0000
ROA not before:           Thu 04 May 2023 21:09:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e8:99:48:ae:4d:e6:31:ab:94:5c:48:97:59:e7:6f:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  4 21:09:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29c7aa4a5ad03bb2b0bd09ef6c227bec8a83a8c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:fc:08:04:35:54:34:6a:90:e4:7d:68:8b:37:
                    b7:53:43:d3:67:ae:f1:8f:69:a1:2e:b0:80:b9:76:
                    8c:7e:d2:3e:fd:7b:eb:58:01:80:60:d9:f4:da:be:
                    15:e3:70:76:98:49:b6:b6:28:6f:1c:bd:dd:2c:4b:
                    18:62:cd:3a:26:6f:c4:9c:82:93:a1:f5:07:af:80:
                    5a:bb:ed:9e:da:c9:a6:25:76:e7:61:63:bb:ad:2b:
                    1f:b2:e2:5c:6f:48:30:ba:9e:87:33:0c:73:1e:13:
                    93:45:08:8f:e4:6d:c1:d9:36:03:15:18:49:7f:9c:
                    2f:75:81:70:13:31:9a:17:5e:63:c4:d1:1f:de:c4:
                    87:ce:52:7f:88:7c:51:6c:b7:a3:16:cf:0c:31:34:
                    28:a0:b1:ab:0e:a5:a8:af:3a:e0:3e:38:81:00:8a:
                    cd:bc:7a:7b:d2:bc:17:2d:02:00:cb:84:43:22:04:
                    ee:52:d3:f9:7c:b8:be:63:0c:54:df:b3:4a:16:59:
                    4a:89:73:1b:c5:4b:05:20:60:c9:fe:cb:09:e5:c5:
                    f4:97:b6:2b:b5:71:cd:2e:88:7f:33:b5:22:53:d7:
                    5f:75:23:68:38:37:a9:e1:be:1f:a2:e5:2b:3a:bc:
                    1b:8e:ec:7d:02:75:cc:dd:d2:1b:21:36:e3:17:92:
                    33:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:C7:AA:4A:5A:D0:3B:B2:B0:BD:09:EF:6C:22:7B:EC:8A:83:A8:C3
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KceqSlrQO7KwvQnvbCJ77IqDqMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:44:cb:73:f5:87:f5:1c:22:d2:1f:fc:0b:93:3f:0a:bf:5b:
         2e:33:fa:2a:d9:06:75:15:cc:ea:7b:73:0e:56:c9:4f:fc:52:
         66:41:b7:cb:0b:2d:ba:43:70:1b:09:14:80:e9:77:fd:8a:60:
         5b:d5:b5:a6:98:9b:eb:df:49:03:58:16:a3:5d:d4:dd:ac:d0:
         10:3a:de:30:46:dd:de:e1:b7:f5:21:77:36:b9:d0:1f:36:60:
         a8:22:69:d7:39:6a:39:b9:96:95:6b:29:bc:e6:73:09:c3:b6:
         48:70:d6:24:b1:41:53:1d:46:c3:7b:3b:a4:c5:f5:96:40:20:
         d9:92:7e:45:c7:07:6d:33:8f:21:97:12:ee:ec:1e:08:95:8e:
         9c:97:eb:b2:de:41:da:49:fc:6f:a0:eb:83:73:de:dd:dd:55:
         7a:e0:6d:3f:6c:61:5c:ee:b6:d9:b2:a2:8e:99:31:a0:e7:6d:
         fb:d4:48:f5:bf:df:b3:ad:81:e2:8b:b8:7c:cb:e9:47:07:71:
         1a:dd:cb:40:c2:d0:59:83:3d:a1:1c:21:98:16:c6:dd:a6:5a:
         0d:97:70:59:7b:ad:fc:bb:7a:89:f0:a2:1a:2a:37:b3:da:a6:
         43:ee:72:c8:da:dd:6a:80:b6:5c:84:d2:04:2a:39:3f:95:98:
         3b:7c:74:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfomUiuTeYxq5RcSJdZ528tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA0MjEwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM3YWE0YTVhZDAzYmIyYjBiZDA5ZWY2YzIyN2JlYzhhODNhOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPwIBDVUNGqQ5H1oize3U0PTZ67x
j2mhLrCAuXaMftI+/XvrWAGAYNn02r4V43B2mEm2tihvHL3dLEsYYs06Jm/EnIKT
ofUHr4Bau+2e2smmJXbnYWO7rSsfsuJcb0gwup6HMwxzHhOTRQiP5G3B2TYDFRhJ
f5wvdYFwEzGaF15jxNEf3sSHzlJ/iHxRbLejFs8MMTQooLGrDqWorzrgPjiBAIrN
vHp70rwXLQIAy4RDIgTuUtP5fLi+YwxU37NKFllKiXMbxUsFIGDJ/ssJ5cX0l7Yr
tXHNLoh/M7UiU9dfdSNoODep4b4fouUrOrwbjux9AnXM3dIbITbjF5IzjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnHqkpa0DuysL0J72wie+yKg6jDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2NlcVNsclFPN0t3dlFudmJDSjc3SXFEcU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFpEy3P1h/UcItIf/AuT
Pwq/Wy4z+irZBnUVzOp7cw5WyU/8UmZBt8sLLbpDcBsJFIDpd/2KYFvVtaaYm+vf
SQNYFqNd1N2s0BA63jBG3d7ht/Uhdza50B82YKgiadc5ajm5lpVrKbzmcwnDtkhw
1iSxQVMdRsN7O6TF9ZZAINmSfkXHB20zjyGXEu7sHgiVjpyX67LeQdpJ/G+g64Nz
3t3dVXrgbT9sYVzuttmyoo6ZMaDnbfvUSPW/37OtgeKLuHzL6UcHcRrdy0DC0FmD
PaEcIZgWxt2mWg2XcFl7rfy7eonwohoqN7PapkPucsja3WqAtlyE0gQqOT+VmDt8
dO8=
-----END CERTIFICATE-----