Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Kp1-vmLWcAMuh8IN5V7dLKQDPsE.roa
File:                     Kp1-vmLWcAMuh8IN5V7dLKQDPsE.roa (raw, json)
Hash identifier:          TeYES7Y2HAuAniWauonc01sJbD+PjNzW6MgoKydcKHA=
Subject key identifier:   2A:9D:7E:BE:62:D6:70:03:2E:87:C2:0D:E5:5E:DD:2C:A4:03:3E:C1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018962440529BD73B8128144FF9175CEFABA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Kp1-vmLWcAMuh8IN5V7dLKQDPsE.roa
Signing time:             Mon 17 Jul 2023 05:12:52 +0000
ROA not before:           Mon 17 Jul 2023 05:12:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:62:44:05:29:bd:73:b8:12:81:44:ff:91:75:ce:fa:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 17 05:12:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a9d7ebe62d670032e87c20de55edd2ca4033ec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:51:c0:b0:fe:d8:86:4d:45:fe:12:9e:e8:5a:
                    18:67:33:ea:3f:27:54:12:0c:80:21:23:6b:23:4f:
                    c8:98:f5:2f:2d:c9:13:f3:cd:d4:13:c2:b4:de:24:
                    57:02:ac:3b:6a:ed:9c:3c:71:a3:fb:4b:fb:9d:73:
                    16:df:7f:76:ea:e0:91:22:bc:e3:ca:1f:f7:c6:f4:
                    5a:50:83:c0:01:ce:6e:83:e7:ab:70:cd:f9:14:e9:
                    32:b8:ec:09:15:e8:72:0b:4e:49:e2:74:ff:6d:8d:
                    35:88:f1:40:c1:4c:88:d8:0b:41:b5:db:27:2b:a1:
                    db:4c:24:a7:06:bf:d9:c1:39:21:67:df:94:8c:97:
                    7c:7d:b1:24:13:ec:80:4d:06:a3:f2:d5:a1:3e:ab:
                    c8:b3:63:ee:eb:f6:52:0d:78:40:30:df:ec:3b:25:
                    56:43:e0:1d:95:ad:32:be:71:23:66:06:22:e6:0b:
                    c4:18:46:94:03:8c:93:eb:e1:ae:91:8a:ae:e3:f4:
                    aa:66:77:42:5c:0c:f9:69:5a:0e:b0:fd:32:c6:ef:
                    c5:79:54:3c:7e:14:52:a8:e9:c1:f8:1b:aa:aa:a0:
                    d9:98:a6:17:64:c5:d6:e2:cc:fd:b5:b2:d8:a8:b4:
                    2b:bb:71:85:60:e5:6e:81:13:11:5a:f6:bc:0d:c3:
                    79:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9D:7E:BE:62:D6:70:03:2E:87:C2:0D:E5:5E:DD:2C:A4:03:3E:C1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Kp1-vmLWcAMuh8IN5V7dLKQDPsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:99:5e:8f:1f:2f:63:40:b4:a6:3c:6a:19:e6:c8:0e:a2:72:
         98:01:92:01:6e:1f:4f:d4:01:68:d6:03:96:67:46:a6:2c:37:
         b9:9b:9a:61:99:d9:9e:ac:19:6b:11:73:d3:41:16:b0:9c:f5:
         86:21:20:9e:0f:b2:d5:07:0a:73:2f:81:59:f3:63:65:79:43:
         38:fa:ff:b2:c9:b3:81:a9:4f:c1:af:fe:84:78:db:dc:21:d0:
         56:1d:f4:e4:af:66:b6:a2:d3:67:99:4c:83:59:16:48:bd:2c:
         1c:f6:a0:41:b2:6b:c9:6f:9f:be:fa:9c:e4:d6:33:55:2a:23:
         40:e3:a4:88:78:3e:d5:25:44:09:33:9c:fe:1c:f7:7a:80:49:
         fd:b7:9c:4b:48:b3:fe:e5:ea:da:13:4d:90:5b:ed:e7:ac:67:
         c3:8b:b2:f9:27:60:ce:60:04:a1:dc:1d:c7:7e:47:d4:31:c6:
         5c:4e:cb:ad:df:b6:ed:81:87:7b:50:87:9a:12:86:83:56:17:
         a3:49:46:60:8f:c8:f2:33:cd:35:09:77:b0:0c:54:9a:cd:86:
         78:de:7a:29:19:5b:e7:c9:12:a0:75:c6:23:24:1c:5e:d5:01:
         04:38:36:d5:56:a7:17:a9:73:23:85:81:c8:1e:3e:2a:2b:b6:
         32:40:b6:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYliRAUpvXO4EoFE/5F1zvq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE3MDUxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTlkN2ViZTYyZDY3MDAzMmU4N2MyMGRlNTVlZGQyY2E0MDMzZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1HAsP7Yhk1F/hKe6FoYZzPqPydU
EgyAISNrI0/ImPUvLckT883UE8K03iRXAqw7au2cPHGj+0v7nXMW33926uCRIrzj
yh/3xvRaUIPAAc5ug+ercM35FOkyuOwJFehyC05J4nT/bY01iPFAwUyI2AtBtdsn
K6HbTCSnBr/ZwTkhZ9+UjJd8fbEkE+yATQaj8tWhPqvIs2Pu6/ZSDXhAMN/sOyVW
Q+Adla0yvnEjZgYi5gvEGEaUA4yT6+GukYqu4/SqZndCXAz5aVoOsP0yxu/FeVQ8
fhRSqOnB+BuqqqDZmKYXZMXW4sz9tbLYqLQru3GFYOVugRMRWva8DcN5IQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCqdfr5i1nADLofCDeVe3SykAz7BMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3AxLXZtTFdjQU11aDhJTjVWN2RMS1FEUHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADmZXo8fL2NAtKY8ahnm
yA6icpgBkgFuH0/UAWjWA5ZnRqYsN7mbmmGZ2Z6sGWsRc9NBFrCc9YYhIJ4PstUH
CnMvgVnzY2V5Qzj6/7LJs4GpT8Gv/oR429wh0FYd9OSvZrai02eZTINZFki9LBz2
oEGya8lvn776nOTWM1UqI0DjpIh4PtUlRAkznP4c93qASf23nEtIs/7l6toTTZBb
7eesZ8OLsvknYM5gBKHcHcd+R9QxxlxOy63ftu2Bh3tQh5oShoNWF6NJRmCPyPIz
zTUJd7AMVJrNhnjeeikZW+fJEqB1xiMkHF7VAQQ4NtVWpxepcyOFgcgePiortjJA
tpE=
-----END CERTIFICATE-----