Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KsglgcjyXMVmtsCgTPvMLcsn1Us.roa
File:                     KsglgcjyXMVmtsCgTPvMLcsn1Us.roa (raw, json)
Hash identifier:          w+RlTVrpcFnsxQShYy/iyMaq+NJKPm6w6M3xMt9+2es=
Subject key identifier:   2A:C8:25:81:C8:F2:5C:C5:66:B6:C0:A0:4C:FB:CC:2D:CB:27:D5:4B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018750B0C437CCCAEEBA179B2D9DE6CC79F4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KsglgcjyXMVmtsCgTPvMLcsn1Us.roa
Signing time:             Wed 05 Apr 2023 09:12:54 +0000
ROA not before:           Wed 05 Apr 2023 09:12:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:50:b0:c4:37:cc:ca:ee:ba:17:9b:2d:9d:e6:cc:79:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  5 09:12:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ac82581c8f25cc566b6c0a04cfbcc2dcb27d54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:30:b2:7e:56:51:af:f3:f0:79:69:19:d7:ed:
                    28:47:d0:0d:ce:91:14:d1:34:85:da:73:a0:c0:33:
                    a3:04:13:bd:f2:5a:a9:91:7b:21:cc:34:3e:29:00:
                    6c:90:ab:f6:1e:b7:c7:1f:24:c2:32:a7:c9:cc:e5:
                    16:5a:7b:28:a3:d3:55:07:4b:64:20:a1:1b:76:dd:
                    48:7c:38:bb:4a:71:06:1d:df:51:16:a6:da:c2:8e:
                    2d:57:11:ae:92:31:0f:3d:79:b9:7f:d4:ed:5d:a7:
                    56:b2:04:8c:ad:ef:f5:6f:2c:8c:97:d3:d3:31:3f:
                    c0:89:bd:41:0d:79:f5:4c:8e:cc:af:6e:4d:a3:29:
                    7a:3a:5b:f6:fb:af:34:34:44:99:7c:dc:d8:1d:fb:
                    08:fc:a1:3f:3c:37:36:75:6f:b2:f7:e3:0c:07:e1:
                    b4:27:a9:a3:bb:72:36:f6:6f:82:9e:1f:e7:68:b1:
                    b9:f2:2c:68:4e:ca:46:f3:04:fb:ab:94:c4:9a:ea:
                    da:7e:d7:61:22:4d:21:99:95:95:99:fe:e5:1d:7b:
                    e3:58:cb:45:17:a0:a9:9a:fc:f5:0c:37:48:bf:5c:
                    d8:74:70:1d:11:a5:c1:25:2a:0f:58:98:a6:b8:eb:
                    3c:c2:fa:e3:67:5f:de:73:59:de:69:eb:c5:f5:ff:
                    7e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C8:25:81:C8:F2:5C:C5:66:B6:C0:A0:4C:FB:CC:2D:CB:27:D5:4B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KsglgcjyXMVmtsCgTPvMLcsn1Us.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:ec:59:21:64:7f:0f:4a:fd:11:56:4b:b5:96:78:ec:42:68:
         36:f4:00:55:60:79:62:48:1e:d6:e8:da:44:43:80:e5:03:d6:
         56:f8:54:47:c5:42:87:ec:f3:07:dd:35:92:f2:d0:a0:62:ed:
         b6:ec:e8:0a:37:2f:37:8c:9f:d1:7a:65:d0:54:1b:bd:a7:03:
         3c:a9:73:ba:37:c3:f0:61:8a:b7:ae:16:9a:83:75:6a:e7:b4:
         15:5d:c1:02:d1:97:c3:ef:a0:4c:63:90:76:46:7a:46:58:cc:
         6c:8d:7e:4d:15:1a:3d:c2:29:d0:09:b9:7e:eb:c8:2c:86:4d:
         b7:97:54:f7:98:1e:3a:79:31:3f:aa:2e:6e:8f:81:24:a4:9a:
         c1:87:7f:18:7b:92:6e:5a:eb:68:8b:3e:97:fb:31:af:31:29:
         98:bc:8f:b6:18:81:ce:5f:ce:99:59:2a:27:e2:35:a1:aa:25:
         13:75:07:90:7f:ba:88:e1:82:67:7a:a8:3b:8e:aa:35:08:e7:
         6a:bb:db:8c:4d:b5:ce:ee:4f:99:f1:0e:e7:d2:eb:9d:fb:aa:
         55:12:4e:28:02:00:d2:39:52:28:84:ff:0f:4c:71:95:a4:e7:
         f1:d4:5d:2b:fd:42:c0:2d:9c:19:45:2e:f0:a8:13:da:6b:85:
         92:ce:b1:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdQsMQ3zMruuhebLZ3mzHn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA1MDkxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM4MjU4MWM4ZjI1Y2M1NjZiNmMwYTA0Y2ZiY2MyZGNiMjdkNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDCyflZRr/PweWkZ1+0oR9ANzpEU
0TSF2nOgwDOjBBO98lqpkXshzDQ+KQBskKv2HrfHHyTCMqfJzOUWWnsoo9NVB0tk
IKEbdt1IfDi7SnEGHd9RFqbawo4tVxGukjEPPXm5f9TtXadWsgSMre/1byyMl9PT
MT/Aib1BDXn1TI7Mr25Noyl6Olv2+680NESZfNzYHfsI/KE/PDc2dW+y9+MMB+G0
J6mju3I29m+Cnh/naLG58ixoTspG8wT7q5TEmuraftdhIk0hmZWVmf7lHXvjWMtF
F6Cpmvz1DDdIv1zYdHAdEaXBJSoPWJimuOs8wvrjZ1/ec1neaevF9f9+HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrIJYHI8lzFZrbAoEz7zC3LJ9VLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3NnbGdjanlYTVZtdHNDZ1RQdk1MY3NuMVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTsWSFkfw9K/RFWS7WW
eOxCaDb0AFVgeWJIHtbo2kRDgOUD1lb4VEfFQofs8wfdNZLy0KBi7bbs6Ao3LzeM
n9F6ZdBUG72nAzypc7o3w/BhireuFpqDdWrntBVdwQLRl8PvoExjkHZGekZYzGyN
fk0VGj3CKdAJuX7ryCyGTbeXVPeYHjp5MT+qLm6PgSSkmsGHfxh7km5a62iLPpf7
Ma8xKZi8j7YYgc5fzplZKifiNaGqJRN1B5B/uojhgmd6qDuOqjUI52q724xNtc7u
T5nxDufS6537qlUSTigCANI5UiiE/w9McZWk5/HUXSv9QsAtnBlFLvCoE9prhZLO
sRI=
-----END CERTIFICATE-----