Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L0VyIpYBmkPzwdi6criKbV0GtDA.roa
File:                     L0VyIpYBmkPzwdi6criKbV0GtDA.roa (raw, json)
Hash identifier:          it+qUkZLBxowY17x1ncMgSyMsSQAQYD2okJ4qp37Xe0=
Subject key identifier:   2F:45:72:22:96:01:9A:43:F3:C1:D8:BA:72:B8:8A:6D:5D:06:B4:30
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188B6CFFB1BB167987142C084782BE98B93
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L0VyIpYBmkPzwdi6criKbV0GtDA.roa
Signing time:             Tue 13 Jun 2023 22:11:03 +0000
ROA not before:           Tue 13 Jun 2023 22:11:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b6:cf:fb:1b:b1:67:98:71:42:c0:84:78:2b:e9:8b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 13 22:11:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f45722296019a43f3c1d8ba72b88a6d5d06b430
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:8d:a9:3e:b2:80:0b:e2:c3:16:be:25:b3:57:
                    db:2f:4e:35:37:92:11:19:24:13:7b:72:c9:f0:e1:
                    db:1b:54:ef:ab:52:22:2f:74:51:06:23:88:de:12:
                    27:26:1c:9f:bf:bf:a3:00:4c:68:ea:85:43:b5:f8:
                    f0:0a:7a:6b:b8:43:73:82:69:54:d2:ac:cb:83:79:
                    82:f3:2c:0c:f9:62:1b:4f:87:cc:d6:75:05:c6:ec:
                    0d:4f:cb:10:52:39:04:0e:b4:59:bf:e9:5d:c9:d2:
                    a7:84:4b:3d:43:71:69:ae:19:49:b0:ad:1b:6b:16:
                    b2:ee:2c:66:b1:5c:92:9c:60:fd:c6:48:3c:d9:4a:
                    16:26:e7:be:d8:2d:2a:9d:d0:8b:fc:50:d4:86:b2:
                    3f:f0:f4:a6:f3:bc:d3:f1:b6:e6:62:a4:22:c5:a6:
                    29:ae:3c:c8:5c:7d:df:fe:c9:fb:6d:9b:67:7d:d4:
                    83:fd:35:ca:ec:e1:db:74:80:5e:8a:43:26:08:c5:
                    49:2e:14:13:65:4b:f0:63:a8:a0:50:a6:63:85:57:
                    15:8a:27:ae:a8:38:b3:f5:d0:8c:f9:0a:b1:ea:1f:
                    6c:12:22:dd:fa:2e:85:2b:b8:3d:c4:71:66:45:6d:
                    ee:01:5d:57:7a:84:d8:c7:54:26:ae:22:b4:89:7d:
                    c5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:45:72:22:96:01:9A:43:F3:C1:D8:BA:72:B8:8A:6D:5D:06:B4:30
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L0VyIpYBmkPzwdi6criKbV0GtDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:c6:f5:f9:4e:25:62:45:fb:63:8a:d0:f4:d3:83:df:12:4f:
         da:02:74:53:23:41:25:1b:95:05:eb:09:c4:1f:dd:19:f3:f8:
         88:a3:fe:36:6f:2b:b6:c9:df:40:d8:39:11:63:f3:03:20:b4:
         d2:0b:1c:e8:7f:01:d8:49:a1:80:28:5f:2a:bd:de:20:b8:ee:
         5f:42:71:7c:ea:8a:84:2e:de:f6:a6:6a:09:1c:4d:c6:d9:2e:
         e3:8c:74:aa:b7:9d:3d:d2:d2:73:ac:2b:9e:fc:0a:6c:16:96:
         8b:7c:06:92:2e:3a:2b:27:5f:5f:8c:8c:23:31:04:3f:a5:ac:
         8f:27:58:cf:b6:c4:ff:4e:66:a1:4a:67:82:4d:53:1c:e6:9e:
         95:b0:21:02:3a:18:c5:be:23:95:53:05:aa:ca:37:2a:d7:e6:
         65:75:b7:c5:ce:a0:43:36:77:fe:1e:40:e8:c9:be:1e:99:1c:
         a0:91:56:e1:6f:5c:c8:5c:e8:ab:4a:98:d3:08:6e:af:7d:a1:
         84:65:ea:85:47:04:3d:15:77:8d:aa:34:cc:3b:77:64:53:15:
         23:a9:80:4c:b2:3a:ed:13:f3:6b:0e:87:fd:24:f8:9f:c0:17:
         95:a6:cd:e2:d4:92:0c:f3:29:86:08:7d:49:72:34:47:21:6f:
         ae:12:d1:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi2z/sbsWeYcULAhHgr6YuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEzMjIxMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQ1NzIyMjk2MDE5YTQzZjNjMWQ4YmE3MmI4OGE2ZDVkMDZiNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl42pPrKAC+LDFr4ls1fbL041N5IR
GSQTe3LJ8OHbG1Tvq1IiL3RRBiOI3hInJhyfv7+jAExo6oVDtfjwCnpruENzgmlU
0qzLg3mC8ywM+WIbT4fM1nUFxuwNT8sQUjkEDrRZv+ldydKnhEs9Q3FprhlJsK0b
axay7ixmsVySnGD9xkg82UoWJue+2C0qndCL/FDUhrI/8PSm87zT8bbmYqQixaYp
rjzIXH3f/sn7bZtnfdSD/TXK7OHbdIBeikMmCMVJLhQTZUvwY6igUKZjhVcViieu
qDiz9dCM+Qqx6h9sEiLd+i6FK7g9xHFmRW3uAV1XeoTYx1QmriK0iX3F5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC9FciKWAZpD88HYunK4im1dBrQwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTDBWeUlwWUJta1B6d2RpNmNyaUtiVjBHdERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHfG9flOJWJF+2OK0PTT
g98ST9oCdFMjQSUblQXrCcQf3Rnz+Iij/jZvK7bJ30DYORFj8wMgtNILHOh/AdhJ
oYAoXyq93iC47l9CcXzqioQu3vamagkcTcbZLuOMdKq3nT3S0nOsK578CmwWlot8
BpIuOisnX1+MjCMxBD+lrI8nWM+2xP9OZqFKZ4JNUxzmnpWwIQI6GMW+I5VTBarK
NyrX5mV1t8XOoEM2d/4eQOjJvh6ZHKCRVuFvXMhc6KtKmNMIbq99oYRl6oVHBD0V
d42qNMw7d2RTFSOpgEyyOu0T82sOh/0k+J/AF5WmzeLUkgzzKYYIfUlyNEchb64S
0QI=
-----END CERTIFICATE-----