Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N1G11JsB7ilwo7Ycp82qoHleOt8.roa
File:                     N1G11JsB7ilwo7Ycp82qoHleOt8.roa (raw, json)
Hash identifier:          Y4Z0Ey7TqOmH2GlgdRGDA9OvYkYF+AC90ZYBO8j+Avk=
Subject key identifier:   37:51:B5:D4:9B:01:EE:29:70:A3:B6:1C:A7:CD:AA:A0:79:5E:3A:DF
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187F3554949277FE1D6098AABBDDC3C79BB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N1G11JsB7ilwo7Ycp82qoHleOt8.roa
Signing time:             Sat 06 May 2023 23:11:05 +0000
ROA not before:           Sat 06 May 2023 23:11:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f3:55:49:49:27:7f:e1:d6:09:8a:ab:bd:dc:3c:79:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  6 23:11:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3751b5d49b01ee2970a3b61ca7cdaaa0795e3adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:81:68:24:4a:15:e7:0c:c6:8b:43:8a:47:8d:
                    68:a8:e1:ed:31:30:73:91:d5:18:29:a8:33:7a:f5:
                    72:5d:27:5c:dd:5a:16:e7:db:fc:5b:63:ec:51:64:
                    7e:c6:a8:29:46:b6:9b:ab:f5:c3:ea:02:10:f2:49:
                    ca:a5:f9:ab:d9:98:ce:71:f0:17:60:77:b1:c1:de:
                    83:52:90:17:7e:41:cc:f9:ad:7b:46:97:73:4c:59:
                    a1:b7:37:1a:ea:09:e2:eb:f6:d4:e6:0b:b0:ac:0c:
                    34:49:e5:1f:26:59:d6:f1:22:95:81:44:d6:c7:e9:
                    31:0e:da:2f:23:70:57:61:dc:86:c2:0b:29:93:eb:
                    ca:37:86:f9:17:1f:0f:e8:ed:e6:5b:14:fe:cf:69:
                    5e:99:19:11:73:f7:2d:84:7e:31:47:30:2e:33:7a:
                    a0:cc:e7:49:89:cf:7c:be:f9:b6:cb:7d:8f:92:0f:
                    56:ea:d5:74:db:41:8f:02:44:25:4e:ed:af:31:f1:
                    4f:49:39:76:01:d6:07:7b:b4:e6:97:ee:0b:f9:a9:
                    cc:3c:c8:20:66:89:16:70:d4:38:20:f0:9b:f7:a3:
                    ca:e9:91:24:a9:19:9e:4b:4b:f7:23:7f:7f:0a:ac:
                    3a:b4:91:af:f1:51:76:2e:81:c1:c6:0e:bc:f2:6b:
                    69:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:51:B5:D4:9B:01:EE:29:70:A3:B6:1C:A7:CD:AA:A0:79:5E:3A:DF
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N1G11JsB7ilwo7Ycp82qoHleOt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:7c:37:d1:a7:78:1e:33:a5:b4:a3:da:72:87:86:98:b6:79:
         c2:c7:e6:15:22:41:9b:15:5d:89:c8:61:80:20:5d:36:2a:de:
         08:2d:08:62:46:24:8d:7d:07:35:cb:92:df:b8:91:82:17:f1:
         d8:ca:d0:90:83:74:6c:5c:92:e4:41:a4:56:fd:a6:fe:50:f8:
         a3:69:26:4b:e7:7d:82:e8:86:be:62:2c:4a:34:26:f5:05:34:
         02:f7:ed:9d:58:ad:a4:64:66:cc:1f:3d:b9:fe:78:5d:8b:77:
         18:12:70:cc:40:fd:a9:86:38:29:38:a6:fe:20:b8:d2:77:fd:
         4d:55:8c:e4:5d:82:4d:6b:52:3a:f3:71:ae:95:36:6f:ae:9c:
         59:f4:c8:45:f2:62:81:b5:34:13:13:3d:b9:70:ee:9b:fb:93:
         7f:12:bd:e5:40:dd:c9:dc:38:2e:22:25:8f:00:87:64:fb:81:
         b2:54:c6:90:09:90:4a:83:4c:94:bf:17:e5:56:91:18:6a:e7:
         c7:36:23:4b:cc:14:62:5e:aa:e3:6b:a0:3d:df:02:4a:e0:b5:
         68:b0:49:35:9b:eb:66:5f:2d:9d:9c:44:34:00:1c:54:e2:b5:
         cf:4d:df:f5:07:9e:18:be:74:9d:4b:38:27:ce:0d:81:a0:0f:
         10:f3:a5:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfzVUlJJ3/h1gmKq73cPHm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA2MjMxMTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUxYjVkNDliMDFlZTI5NzBhM2I2MWNhN2NkYWFhMDc5NWUzYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4FoJEoV5wzGi0OKR41oqOHtMTBz
kdUYKagzevVyXSdc3VoW59v8W2PsUWR+xqgpRrabq/XD6gIQ8knKpfmr2ZjOcfAX
YHexwd6DUpAXfkHM+a17RpdzTFmhtzca6gni6/bU5guwrAw0SeUfJlnW8SKVgUTW
x+kxDtovI3BXYdyGwgspk+vKN4b5Fx8P6O3mWxT+z2lemRkRc/cthH4xRzAuM3qg
zOdJic98vvm2y32Pkg9W6tV020GPAkQlTu2vMfFPSTl2AdYHe7Tml+4L+anMPMgg
ZokWcNQ4IPCb96PK6ZEkqRmeS0v3I39/Cqw6tJGv8VF2LoHBxg688mtpswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDdRtdSbAe4pcKO2HKfNqqB5XjrfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTjFHMTFKc0I3aWx3bzdZY3A4MnFvSGxlT3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHR8N9GneB4zpbSj2nKH
hpi2ecLH5hUiQZsVXYnIYYAgXTYq3ggtCGJGJI19BzXLkt+4kYIX8djK0JCDdGxc
kuRBpFb9pv5Q+KNpJkvnfYLohr5iLEo0JvUFNAL37Z1YraRkZswfPbn+eF2LdxgS
cMxA/amGOCk4pv4guNJ3/U1VjORdgk1rUjrzca6VNm+unFn0yEXyYoG1NBMTPblw
7pv7k38SveVA3cncOC4iJY8Ah2T7gbJUxpAJkEqDTJS/F+VWkRhq58c2I0vMFGJe
quNroD3fAkrgtWiwSTWb62ZfLZ2cRDQAHFTitc9N3/UHnhi+dJ1LOCfODYGgDxDz
pdA=
-----END CERTIFICATE-----