Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N6zt2jBN6Z-6vmA4T4ouLeWpx0c.roa
File:                     N6zt2jBN6Z-6vmA4T4ouLeWpx0c.roa (raw, json)
Hash identifier:          5cdnDLhFqFp9caTK1ezdoRRpNWIrjoGPMN5rxftvNY8=
Subject key identifier:   37:AC:ED:DA:30:4D:E9:9F:BA:BE:60:38:4F:8A:2E:2D:E5:A9:C7:47
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018989504813B93C19A9A97988892E2DC4DE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N6zt2jBN6Z-6vmA4T4ouLeWpx0c.roa
Signing time:             Mon 24 Jul 2023 19:11:27 +0000
ROA not before:           Mon 24 Jul 2023 19:11:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:89:50:48:13:b9:3c:19:a9:a9:79:88:89:2e:2d:c4:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 24 19:11:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37acedda304de99fbabe60384f8a2e2de5a9c747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:43:81:20:f4:dd:89:8d:64:ca:38:1f:47:6a:
                    c2:38:da:04:1c:ec:37:3b:18:c2:bb:c8:55:6e:73:
                    c8:4e:8f:db:44:47:d9:f9:1c:af:04:21:51:ca:2b:
                    f8:81:02:3d:1f:f1:dd:28:b1:1c:86:a0:d8:87:60:
                    30:62:d3:3f:b3:a1:63:2a:19:20:a9:0a:e7:97:67:
                    db:7f:52:f1:de:b3:99:31:0b:4d:51:ba:43:b0:b7:
                    29:0e:97:c6:61:1f:3c:28:53:44:40:c8:1f:58:b2:
                    71:51:31:e6:a8:3e:4e:59:ee:8d:3a:8c:77:3f:a5:
                    8c:b6:50:7f:c4:9b:00:69:45:e4:54:a1:0b:b1:dc:
                    48:66:c3:59:60:93:f2:fc:bc:57:02:76:31:a4:82:
                    2d:2f:78:02:07:5a:25:7b:a7:52:a3:0e:22:6b:31:
                    ad:9f:39:62:1c:56:93:46:9b:4f:63:80:e8:4d:16:
                    09:d1:6e:0a:c4:1f:eb:95:46:e8:ea:80:4a:9e:d1:
                    8d:78:53:ed:3b:82:98:54:7d:4d:7c:c6:ec:32:c5:
                    5c:d9:a6:c9:63:f5:f0:f9:7d:50:22:5c:17:a5:b5:
                    ab:a8:44:b8:dc:b4:61:cc:f8:a4:d1:96:29:20:1c:
                    a9:91:d4:1b:cc:1d:23:3d:61:91:7b:17:f6:79:b6:
                    a0:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AC:ED:DA:30:4D:E9:9F:BA:BE:60:38:4F:8A:2E:2D:E5:A9:C7:47
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N6zt2jBN6Z-6vmA4T4ouLeWpx0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:d5:60:04:bd:72:ea:07:2b:1a:a5:bb:fd:37:2d:d0:93:d2:
         60:3f:0f:72:39:4b:58:d3:74:0c:c8:04:b1:39:b6:25:5f:59:
         75:7c:35:b5:f4:ff:c6:d9:a1:38:f8:18:87:6a:c4:1b:31:d6:
         b8:fb:a1:12:ff:f1:34:ba:97:9d:f5:42:ef:70:d8:23:5c:33:
         e5:db:ed:3b:12:2d:59:20:db:5f:26:95:65:d2:dd:ae:27:80:
         1e:fc:cc:34:d0:5e:92:44:6a:77:a5:1d:da:c5:40:20:e6:9f:
         90:34:1e:7b:68:af:a1:a1:66:b5:de:ef:9f:4a:e1:aa:95:c0:
         43:7b:72:f6:00:3a:8a:eb:24:0d:26:ee:9b:81:a3:7e:2c:3f:
         c7:14:9a:cf:eb:bc:cc:17:ab:8c:96:08:0c:c7:7f:9b:0b:d8:
         10:a4:1c:59:97:b8:fa:41:60:8a:5a:7b:81:8c:45:96:2a:34:
         4a:3b:46:e8:c1:39:30:c5:b8:51:bf:9d:ca:43:37:25:dc:86:
         a3:18:3e:fa:22:da:a5:8d:da:cc:19:9a:9e:ad:bb:b4:9f:a8:
         4a:a2:15:c9:73:5e:b0:40:1d:2d:fc:34:f2:b9:38:47:51:92:
         37:68:e3:f5:b5:b6:52:d8:ea:8b:93:28:d1:65:08:61:25:ce:
         d8:70:83:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmJUEgTuTwZqal5iIkuLcTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI0MTkxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FjZWRkYTMwNGRlOTlmYmFiZTYwMzg0ZjhhMmUyZGU1YTljNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskOBIPTdiY1kyjgfR2rCONoEHOw3
OxjCu8hVbnPITo/bREfZ+RyvBCFRyiv4gQI9H/HdKLEchqDYh2AwYtM/s6FjKhkg
qQrnl2fbf1Lx3rOZMQtNUbpDsLcpDpfGYR88KFNEQMgfWLJxUTHmqD5OWe6NOox3
P6WMtlB/xJsAaUXkVKELsdxIZsNZYJPy/LxXAnYxpIItL3gCB1ole6dSow4iazGt
nzliHFaTRptPY4DoTRYJ0W4KxB/rlUbo6oBKntGNeFPtO4KYVH1NfMbsMsVc2abJ
Y/Xw+X1QIlwXpbWrqES43LRhzPik0ZYpIBypkdQbzB0jPWGRexf2ebagvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDes7dowTemfur5gOE+KLi3lqcdHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTjZ6dDJqQk42Wi02dm1BNFQ0b3VMZVdweDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI7VYAS9cuoHKxqlu/03
LdCT0mA/D3I5S1jTdAzIBLE5tiVfWXV8NbX0/8bZoTj4GIdqxBsx1rj7oRL/8TS6
l531Qu9w2CNcM+Xb7TsSLVkg218mlWXS3a4ngB78zDTQXpJEanelHdrFQCDmn5A0
Hntor6GhZrXe759K4aqVwEN7cvYAOorrJA0m7puBo34sP8cUms/rvMwXq4yWCAzH
f5sL2BCkHFmXuPpBYIpae4GMRZYqNEo7RujBOTDFuFG/ncpDNyXchqMYPvoi2qWN
2swZmp6tu7SfqEqiFclzXrBAHS38NPK5OEdRkjdo4/W1tlLY6ouTKNFlCGElzthw
g0o=
-----END CERTIFICATE-----