Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PTUDRSVb43MWGqzEbaMkPJ2Dys4.roa
File:                     PTUDRSVb43MWGqzEbaMkPJ2Dys4.roa (raw, json)
Hash identifier:          UkaCWy3xFOkyjE6/2ghXlklvp+tXEinVvbFUJeMoOYA=
Subject key identifier:   3D:35:03:45:25:5B:E3:73:16:1A:AC:C4:6D:A3:24:3C:9D:83:CA:CE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187D8B91EF248EA88C19641624A593F8095
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PTUDRSVb43MWGqzEbaMkPJ2Dys4.roa
Signing time:             Mon 01 May 2023 19:10:23 +0000
ROA not before:           Mon 01 May 2023 19:10:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d8:b9:1e:f2:48:ea:88:c1:96:41:62:4a:59:3f:80:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  1 19:10:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d350345255be373161aacc46da3243c9d83cace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f5:30:4e:12:ee:22:2e:b3:f1:99:3a:47:95:
                    fc:5a:61:61:73:9c:78:ad:47:c7:84:06:85:f7:dd:
                    21:8c:a7:0d:33:ee:c3:1d:46:71:14:b5:c6:bf:5e:
                    6b:2a:ea:80:7b:2f:f5:df:f0:26:86:b9:55:b5:d6:
                    44:ae:b8:47:48:d1:fb:cf:f2:89:82:56:62:4b:66:
                    b2:7a:03:0b:68:99:fc:23:b0:1a:71:08:7c:e7:86:
                    84:73:bd:26:d6:02:1e:72:06:d8:8d:63:35:3d:4f:
                    53:22:f8:bf:bf:2d:60:de:f8:9a:91:ba:e0:e2:a1:
                    00:64:f7:01:ce:3d:69:d2:1e:77:3d:59:c5:f0:5c:
                    5f:cc:93:5b:b7:26:6a:11:a8:38:76:00:f1:df:f5:
                    dd:12:2c:d3:75:60:f3:28:ef:cb:23:ff:51:2d:ea:
                    20:54:b9:bd:02:07:d2:e9:b4:c2:16:c3:61:b4:5c:
                    fa:f7:8e:e2:82:02:23:15:af:4d:bc:95:55:16:69:
                    6d:3a:ba:19:99:a9:53:e8:ac:21:5d:32:47:73:63:
                    6b:f3:27:ab:b2:8a:4f:63:4a:73:b0:f5:ac:cb:ac:
                    e5:44:7a:b6:1c:44:f9:b2:be:90:ae:c1:c0:8b:b1:
                    37:2b:db:f4:93:6d:58:f7:3d:ec:bf:33:21:f8:56:
                    9f:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:35:03:45:25:5B:E3:73:16:1A:AC:C4:6D:A3:24:3C:9D:83:CA:CE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PTUDRSVb43MWGqzEbaMkPJ2Dys4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:b5:d0:39:a4:80:14:d2:aa:53:94:62:9e:0a:21:84:b6:a0:
         5b:b9:01:2a:e0:5e:8e:40:5c:40:b3:52:33:50:64:db:cc:32:
         a8:a7:5a:88:33:97:1f:87:cf:77:44:4a:93:5c:6a:6f:87:21:
         1c:20:e9:57:9b:79:50:58:ed:3a:67:8b:00:00:aa:9a:26:6a:
         51:fd:1b:78:82:9e:ca:e8:f2:fa:d8:eb:6f:fd:76:f3:48:da:
         bc:3d:89:61:f3:08:8d:a1:4d:8d:49:f7:04:1a:62:68:2b:3b:
         7b:04:7a:32:ed:58:24:c1:a1:18:f7:57:08:e8:9a:30:2a:24:
         b3:bb:69:58:e9:8a:26:ab:67:b6:26:6d:c2:c1:04:5d:71:c6:
         27:6b:46:21:2a:dd:5a:17:22:81:23:c8:6e:53:d3:cb:b7:8b:
         fa:e1:94:83:9c:cb:af:a2:53:bb:79:1e:e4:0a:42:6c:ab:d1:
         14:47:4b:a7:fa:c7:f5:30:2b:95:d4:ac:02:78:27:c0:ce:59:
         de:2d:7f:fe:5a:c9:ef:a9:1f:dd:ee:0f:93:4c:be:72:c4:01:
         00:7c:7f:d1:36:d7:80:9c:34:b2:71:86:aa:e8:1e:71:7e:10:
         b9:8e:dc:05:31:57:f3:67:d7:e9:9c:1e:9e:90:e5:cc:95:fa:
         57:ec:e5:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfYuR7ySOqIwZZBYkpZP4CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAxMTkxMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM1MDM0NTI1NWJlMzczMTYxYWFjYzQ2ZGEzMjQzYzlkODNjYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fUwThLuIi6z8Zk6R5X8WmFhc5x4
rUfHhAaF990hjKcNM+7DHUZxFLXGv15rKuqAey/13/AmhrlVtdZErrhHSNH7z/KJ
glZiS2ayegMLaJn8I7AacQh854aEc70m1gIecgbYjWM1PU9TIvi/vy1g3viakbrg
4qEAZPcBzj1p0h53PVnF8FxfzJNbtyZqEag4dgDx3/XdEizTdWDzKO/LI/9RLeog
VLm9AgfS6bTCFsNhtFz6947iggIjFa9NvJVVFmltOroZmalT6KwhXTJHc2Nr8yer
sopPY0pzsPWsy6zlRHq2HET5sr6QrsHAi7E3K9v0k21Y9z3svzMh+FafEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD01A0UlW+NzFhqsxG2jJDydg8rOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFRVRFJTVmI0M01XR3F6RWJhTWtQSjJEeXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABe10DmkgBTSqlOUYp4K
IYS2oFu5ASrgXo5AXECzUjNQZNvMMqinWogzlx+Hz3dESpNcam+HIRwg6VebeVBY
7TpniwAAqpomalH9G3iCnsro8vrY62/9dvNI2rw9iWHzCI2hTY1J9wQaYmgrO3sE
ejLtWCTBoRj3VwjomjAqJLO7aVjpiiarZ7YmbcLBBF1xxidrRiEq3VoXIoEjyG5T
08u3i/rhlIOcy6+iU7t5HuQKQmyr0RRHS6f6x/UwK5XUrAJ4J8DOWd4tf/5aye+p
H93uD5NMvnLEAQB8f9E214CcNLJxhqroHnF+ELmO3AUxV/Nn1+mcHp6Q5cyV+lfs
5X8=
-----END CERTIFICATE-----