Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Re0FjjbQYDX7snG-q4CvlTEltHU.roa
File:                     Re0FjjbQYDX7snG-q4CvlTEltHU.roa (raw, json)
Hash identifier:          bS1WCrG0Ui6n1fI186bmDyfPdwfA8ak3Qksi/xXPNxU=
Subject key identifier:   45:ED:05:8E:36:D0:60:35:FB:B2:71:BE:AB:80:AF:95:31:25:B4:75
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018788E1559C4BE2650A4CFD6610C8359B23
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Re0FjjbQYDX7snG-q4CvlTEltHU.roa
Signing time:             Sun 16 Apr 2023 07:04:41 +0000
ROA not before:           Sun 16 Apr 2023 07:04:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:187:88e0:e07b/128 maxlen: 128
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:88:e1:55:9c:4b:e2:65:0a:4c:fd:66:10:c8:35:9b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 16 07:04:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=45ed058e36d06035fbb271beab80af953125b475
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:6d:7c:77:fc:a3:69:32:a3:98:5f:8a:93:db:
                    80:c8:54:39:e8:83:82:8b:3a:72:21:c1:6d:8e:30:
                    fc:39:b0:d8:f9:94:a2:41:39:a0:b4:5b:ac:8b:3e:
                    0b:6c:d2:69:4b:d3:fe:8d:7a:e4:34:9c:f9:71:4d:
                    78:44:80:e3:6a:e5:79:cb:a0:a1:a0:9d:6a:e5:ca:
                    d8:92:10:4c:c3:6a:0e:ce:3a:ac:10:59:f4:bd:44:
                    3c:57:be:ea:f0:83:41:2d:f6:bf:3b:ff:b2:4a:27:
                    d0:64:0c:c2:f5:9e:f5:50:8f:e6:f9:2c:39:18:6c:
                    19:e2:54:e3:00:93:2d:cc:12:c7:6a:97:fb:1f:7b:
                    1f:ca:8f:33:82:e4:ff:b1:5c:88:7e:0f:20:13:b4:
                    13:8c:b6:a4:d0:82:c6:d6:27:1c:28:95:62:0d:3d:
                    fd:00:71:36:fb:bb:07:1d:0a:23:9e:04:5f:72:50:
                    5d:0f:46:d6:14:5d:09:ce:35:40:35:af:e5:37:f4:
                    ce:9f:38:b1:b1:f3:5c:ba:a8:90:fd:94:73:fa:68:
                    8f:82:d2:d6:7a:71:d5:26:20:db:b5:e4:fd:be:81:
                    85:67:c8:43:a5:c7:27:c0:2f:0a:45:bd:bb:19:99:
                    e4:95:5b:b0:17:aa:22:a7:c0:01:39:f8:0d:a8:69:
                    97:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:ED:05:8E:36:D0:60:35:FB:B2:71:BE:AB:80:AF:95:31:25:B4:75
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Re0FjjbQYDX7snG-q4CvlTEltHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:64:46:d8:d3:1a:a4:c7:6d:64:2a:d8:87:82:64:19:f4:03:
         00:d7:6b:46:2b:b4:dc:36:e6:9a:da:b5:c4:cc:c8:53:6d:a7:
         89:3d:af:24:2e:e4:c0:22:97:90:45:ec:92:d2:fb:34:07:4d:
         82:5c:41:f7:d7:a8:de:a9:f5:8b:6c:21:cd:a8:26:bc:0f:33:
         91:f2:9d:92:19:9a:cd:b7:09:29:7d:e4:7f:c2:0c:f8:14:24:
         8a:7b:45:b6:1a:c8:a3:20:9c:f9:93:7c:07:44:f8:76:84:88:
         ea:2f:9a:97:69:d5:83:76:bb:32:4f:be:94:ec:c8:7a:76:df:
         80:68:61:c9:7a:63:58:a4:3b:26:47:b7:ea:e3:72:5e:01:55:
         a8:8f:a3:74:2e:0d:d3:6c:03:c7:b8:0b:0d:0a:73:bd:a2:b5:
         ec:74:5c:b6:49:98:ec:fe:f1:db:32:da:89:ab:9b:80:00:09:
         b7:32:8a:36:88:42:9e:26:fa:d5:76:b0:0a:97:d1:bd:b6:f9:
         dd:08:4a:72:9e:d5:6f:90:e1:c0:84:e4:1f:4a:34:5d:63:66:
         30:67:ef:b5:0d:85:b0:02:f7:70:34:dc:5b:28:5f:b7:d0:c4:
         7a:6c:3c:7c:81:b6:fb:2f:ba:e3:b4:51:e6:40:ae:f4:3d:4f:
         4c:da:93:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeI4VWcS+JlCkz9ZhDINZsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE2MDcwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWVkMDU4ZTM2ZDA2MDM1ZmJiMjcxYmVhYjgwYWY5NTMxMjViNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh218d/yjaTKjmF+Kk9uAyFQ56IOC
izpyIcFtjjD8ObDY+ZSiQTmgtFusiz4LbNJpS9P+jXrkNJz5cU14RIDjauV5y6Ch
oJ1q5crYkhBMw2oOzjqsEFn0vUQ8V77q8INBLfa/O/+ySifQZAzC9Z71UI/m+Sw5
GGwZ4lTjAJMtzBLHapf7H3sfyo8zguT/sVyIfg8gE7QTjLak0ILG1iccKJViDT39
AHE2+7sHHQojngRfclBdD0bWFF0JzjVANa/lN/TOnzixsfNcuqiQ/ZRz+miPgtLW
enHVJiDbteT9voGFZ8hDpccnwC8KRb27GZnklVuwF6oip8ABOfgNqGmXWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXtBY420GA1+7JxvquAr5UxJbR1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUmUwRmpqYlFZRFg3c25HLXE0Q3ZsVEVsdEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADlkRtjTGqTHbWQq2IeC
ZBn0AwDXa0YrtNw25pratcTMyFNtp4k9ryQu5MAil5BF7JLS+zQHTYJcQffXqN6p
9YtsIc2oJrwPM5HynZIZms23CSl95H/CDPgUJIp7RbYayKMgnPmTfAdE+HaEiOov
mpdp1YN2uzJPvpTsyHp234BoYcl6Y1ikOyZHt+rjcl4BVaiPo3QuDdNsA8e4Cw0K
c72itex0XLZJmOz+8dsy2omrm4AACbcyijaIQp4m+tV2sAqX0b22+d0ISnKe1W+Q
4cCE5B9KNF1jZjBn77UNhbAC93A03FsoX7fQxHpsPHyBtvsvuuO0UeZArvQ9T0za
k5o=
-----END CERTIFICATE-----