Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S7e2UjPcURf4Lsnh7tfhZGrWxhM.roa
File:                     S7e2UjPcURf4Lsnh7tfhZGrWxhM.roa (raw, json)
Hash identifier:          MU3kirDiD/z6zUnZskowy+r658MEkA7lTW+HA5Y0urQ=
Subject key identifier:   4B:B7:B6:52:33:DC:51:17:F8:2E:C9:E1:EE:D7:E1:64:6A:D6:C6:13
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018897E85ECF7F1B90CBB5CCA37E862B38BB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S7e2UjPcURf4Lsnh7tfhZGrWxhM.roa
Signing time:             Wed 07 Jun 2023 22:09:28 +0000
ROA not before:           Wed 07 Jun 2023 22:09:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:97:e8:5e:cf:7f:1b:90:cb:b5:cc:a3:7e:86:2b:38:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  7 22:09:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bb7b65233dc5117f82ec9e1eed7e1646ad6c613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0e:50:20:ac:b7:e2:5f:5d:4a:29:e3:1d:0d:
                    3f:9a:69:91:e6:27:12:7d:31:b5:16:51:a9:78:05:
                    7a:39:4d:81:b2:8b:cc:d8:81:2c:a4:22:41:93:ff:
                    88:e1:8e:b1:3a:49:71:46:ab:38:9c:76:7b:e0:24:
                    c3:1c:2a:bf:2a:28:f9:01:29:ef:d0:e3:92:ee:fe:
                    a9:6b:cc:58:25:8c:b8:fd:95:94:6f:8e:78:5f:26:
                    3a:35:6d:08:21:78:59:e0:67:6e:5e:d0:52:76:38:
                    e2:00:02:c5:41:74:8d:9e:fc:f1:e6:41:e8:ea:29:
                    88:c8:1c:01:76:eb:21:d3:0f:01:58:f3:38:b6:d7:
                    6b:41:67:07:5d:bf:a0:6c:c8:ac:7e:95:3e:ac:f2:
                    1d:82:2a:ca:b4:e7:25:cb:36:8a:db:3a:52:6e:00:
                    9f:93:68:7b:2d:44:80:98:9f:a6:59:84:63:c7:05:
                    8f:f4:6f:b5:f6:64:3e:05:18:5b:90:43:b6:a8:18:
                    19:81:97:3d:af:06:e1:fc:8b:12:e5:98:5d:b3:29:
                    a8:21:65:8c:41:08:9f:bd:7b:30:ad:99:06:94:a0:
                    1d:7f:01:96:de:5f:88:bf:e5:6d:5c:9b:e7:cc:93:
                    db:6e:53:a8:65:ec:a9:1a:61:aa:43:e4:38:2d:b4:
                    cc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:B7:B6:52:33:DC:51:17:F8:2E:C9:E1:EE:D7:E1:64:6A:D6:C6:13
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S7e2UjPcURf4Lsnh7tfhZGrWxhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:1d:04:92:d6:55:d6:6e:ff:67:98:fb:f6:53:aa:e0:4b:ed:
         7b:82:0d:d0:68:57:33:27:8c:37:90:fe:3c:a1:22:32:07:ca:
         0e:94:3a:e7:ef:c8:48:38:23:1c:fe:7d:9c:69:d6:42:ce:95:
         9f:cb:5f:ff:bd:63:74:a6:c6:7f:3b:47:60:c1:10:fc:2f:99:
         35:b4:02:ca:76:45:df:9f:ef:03:6c:91:c8:b0:75:28:72:f1:
         01:0f:e9:ce:60:d0:07:45:d4:fe:32:dc:6e:a6:ef:05:3b:1b:
         e9:be:cd:a3:3f:33:be:21:01:61:9d:93:a2:c4:c7:a1:62:19:
         0b:57:9c:dc:98:4f:51:49:91:b5:04:bc:a4:36:fb:7b:58:1f:
         78:06:c0:56:7d:6b:35:7a:7d:81:a3:6c:5c:d9:f2:96:2c:26:
         1c:f4:65:a0:7c:c3:5e:4a:cb:76:f4:b6:25:b7:ad:1c:e3:6c:
         38:32:48:a1:46:df:69:ce:ba:d9:26:fc:ce:85:6f:e8:5b:83:
         08:22:7a:7b:b0:69:c8:b8:97:23:f8:82:12:b1:39:70:8f:8c:
         04:62:09:b0:93:95:42:5c:78:3e:e7:11:34:b9:5a:78:86:05:
         80:e8:92:a5:17:56:01:03:77:d4:02:40:61:58:a3:a1:70:6c:
         d5:a5:ca:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiX6F7PfxuQy7XMo36GKzi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA3MjIwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI3YjY1MjMzZGM1MTE3ZjgyZWM5ZTFlZWQ3ZTE2NDZhZDZjNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA5QIKy34l9dSinjHQ0/mmmR5icS
fTG1FlGpeAV6OU2BsovM2IEspCJBk/+I4Y6xOklxRqs4nHZ74CTDHCq/Kij5ASnv
0OOS7v6pa8xYJYy4/ZWUb454XyY6NW0IIXhZ4GduXtBSdjjiAALFQXSNnvzx5kHo
6imIyBwBdush0w8BWPM4ttdrQWcHXb+gbMisfpU+rPIdgirKtOclyzaK2zpSbgCf
k2h7LUSAmJ+mWYRjxwWP9G+19mQ+BRhbkEO2qBgZgZc9rwbh/IsS5ZhdsymoIWWM
QQifvXswrZkGlKAdfwGW3l+Iv+VtXJvnzJPbblOoZeypGmGqQ+Q4LbTMdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEu3tlIz3FEX+C7J4e7X4WRq1sYTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUzdlMlVqUGNVUmY0THNuaDd0ZmhaR3JXeGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUdBJLWVdZu/2eY+/ZT
quBL7XuCDdBoVzMnjDeQ/jyhIjIHyg6UOufvyEg4Ixz+fZxp1kLOlZ/LX/+9Y3Sm
xn87R2DBEPwvmTW0Asp2Rd+f7wNskciwdShy8QEP6c5g0AdF1P4y3G6m7wU7G+m+
zaM/M74hAWGdk6LEx6FiGQtXnNyYT1FJkbUEvKQ2+3tYH3gGwFZ9azV6fYGjbFzZ
8pYsJhz0ZaB8w15Ky3b0tiW3rRzjbDgySKFG32nOutkm/M6Fb+hbgwgienuwaci4
lyP4ghKxOXCPjARiCbCTlUJceD7nETS5WniGBYDokqUXVgEDd9QCQGFYo6FwbNWl
yuw=
-----END CERTIFICATE-----