Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UiThEcHacxYKy_KlDyvAfokG9Zc.roa
File:                     UiThEcHacxYKy_KlDyvAfokG9Zc.roa (raw, json)
Hash identifier:          hmiI+FPuC+w2PelJin7dAwBluo4A1KbXn+MIJ3CU3RY=
Subject key identifier:   52:24:E1:11:C1:DA:73:16:0A:CB:F2:A5:0F:2B:C0:7E:89:06:F5:97
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01898CF5353D5D8E4B07E007B74BD50DE87C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UiThEcHacxYKy_KlDyvAfokG9Zc.roa
Signing time:             Tue 25 Jul 2023 12:10:27 +0000
ROA not before:           Tue 25 Jul 2023 12:10:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:f5:35:3d:5d:8e:4b:07:e0:07:b7:4b:d5:0d:e8:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 25 12:10:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5224e111c1da73160acbf2a50f2bc07e8906f597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:04:93:d7:98:fa:89:ca:72:2c:0d:56:c7:a8:
                    c2:20:80:4d:6e:f8:56:cd:4b:80:cd:e3:30:55:7a:
                    17:5f:6e:04:bb:64:79:cf:63:a0:15:b6:ec:98:e3:
                    d1:d3:c9:67:3f:a1:71:76:5e:01:f0:f2:98:39:59:
                    42:3e:8f:5a:7f:4a:c1:67:d5:23:04:54:5c:e2:14:
                    a9:af:0c:fd:3e:72:2c:9b:70:2b:89:77:84:80:e0:
                    af:5b:5b:09:a4:ff:06:a7:d2:06:2d:bb:71:c9:b4:
                    ab:b7:3e:86:4f:1b:98:82:79:8a:d6:1f:de:f9:69:
                    69:fd:0a:e7:dd:31:9a:90:28:e9:b0:17:38:49:8e:
                    90:15:cf:8d:6a:4d:1b:a2:89:12:83:ae:1a:1d:17:
                    3a:38:f1:29:69:fa:21:dd:df:4f:18:73:b1:02:35:
                    1f:30:b4:7e:7c:29:99:66:ca:31:62:cd:e4:72:ae:
                    ac:ad:6a:fd:0e:ea:b4:d6:06:68:0b:77:d3:fb:07:
                    6d:1c:69:c1:ad:1b:b8:4a:f7:ca:3c:5c:e2:3d:c6:
                    8e:b5:97:ac:96:eb:32:8b:35:44:74:8e:d7:7b:51:
                    88:18:8f:92:dc:71:da:9f:ae:6a:d7:5b:28:d8:aa:
                    ce:2c:8b:60:ed:b7:5b:93:c2:9b:f3:14:56:cd:07:
                    93:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:24:E1:11:C1:DA:73:16:0A:CB:F2:A5:0F:2B:C0:7E:89:06:F5:97
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UiThEcHacxYKy_KlDyvAfokG9Zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:30:44:e7:52:f1:cb:03:fa:d3:3a:76:e9:d1:8d:01:60:0d:
         54:53:a9:f3:3b:b7:71:3d:77:97:7b:ab:de:0c:bc:9b:ca:f5:
         ef:39:24:98:40:de:7e:3e:0d:44:eb:f8:c3:71:3f:4d:78:6c:
         11:c8:2d:8d:4b:a6:fe:f4:39:c4:69:66:f1:25:09:42:57:57:
         da:8e:4a:c6:83:a0:0b:ff:e0:63:c0:91:19:23:cf:03:6e:e9:
         02:5f:12:32:b0:27:77:ed:26:dc:a9:23:91:be:22:b5:22:7f:
         cf:ee:9b:b4:ec:84:2f:6b:ca:f8:f6:5d:c3:bb:32:1c:9e:6f:
         88:20:a6:1e:8a:22:33:d3:55:25:d2:ff:e6:b9:5c:b9:8b:d7:
         2e:32:18:c9:14:a8:c2:d3:83:09:3d:5d:31:42:de:21:19:4e:
         c7:11:d7:77:ac:ab:95:d0:64:d7:3c:43:ea:f6:3b:dd:40:91:
         3d:dd:ba:ed:63:1e:68:21:09:04:4f:ae:56:ff:cc:46:f8:97:
         a7:7d:ed:14:02:06:87:28:37:7d:d6:7d:5b:d7:88:13:bd:2d:
         53:25:d4:33:0b:21:ce:ad:10:5c:af:9b:f7:1c:2a:80:37:79:
         55:7b:4c:8b:93:83:81:9f:27:16:19:a8:d5:85:e4:ee:73:82:
         b9:b0:01:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmM9TU9XY5LB+AHt0vVDeh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI1MTIxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI0ZTExMWMxZGE3MzE2MGFjYmYyYTUwZjJiYzA3ZTg5MDZmNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowST15j6icpyLA1Wx6jCIIBNbvhW
zUuAzeMwVXoXX24Eu2R5z2OgFbbsmOPR08lnP6Fxdl4B8PKYOVlCPo9af0rBZ9Uj
BFRc4hSprwz9PnIsm3AriXeEgOCvW1sJpP8Gp9IGLbtxybSrtz6GTxuYgnmK1h/e
+Wlp/Qrn3TGakCjpsBc4SY6QFc+Nak0bookSg64aHRc6OPEpafoh3d9PGHOxAjUf
MLR+fCmZZsoxYs3kcq6srWr9Duq01gZoC3fT+wdtHGnBrRu4SvfKPFziPcaOtZes
lusyizVEdI7Xe1GIGI+S3HHan65q11so2KrOLItg7bdbk8Kb8xRWzQeT7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFIk4RHB2nMWCsvypQ8rwH6JBvWXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWlUaEVjSGFjeFlLeV9LbER5dkFmb2tHOVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGUwROdS8csD+tM6dunR
jQFgDVRTqfM7t3E9d5d7q94MvJvK9e85JJhA3n4+DUTr+MNxP014bBHILY1Lpv70
OcRpZvElCUJXV9qOSsaDoAv/4GPAkRkjzwNu6QJfEjKwJ3ftJtypI5G+IrUif8/u
m7TshC9ryvj2XcO7Mhyeb4ggph6KIjPTVSXS/+a5XLmL1y4yGMkUqMLTgwk9XTFC
3iEZTscR13esq5XQZNc8Q+r2O91AkT3duu1jHmghCQRPrlb/zEb4l6d97RQCBoco
N33WfVvXiBO9LVMl1DMLIc6tEFyvm/ccKoA3eVV7TIuTg4GfJxYZqNWF5O5zgrmw
AZg=
-----END CERTIFICATE-----