Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UorLbSUDGUFjsSbRqwmg1mKNkP0.roa
File:                     UorLbSUDGUFjsSbRqwmg1mKNkP0.roa (raw, json)
Hash identifier:          tvE75lLRkT1JFQ31hNn9SRWn3K/7FThaUJFGc2H3P5E=
Subject key identifier:   52:8A:CB:6D:25:03:19:41:63:B1:26:D1:AB:09:A0:D6:62:8D:90:FD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018769967ABBDCF6F26614E062E61A00C6FE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UorLbSUDGUFjsSbRqwmg1mKNkP0.roa
Signing time:             Mon 10 Apr 2023 05:14:42 +0000
ROA not before:           Mon 10 Apr 2023 05:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:69:96:7a:bb:dc:f6:f2:66:14:e0:62:e6:1a:00:c6:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 10 05:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=528acb6d2503194163b126d1ab09a0d6628d90fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5a:3f:7e:29:1a:ed:97:a3:89:03:6c:39:73:
                    91:73:49:ba:1a:4a:54:5f:1b:ac:5a:52:e0:d4:28:
                    27:47:29:e8:ff:14:f8:41:b2:05:46:d6:0a:80:70:
                    a1:c7:08:65:e5:94:ff:d6:d3:15:e7:81:d6:22:8c:
                    a4:80:36:bd:aa:62:6a:fd:13:e0:b2:0c:13:24:53:
                    77:09:0e:1f:92:a4:91:55:21:74:74:77:67:dd:a1:
                    a1:93:ad:31:83:98:da:a8:c7:0b:a6:bb:2f:59:f4:
                    b4:d7:c1:f1:9a:d6:f1:ce:67:f1:60:de:a1:a0:7e:
                    a6:73:20:66:db:a1:9a:7e:95:a4:1d:d7:68:75:92:
                    7b:a3:7e:fb:75:d7:8b:db:3e:f6:41:2d:f0:4c:85:
                    95:88:57:ef:88:5e:e6:50:72:0c:4d:42:15:cd:cc:
                    7c:97:99:58:70:43:49:a8:1f:fe:c6:cb:0c:53:3f:
                    c5:a6:16:d7:13:f6:0e:af:9b:6d:d9:72:95:22:bf:
                    d9:28:00:50:99:71:e6:6e:d6:9a:bf:98:51:f5:73:
                    6b:5f:8d:0f:3b:6a:32:5e:53:fc:20:29:bd:90:13:
                    f6:89:0b:c8:2b:3b:3b:2c:a1:8f:d6:29:ef:fb:91:
                    44:52:d9:93:de:97:23:73:67:d6:bf:9d:61:6f:a8:
                    65:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:8A:CB:6D:25:03:19:41:63:B1:26:D1:AB:09:A0:D6:62:8D:90:FD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UorLbSUDGUFjsSbRqwmg1mKNkP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:15:85:80:82:d6:b9:e9:cf:40:51:fd:cf:97:59:08:ff:a3:
         c5:5e:52:05:b0:5d:c0:16:85:a8:b8:3e:79:3d:46:7f:24:2f:
         9d:8f:62:a6:70:e1:42:22:21:bd:9d:f8:33:73:d3:2a:2e:4d:
         e5:9a:df:be:c0:55:00:d8:43:69:1e:12:fe:da:2f:a4:48:f4:
         f2:f7:07:18:a1:ad:8e:fd:06:54:4a:3e:5a:4d:a1:fa:50:95:
         a4:c9:46:e3:60:23:4d:b9:1b:51:13:9a:d0:af:bc:f2:6e:77:
         36:b7:84:c3:25:55:cf:d9:0f:73:cc:b5:01:2e:5a:c6:ef:75:
         8a:61:e8:c4:52:42:47:c9:c3:40:4a:58:05:ae:32:62:48:64:
         da:ef:1a:93:12:e0:31:96:49:b1:2c:c9:ea:b7:b9:25:6e:49:
         4b:d2:2f:78:25:ab:48:06:5d:0a:cf:fc:cd:57:ec:38:d0:43:
         52:a4:20:bd:34:d2:07:29:1a:41:2e:60:2a:88:ed:c5:41:69:
         45:21:54:a0:06:cf:4d:d7:53:df:5c:f2:3a:02:ca:0f:ca:9a:
         12:f4:07:a5:95:ca:51:e2:17:35:fe:6f:83:fb:39:07:df:18:
         ac:9e:2e:e2:3a:a1:8a:c3:45:64:de:06:10:dc:07:84:41:c9:
         7e:c8:5a:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdplnq73PbyZhTgYuYaAMb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDEwMDUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjhhY2I2ZDI1MDMxOTQxNjNiMTI2ZDFhYjA5YTBkNjYyOGQ5MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1o/fika7ZejiQNsOXORc0m6GkpU
XxusWlLg1CgnRyno/xT4QbIFRtYKgHChxwhl5ZT/1tMV54HWIoykgDa9qmJq/RPg
sgwTJFN3CQ4fkqSRVSF0dHdn3aGhk60xg5jaqMcLprsvWfS018HxmtbxzmfxYN6h
oH6mcyBm26GafpWkHddodZJ7o377ddeL2z72QS3wTIWViFfviF7mUHIMTUIVzcx8
l5lYcENJqB/+xssMUz/FphbXE/YOr5tt2XKVIr/ZKABQmXHmbtaav5hR9XNrX40P
O2oyXlP8ICm9kBP2iQvIKzs7LKGP1inv+5FEUtmT3pcjc2fWv51hb6hluQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKKy20lAxlBY7Em0asJoNZijZD9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVW9yTGJTVURHVUZqc1NiUnF3bWcxbUtOa1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsVhYCC1rnpz0BR/c+X
WQj/o8VeUgWwXcAWhai4Pnk9Rn8kL52PYqZw4UIiIb2d+DNz0youTeWa377AVQDY
Q2keEv7aL6RI9PL3BxihrY79BlRKPlpNofpQlaTJRuNgI025G1ETmtCvvPJudza3
hMMlVc/ZD3PMtQEuWsbvdYph6MRSQkfJw0BKWAWuMmJIZNrvGpMS4DGWSbEsyeq3
uSVuSUvSL3glq0gGXQrP/M1X7DjQQ1KkIL000gcpGkEuYCqI7cVBaUUhVKAGz03X
U99c8joCyg/KmhL0B6WVylHiFzX+b4P7OQffGKyeLuI6oYrDRWTeBhDcB4RByX7I
Wrc=
-----END CERTIFICATE-----