Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/V02x3JhxIUQRUtwhusyIdGjokKc.roa
File:                     V02x3JhxIUQRUtwhusyIdGjokKc.roa (raw, json)
Hash identifier:          OwVTXI87DE36hC+9zN5Bk9MRGIkuAWqbZs+J9J2biRQ=
Subject key identifier:   57:4D:B1:DC:98:71:21:44:11:52:DC:21:BA:CC:88:74:68:E8:90:A7
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188B885D9DF2C7867943964D9A6C5B69827
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/V02x3JhxIUQRUtwhusyIdGjokKc.roa
Signing time:             Wed 14 Jun 2023 06:09:19 +0000
ROA not before:           Wed 14 Jun 2023 06:09:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:85:d9:df:2c:78:67:94:39:64:d9:a6:c5:b6:98:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 14 06:09:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=574db1dc987121441152dc21bacc887468e890a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:5c:d4:4b:00:a0:56:5e:3a:e2:4a:2b:d1:f3:
                    11:21:68:9b:bd:1a:79:a1:37:e7:ab:42:b7:5c:53:
                    ab:2f:78:41:bf:91:e8:6a:00:61:1e:ab:11:3a:50:
                    1f:41:a9:bb:58:0b:fc:7d:63:dd:95:40:5e:19:77:
                    28:6c:1c:32:6b:72:24:7f:6a:da:ef:10:78:37:05:
                    ee:ae:46:35:4c:15:38:22:0d:84:ee:f0:41:0a:9d:
                    3a:fc:3f:a7:92:b7:57:ab:0d:47:34:30:14:11:b0:
                    a9:29:6c:57:c7:b6:c0:01:09:9a:d4:07:60:49:34:
                    fd:4d:61:33:b2:5f:71:7a:94:00:62:37:af:71:57:
                    a0:60:83:b2:41:36:b2:32:9d:a5:e1:85:b7:89:26:
                    41:87:61:cf:39:1e:af:25:fd:e7:8a:bf:aa:86:80:
                    d0:4d:2e:e1:75:ae:5b:c5:30:6b:66:4d:22:71:95:
                    30:b5:e0:eb:5a:08:19:0a:63:a8:7e:16:f8:19:02:
                    ce:fd:76:0b:f0:bd:fd:cf:6b:d3:3c:af:a5:52:98:
                    b8:96:f5:17:4d:22:7e:fa:45:09:bd:98:0c:6b:99:
                    c7:e5:46:0a:65:04:d7:fb:12:8c:06:51:88:e6:86:
                    5e:58:74:58:42:a2:cd:be:d6:28:8e:25:df:1e:cf:
                    8b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:4D:B1:DC:98:71:21:44:11:52:DC:21:BA:CC:88:74:68:E8:90:A7
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/V02x3JhxIUQRUtwhusyIdGjokKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:44:04:aa:6a:a5:96:58:2c:21:46:e9:e5:98:4d:27:01:9d:
         fc:c8:e4:4f:d4:54:07:79:2c:6e:f4:38:5e:ff:cc:43:d6:3a:
         71:47:9a:9a:ed:75:8f:6f:10:ed:7d:45:87:da:d3:3a:8f:2c:
         3b:99:0d:7f:dc:1d:9f:64:5d:84:71:61:78:25:01:5a:11:12:
         52:42:39:27:7c:56:6d:3b:56:cb:2f:be:b7:9e:34:25:32:dc:
         66:07:b3:ca:73:7f:39:00:d7:ed:f0:4d:0c:74:e7:b4:aa:5c:
         d6:75:1b:95:fe:d5:dc:40:68:7e:68:e8:12:e3:d9:4e:d4:3f:
         b9:5f:81:dd:9b:d1:ea:31:52:03:b3:10:ec:51:ac:c5:98:97:
         e3:26:10:00:fc:68:1d:5b:a4:38:93:11:14:b0:db:7b:f9:46:
         a3:96:83:b6:0e:fe:5d:aa:08:00:62:f2:68:be:21:1c:6f:e3:
         1e:8f:b7:65:86:8e:67:72:c4:0a:70:19:cd:d1:1a:24:0e:be:
         34:58:35:28:97:64:cf:47:17:cb:7e:35:b5:03:36:54:00:63:
         8a:46:b4:20:2b:c1:0b:a2:d9:2c:e7:24:18:33:72:d4:05:18:
         73:4e:61:0a:08:f0:66:e9:8f:f4:45:57:c4:a2:11:5a:ca:84:
         7a:22:1e:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi4hdnfLHhnlDlk2abFtpgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MDYwOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzRkYjFkYzk4NzEyMTQ0MTE1MmRjMjFiYWNjODg3NDY4ZTg5MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlzUSwCgVl464kor0fMRIWibvRp5
oTfnq0K3XFOrL3hBv5HoagBhHqsROlAfQam7WAv8fWPdlUBeGXcobBwya3Ikf2ra
7xB4NwXurkY1TBU4Ig2E7vBBCp06/D+nkrdXqw1HNDAUEbCpKWxXx7bAAQma1Adg
STT9TWEzsl9xepQAYjevcVegYIOyQTayMp2l4YW3iSZBh2HPOR6vJf3nir+qhoDQ
TS7hda5bxTBrZk0icZUwteDrWggZCmOofhb4GQLO/XYL8L39z2vTPK+lUpi4lvUX
TSJ++kUJvZgMa5nH5UYKZQTX+xKMBlGI5oZeWHRYQqLNvtYojiXfHs+L1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFdNsdyYcSFEEVLcIbrMiHRo6JCnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVjAyeDNKaHhJVVFSVXR3aHVzeUlkR2pva0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBEBKpqpZZYLCFG6eWY
TScBnfzI5E/UVAd5LG70OF7/zEPWOnFHmprtdY9vEO19RYfa0zqPLDuZDX/cHZ9k
XYRxYXglAVoRElJCOSd8Vm07VssvvreeNCUy3GYHs8pzfzkA1+3wTQx057SqXNZ1
G5X+1dxAaH5o6BLj2U7UP7lfgd2b0eoxUgOzEOxRrMWYl+MmEAD8aB1bpDiTERSw
23v5RqOWg7YO/l2qCABi8mi+IRxv4x6Pt2WGjmdyxApwGc3RGiQOvjRYNSiXZM9H
F8t+NbUDNlQAY4pGtCArwQui2SznJBgzctQFGHNOYQoI8Gbpj/RFV8SiEVrKhHoi
HjA=
-----END CERTIFICATE-----