Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VWcLJ0JIUa2yAmvOISGi8I1NOYs.roa
File:                     VWcLJ0JIUa2yAmvOISGi8I1NOYs.roa (raw, json)
Hash identifier:          VJ61aoqZiX3futIKIerKrULRASfrPugbNSL15fKl23s=
Subject key identifier:   55:67:0B:27:42:48:51:AD:B2:02:6B:CE:21:21:A2:F0:8D:4D:39:8B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018773D9DA95B4026DE876A0C1C8CC76675E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VWcLJ0JIUa2yAmvOISGi8I1NOYs.roa
Signing time:             Wed 12 Apr 2023 05:04:29 +0000
ROA not before:           Wed 12 Apr 2023 05:04:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:187:73d9:d3ea/128 maxlen: 128
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:73:d9:da:95:b4:02:6d:e8:76:a0:c1:c8:cc:76:67:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 12 05:04:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=55670b27424851adb2026bce2121a2f08d4d398b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:40:92:84:46:bb:ca:b3:ba:4f:81:91:27:ea:
                    27:59:f5:d5:2c:03:4c:6d:26:81:8e:ae:9f:12:1b:
                    89:14:5b:2c:dc:f7:6c:50:83:2b:c2:67:da:a8:ee:
                    38:ca:e2:e4:cd:8a:27:5f:b6:52:29:f0:7e:d7:f3:
                    00:1d:16:ff:4d:06:27:b0:62:55:0c:af:53:3e:4d:
                    aa:33:7f:03:fd:a8:f5:bc:e0:f7:90:88:0a:49:b4:
                    70:b5:c0:3d:73:93:64:97:9c:72:37:f8:c5:84:cc:
                    f0:d2:2e:7a:49:b1:f9:d0:1f:2d:27:27:f0:7e:39:
                    85:d5:65:bc:3c:8d:0c:b3:83:30:10:c1:5e:31:2d:
                    b3:43:6b:72:17:1e:f9:24:ad:db:88:64:9b:10:64:
                    03:b8:37:c7:fe:9f:37:0c:c0:e2:50:24:aa:f8:3c:
                    bf:14:c6:1b:c0:b0:3f:e9:53:43:29:57:e1:3c:5b:
                    6d:79:f1:77:5e:de:98:81:fc:cd:97:f9:8d:69:8d:
                    04:6c:e0:b5:37:2c:83:dc:84:38:4d:e4:f2:b5:22:
                    2c:11:bc:03:14:b4:40:1d:54:04:dd:02:3b:55:69:
                    05:a3:cc:77:84:a9:1f:bf:c3:61:04:65:66:fa:bc:
                    a2:42:17:de:8e:c3:ca:88:7e:c6:fb:7e:8f:58:44:
                    cb:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:67:0B:27:42:48:51:AD:B2:02:6B:CE:21:21:A2:F0:8D:4D:39:8B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VWcLJ0JIUa2yAmvOISGi8I1NOYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:f4:84:db:42:ad:b6:62:61:7f:50:1d:66:15:c7:ec:50:4e:
         c3:50:84:7f:52:51:d8:f3:2d:4f:85:68:c4:0c:97:04:53:14:
         91:13:3f:1a:f9:f7:db:8f:e7:19:a2:ca:b4:52:e7:08:80:ac:
         0a:c2:52:d9:24:67:a8:1f:56:4f:62:97:44:48:d3:96:1e:e2:
         0a:6c:cd:c2:64:8f:f8:dc:c3:4c:a7:ab:32:bd:57:5a:75:96:
         fe:3a:c9:d1:82:68:f4:19:68:f6:14:00:43:7b:d1:17:97:14:
         2b:c3:e2:47:78:f0:73:5c:72:1c:e8:f8:ef:54:fc:58:41:79:
         8b:16:6f:c9:2f:a4:a8:6a:89:eb:70:68:f2:37:20:75:0b:e5:
         c0:27:61:da:de:4e:26:59:7a:cf:c6:81:71:73:bc:f6:71:9f:
         01:e6:59:1b:6f:45:7f:87:b4:5c:3d:af:2b:2a:e4:e0:7a:80:
         33:bb:5e:92:55:e5:01:7d:d2:de:1a:04:39:40:cb:be:94:c1:
         2b:aa:8b:89:a7:e8:4f:c4:87:7e:5b:32:0a:e6:d1:b6:68:c9:
         30:46:11:bb:5b:d7:f2:7d:7e:0f:77:f3:5d:fd:9e:ae:7d:c1:
         8e:77:73:21:60:b0:a9:b2:4f:e7:c6:bb:4c:ba:55:d8:7e:c6:
         b1:84:72:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdz2dqVtAJt6HagwcjMdmdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDEyMDUwNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY3MGIyNzQyNDg1MWFkYjIwMjZiY2UyMTIxYTJmMDhkNGQzOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0CShEa7yrO6T4GRJ+onWfXVLANM
bSaBjq6fEhuJFFss3PdsUIMrwmfaqO44yuLkzYonX7ZSKfB+1/MAHRb/TQYnsGJV
DK9TPk2qM38D/aj1vOD3kIgKSbRwtcA9c5Nkl5xyN/jFhMzw0i56SbH50B8tJyfw
fjmF1WW8PI0Ms4MwEMFeMS2zQ2tyFx75JK3biGSbEGQDuDfH/p83DMDiUCSq+Dy/
FMYbwLA/6VNDKVfhPFttefF3Xt6YgfzNl/mNaY0EbOC1NyyD3IQ4TeTytSIsEbwD
FLRAHVQE3QI7VWkFo8x3hKkfv8NhBGVm+ryiQhfejsPKiH7G+36PWETLkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFVnCydCSFGtsgJrziEhovCNTTmLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVldjTEowSklVYTJ5QW12T0lTR2k4STFOT1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE30hNtCrbZiYX9QHWYV
x+xQTsNQhH9SUdjzLU+FaMQMlwRTFJETPxr599uP5xmiyrRS5wiArArCUtkkZ6gf
Vk9il0RI05Ye4gpszcJkj/jcw0ynqzK9V1p1lv46ydGCaPQZaPYUAEN70ReXFCvD
4kd48HNcchzo+O9U/FhBeYsWb8kvpKhqietwaPI3IHUL5cAnYdreTiZZes/GgXFz
vPZxnwHmWRtvRX+HtFw9rysq5OB6gDO7XpJV5QF90t4aBDlAy76UwSuqi4mn6E/E
h35bMgrm0bZoyTBGEbtb1/J9fg938139nq59wY53cyFgsKmyT+fGu0y6Vdh+xrGE
chA=
-----END CERTIFICATE-----