Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WPXeALCkoW8Jj7rio0_pG45Tmvg.roa
File:                     WPXeALCkoW8Jj7rio0_pG45Tmvg.roa (raw, json)
Hash identifier:          Ut5jPMHZMzp6sScjlxfXAiFGU4StBkzY05ugxhJVgFc=
Subject key identifier:   58:F5:DE:00:B0:A4:A1:6F:09:8F:BA:E2:A3:4F:E9:1B:8E:53:9A:F8
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018942B1BED28380F69E04C75EE8C2D8D1DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WPXeALCkoW8Jj7rio0_pG45Tmvg.roa
Signing time:             Tue 11 Jul 2023 02:04:52 +0000
ROA not before:           Tue 11 Jul 2023 02:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:189:42b1:6051/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:42:b1:be:d2:83:80:f6:9e:04:c7:5e:e8:c2:d8:d1:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 11 02:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58f5de00b0a4a16f098fbae2a34fe91b8e539af8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6c:93:d8:7a:7e:2c:5d:a4:df:f0:ff:0a:d1:
                    cc:ca:93:4e:8b:61:20:55:5e:26:d7:9a:4c:88:57:
                    40:56:cc:77:3a:59:f9:82:ec:c8:80:b9:d0:b4:3e:
                    7c:2e:85:14:f1:ea:29:00:46:82:8a:15:b7:bc:32:
                    49:33:81:14:bf:de:ab:78:21:5c:dc:2d:2a:5b:37:
                    3e:5c:fe:98:f7:b7:72:1d:93:90:e3:6c:87:d0:fd:
                    42:b8:95:76:ec:6e:72:04:ba:6a:42:8a:69:77:df:
                    2a:7a:fd:81:54:8b:9e:b5:6a:b5:9b:b0:f3:75:ce:
                    54:58:65:0b:26:d3:4d:4d:9f:96:c6:eb:e7:ec:06:
                    d6:4f:14:a9:fd:ed:5a:85:5c:32:65:8a:d2:62:c3:
                    f4:3e:5e:52:72:f7:56:cd:dd:6d:98:01:97:f9:8d:
                    21:df:32:b7:7a:ad:d9:2f:16:c3:f6:4f:6d:34:7f:
                    2f:fe:97:1b:80:06:44:b4:75:c5:cc:0d:14:3d:82:
                    95:66:83:62:87:a6:9f:8d:13:0e:f2:d2:f4:53:bc:
                    77:d0:e7:47:f6:14:be:f3:2b:19:33:73:9d:2e:6e:
                    88:94:fd:cf:0a:42:2e:43:42:65:db:79:03:05:c2:
                    99:56:6b:3a:d8:07:47:dd:89:ff:f9:42:56:e3:82:
                    cb:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:F5:DE:00:B0:A4:A1:6F:09:8F:BA:E2:A3:4F:E9:1B:8E:53:9A:F8
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WPXeALCkoW8Jj7rio0_pG45Tmvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:b1:a1:b1:ab:6b:b9:25:9e:dd:f5:a2:2d:ea:be:2f:c3:5f:
         9f:27:a5:b9:94:aa:4c:82:34:9d:95:80:e7:82:6a:82:ad:69:
         21:d8:c9:87:b2:d2:d4:2d:6b:eb:76:dd:33:36:2d:16:98:f4:
         e2:2f:fb:63:97:eb:e3:f9:77:07:1e:ef:35:38:f4:12:b3:d9:
         66:ce:d0:93:ab:de:2a:3d:e8:00:8c:7f:e9:ff:80:aa:61:12:
         02:33:f9:fd:87:08:6d:dc:4a:5e:ae:d3:d0:3c:d2:42:5a:d3:
         82:cf:12:f8:e0:48:20:52:32:04:4d:72:15:db:82:2c:16:da:
         16:c2:86:c8:8c:35:42:9c:df:17:c3:42:7d:72:a1:cb:f2:fe:
         75:fe:45:8e:a6:b2:1d:e6:5c:b7:8e:3b:b1:7f:5a:c7:70:d0:
         93:81:2b:de:43:4f:16:47:29:35:ec:43:b2:af:83:ee:10:5e:
         52:b2:11:e0:29:f3:75:43:db:2d:34:8f:26:0c:15:a7:9b:1c:
         01:66:50:46:82:39:ff:93:6f:df:52:83:94:0e:bf:e4:56:db:
         72:81:bc:6e:3a:69:5b:2c:96:2d:eb:16:c7:91:df:03:d3:fe:
         9c:3c:cd:d6:b2:08:dc:12:02:a9:67:58:52:98:1c:a7:8f:de:
         4d:3c:95:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlCsb7Sg4D2ngTHXujC2NHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzExMDIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGY1ZGUwMGIwYTRhMTZmMDk4ZmJhZTJhMzRmZTkxYjhlNTM5YWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGyT2Hp+LF2k3/D/CtHMypNOi2Eg
VV4m15pMiFdAVsx3Oln5guzIgLnQtD58LoUU8eopAEaCihW3vDJJM4EUv96reCFc
3C0qWzc+XP6Y97dyHZOQ42yH0P1CuJV27G5yBLpqQoppd98qev2BVIuetWq1m7Dz
dc5UWGULJtNNTZ+Wxuvn7AbWTxSp/e1ahVwyZYrSYsP0Pl5ScvdWzd1tmAGX+Y0h
3zK3eq3ZLxbD9k9tNH8v/pcbgAZEtHXFzA0UPYKVZoNih6afjRMO8tL0U7x30OdH
9hS+8ysZM3OdLm6IlP3PCkIuQ0Jl23kDBcKZVms62AdH3Yn/+UJW44LLywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFj13gCwpKFvCY+64qNP6RuOU5r4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvV1BYZUFMQ2tvVzhKajdyaW8wX3BHNDVUbXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABGxobGra7klnt31oi3q
vi/DX58npbmUqkyCNJ2VgOeCaoKtaSHYyYey0tQta+t23TM2LRaY9OIv+2OX6+P5
dwce7zU49BKz2WbO0JOr3io96ACMf+n/gKphEgIz+f2HCG3cSl6u09A80kJa04LP
EvjgSCBSMgRNchXbgiwW2hbChsiMNUKc3xfDQn1yocvy/nX+RY6msh3mXLeOO7F/
Wsdw0JOBK95DTxZHKTXsQ7Kvg+4QXlKyEeAp83VD2y00jyYMFaebHAFmUEaCOf+T
b99Sg5QOv+RW23KBvG46aVssli3rFseR3wPT/pw8zdayCNwSAqlnWFKYHKeP3k08
lYg=
-----END CERTIFICATE-----