Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XkK7ZRQP1y44t4KGbdMe2ozTX7o.roa
File:                     XkK7ZRQP1y44t4KGbdMe2ozTX7o.roa (raw, json)
Hash identifier:          ieLVEvuFs+iaDNQGGmOj2t/x3RlnjmSx1Vul+zjk7DI=
Subject key identifier:   5E:42:BB:65:14:0F:D7:2E:38:B7:82:86:6D:D3:1E:DA:8C:D3:5F:BA
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187D65C3B4006B5A170EADF532CD3D738AC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XkK7ZRQP1y44t4KGbdMe2ozTX7o.roa
Signing time:             Mon 01 May 2023 08:09:41 +0000
ROA not before:           Mon 01 May 2023 08:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d6:5c:3b:40:06:b5:a1:70:ea:df:53:2c:d3:d7:38:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  1 08:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e42bb65140fd72e38b782866dd31eda8cd35fba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0b:5a:6d:9d:c3:53:af:14:67:98:30:01:de:
                    00:b0:82:12:4f:60:54:c5:47:7d:cc:9b:a1:ef:52:
                    3d:6e:9a:12:fa:3c:e6:b5:84:38:31:8f:0d:78:d6:
                    f7:33:13:9e:13:d1:1a:95:0a:f8:51:6c:f1:60:66:
                    27:68:74:b0:e6:b8:8b:a4:61:69:cb:07:0e:29:55:
                    4a:7c:d0:97:74:ce:ee:a7:e7:cc:53:3d:b4:33:df:
                    65:4a:00:0a:30:02:4b:13:c2:ed:94:61:c1:1f:ac:
                    c6:94:33:15:b2:a6:94:e8:ea:cc:b0:b5:54:02:63:
                    c6:4f:b7:d2:25:2c:50:7a:2d:db:72:45:dd:07:1f:
                    9e:3b:51:fa:06:99:25:f8:a9:40:0c:c1:2d:91:de:
                    f3:20:d3:2d:a2:56:3b:3f:f7:52:4c:c3:00:72:48:
                    9e:b3:2d:57:b7:30:cc:a4:30:01:c7:8f:1f:2c:d0:
                    7a:70:15:38:20:79:7a:83:1e:1d:68:18:55:3e:1f:
                    5c:dd:74:da:0c:89:48:7c:9f:65:a4:5d:13:df:c2:
                    58:46:6a:4d:0b:e4:d1:69:1d:d5:d4:b1:c7:0f:ac:
                    84:95:23:0f:15:dc:9d:60:f6:08:dc:d2:b4:a3:a2:
                    cd:a6:fd:3b:46:11:2c:46:38:db:ae:50:69:9b:ea:
                    06:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:42:BB:65:14:0F:D7:2E:38:B7:82:86:6D:D3:1E:DA:8C:D3:5F:BA
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XkK7ZRQP1y44t4KGbdMe2ozTX7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:79:b7:8e:03:85:dc:41:1f:c9:a0:ae:b7:f0:c3:48:50:65:
         19:3e:77:c3:4a:a4:c9:41:76:47:8f:52:b6:65:fb:25:2c:25:
         73:6d:83:02:dd:58:ba:39:e4:9b:a1:29:8b:80:b8:22:3a:a6:
         29:c3:1d:79:1b:0e:12:ca:89:46:92:76:26:4d:1d:ee:8a:19:
         c4:86:03:94:7f:6b:2e:36:62:8d:b1:49:50:93:84:e4:c7:ff:
         9c:48:a5:6d:5f:36:e9:69:89:1b:2e:f7:a6:56:ec:3c:41:53:
         c5:b2:c4:0b:fe:20:fd:c0:80:57:4d:0f:b7:99:25:1a:a5:64:
         49:96:55:80:f4:b6:4b:dd:4e:e3:15:e2:f9:db:a6:5a:c9:64:
         ff:a1:5a:9f:7b:b4:51:12:a1:68:67:9b:28:d7:e2:6d:36:bc:
         93:15:0f:c1:f5:27:25:a2:3d:24:b8:bd:94:52:bf:cc:d9:11:
         3c:01:c8:b3:bc:83:58:1c:cf:41:ff:b6:9e:05:7e:91:e5:5b:
         d2:f7:ef:b9:88:4b:2e:8f:97:2c:28:48:fb:a5:8a:f0:d2:f0:
         86:38:bb:61:d9:2e:67:82:fd:07:b7:c2:bd:ac:15:17:b2:92:
         f6:52:4b:f7:68:f6:a0:20:81:3d:87:2a:59:6c:de:92:e8:c6:
         19:59:6d:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfWXDtABrWhcOrfUyzT1zisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAxMDgwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQyYmI2NTE0MGZkNzJlMzhiNzgyODY2ZGQzMWVkYThjZDM1ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAtabZ3DU68UZ5gwAd4AsIIST2BU
xUd9zJuh71I9bpoS+jzmtYQ4MY8NeNb3MxOeE9EalQr4UWzxYGYnaHSw5riLpGFp
ywcOKVVKfNCXdM7up+fMUz20M99lSgAKMAJLE8LtlGHBH6zGlDMVsqaU6OrMsLVU
AmPGT7fSJSxQei3bckXdBx+eO1H6Bpkl+KlADMEtkd7zINMtolY7P/dSTMMAckie
sy1XtzDMpDABx48fLNB6cBU4IHl6gx4daBhVPh9c3XTaDIlIfJ9lpF0T38JYRmpN
C+TRaR3V1LHHD6yElSMPFdydYPYI3NK0o6LNpv07RhEsRjjbrlBpm+oGKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5Cu2UUD9cuOLeChm3THtqM01+6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWGtLN1pSUVAxeTQ0dDRLR2JkTWUyb3pUWDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIh5t44DhdxBH8mgrrfw
w0hQZRk+d8NKpMlBdkePUrZl+yUsJXNtgwLdWLo55JuhKYuAuCI6pinDHXkbDhLK
iUaSdiZNHe6KGcSGA5R/ay42Yo2xSVCThOTH/5xIpW1fNulpiRsu96ZW7DxBU8Wy
xAv+IP3AgFdND7eZJRqlZEmWVYD0tkvdTuMV4vnbplrJZP+hWp97tFESoWhnmyjX
4m02vJMVD8H1JyWiPSS4vZRSv8zZETwByLO8g1gcz0H/tp4FfpHlW9L377mISy6P
lywoSPulivDS8IY4u2HZLmeC/Qe3wr2sFReykvZSS/do9qAggT2HKlls3pLoxhlZ
bQo=
-----END CERTIFICATE-----