Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMAv8f2Ob5XEGOhP2t1KlrpMw64.roa
File:                     YMAv8f2Ob5XEGOhP2t1KlrpMw64.roa (raw, json)
Hash identifier:          yAH5VBS/9iIeo+uOHtLg3M0qm06TcNWdAzmgIr2kUDk=
Subject key identifier:   60:C0:2F:F1:FD:8E:6F:95:C4:18:E8:4F:DA:DD:4A:96:BA:4C:C3:AE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187C78A4A393AD0C5F99AE3AE46CEE00081
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMAv8f2Ob5XEGOhP2t1KlrpMw64.roa
Signing time:             Fri 28 Apr 2023 11:05:41 +0000
ROA not before:           Fri 28 Apr 2023 11:05:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:187:c789:6e3c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c7:8a:4a:39:3a:d0:c5:f9:9a:e3:ae:46:ce:e0:00:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 28 11:05:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60c02ff1fd8e6f95c418e84fdadd4a96ba4cc3ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6f:b1:57:86:2f:cb:f6:0e:57:c8:1d:eb:3b:
                    62:85:79:0c:9f:95:dc:74:b0:d2:31:3f:c1:98:5c:
                    af:c8:78:01:6d:62:65:74:6a:7d:e9:1b:c7:5d:c5:
                    5e:a9:8a:33:6c:c5:0d:a4:93:00:c5:9a:dd:e8:0c:
                    3f:b1:96:ae:d7:d2:43:ae:f7:00:3f:86:4c:76:6b:
                    e2:7e:b0:36:45:a7:57:8e:4f:e1:5c:7b:fd:fa:8a:
                    4c:d2:2b:37:0f:ad:60:df:cf:c8:08:48:f1:36:8c:
                    22:d4:c7:01:f7:ef:e5:e9:b1:48:da:aa:48:04:44:
                    bf:ef:04:ab:d9:98:19:3a:e2:3e:9a:1b:51:8c:a5:
                    c4:8d:50:3f:fd:1c:3d:4e:d7:9b:a3:dc:0d:e9:47:
                    ba:ab:fd:a2:b0:d0:8f:1c:82:e4:35:38:97:ba:c6:
                    f5:08:cd:15:d4:6c:ee:20:0f:b0:22:7c:30:1a:ef:
                    2e:6e:ee:b3:3f:88:44:98:ae:08:12:b8:81:7b:68:
                    68:7f:60:98:28:8e:1c:0a:14:84:4c:a5:d1:9e:31:
                    fa:eb:70:2e:2a:1d:a3:61:2a:ae:bf:d4:dc:d3:83:
                    da:7e:04:5a:b1:d8:8d:6f:eb:c6:e6:ba:0e:41:4f:
                    7b:98:ea:70:db:f7:de:24:a2:b7:7a:75:12:00:26:
                    73:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C0:2F:F1:FD:8E:6F:95:C4:18:E8:4F:DA:DD:4A:96:BA:4C:C3:AE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMAv8f2Ob5XEGOhP2t1KlrpMw64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a4:50:71:25:3b:84:5b:26:74:f5:bd:fa:99:3f:ec:73:e6:80:
         ab:9d:ef:dd:a1:ba:bc:84:c3:5f:90:6d:1b:36:0d:bf:fe:0d:
         f7:84:bd:c3:20:0b:7f:24:68:02:60:40:ab:fd:8b:56:54:a5:
         3c:f7:8d:84:18:85:43:2b:ae:1d:f9:d0:a4:4e:c9:88:91:22:
         79:46:6c:f6:5e:61:4f:75:a4:fa:f9:1c:a0:56:e5:79:32:d8:
         f6:cb:78:a9:85:f5:91:08:28:9c:01:a9:24:0a:40:19:c1:52:
         20:65:07:1d:27:8c:f7:04:f4:fd:26:c3:ee:9c:66:0f:05:0c:
         7e:8a:ad:be:87:24:5d:9e:3c:28:de:6c:a4:d4:67:f8:a5:3b:
         70:fc:b1:f8:55:92:06:b0:42:a9:0d:bc:56:d9:84:85:bd:b6:
         e1:b2:84:6b:32:82:03:28:9f:21:76:da:47:37:2e:39:c1:61:
         65:35:12:86:55:5a:8e:16:e9:0d:ef:f6:c3:e6:fd:0b:70:f0:
         69:dd:75:cc:1f:9d:f9:34:43:6c:83:a5:b0:af:c6:69:bd:20:
         cd:54:69:5a:7e:51:fa:31:44:c5:0e:37:ba:4b:b0:2a:ab:68:
         45:98:da:0a:f9:2f:bf:a2:ba:2d:5a:69:a0:3d:fa:2a:06:09:
         de:ce:19:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfHiko5OtDF+ZrjrkbO4ACBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI4MTEwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMwMmZmMWZkOGU2Zjk1YzQxOGU4NGZkYWRkNGE5NmJhNGNjM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG+xV4Yvy/YOV8gd6ztihXkMn5Xc
dLDSMT/BmFyvyHgBbWJldGp96RvHXcVeqYozbMUNpJMAxZrd6Aw/sZau19JDrvcA
P4ZMdmvifrA2RadXjk/hXHv9+opM0is3D61g38/ICEjxNowi1McB9+/l6bFI2qpI
BES/7wSr2ZgZOuI+mhtRjKXEjVA//Rw9Ttebo9wN6Ue6q/2isNCPHILkNTiXusb1
CM0V1GzuIA+wInwwGu8ubu6zP4hEmK4IEriBe2hof2CYKI4cChSETKXRnjH663Au
Kh2jYSquv9Tc04PafgRasdiNb+vG5roOQU97mOpw2/feJKK3enUSACZzpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGDAL/H9jm+VxBjoT9rdSpa6TMOuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWU1BdjhmMk9iNVhFR09oUDJ0MUtscnBNdzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKRQcSU7hFsmdPW9+pk/
7HPmgKud792huryEw1+QbRs2Db/+DfeEvcMgC38kaAJgQKv9i1ZUpTz3jYQYhUMr
rh350KROyYiRInlGbPZeYU91pPr5HKBW5Xky2PbLeKmF9ZEIKJwBqSQKQBnBUiBl
Bx0njPcE9P0mw+6cZg8FDH6Krb6HJF2ePCjebKTUZ/ilO3D8sfhVkgawQqkNvFbZ
hIW9tuGyhGsyggMonyF22kc3LjnBYWU1EoZVWo4W6Q3v9sPm/Qtw8Gnddcwfnfk0
Q2yDpbCvxmm9IM1UaVp+UfoxRMUON7pLsCqraEWY2gr5L7+iui1aaaA9+ioGCd7O
Gag=
-----END CERTIFICATE-----