Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YRO-u436ikWVmhBui3kymulni2o.roa
File:                     YRO-u436ikWVmhBui3kymulni2o.roa (raw, json)
Hash identifier:          YWHB3ya6z3gIvZP/HcFigdFh2rE97JMFj9aAljEFYa4=
Subject key identifier:   61:13:BE:BB:8D:FA:8A:45:95:9A:10:6E:8B:79:32:9A:E9:67:8B:6A
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01876F92DDD226177F3793D924A6106DE752
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YRO-u436ikWVmhBui3kymulni2o.roa
Signing time:             Tue 11 Apr 2023 09:08:28 +0000
ROA not before:           Tue 11 Apr 2023 09:08:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6f:92:dd:d2:26:17:7f:37:93:d9:24:a6:10:6d:e7:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 11 09:08:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6113bebb8dfa8a45959a106e8b79329ae9678b6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:3a:d0:2d:ff:1e:fb:7c:29:83:9b:72:ed:38:
                    32:12:5c:63:9c:63:d0:22:63:46:61:33:3c:11:17:
                    ff:06:65:cb:8d:2f:8a:46:1a:51:31:dc:e0:cb:84:
                    46:e6:67:64:45:00:72:a8:80:29:f3:51:ad:5d:99:
                    71:cd:ff:b0:60:29:58:be:3a:31:27:7d:19:e2:b1:
                    68:1e:fe:1e:2c:20:f0:4d:97:a5:ae:f9:b1:17:da:
                    e0:36:a8:7a:31:53:a7:50:98:76:a6:37:b6:42:da:
                    12:0b:7f:c7:46:65:51:a4:a6:36:49:0f:da:87:dd:
                    8b:0d:a4:e0:c6:ad:9e:08:38:b0:c1:ed:27:96:78:
                    03:47:75:dc:94:16:82:3d:bc:a9:63:2e:3c:76:a8:
                    b4:23:cd:bb:b9:e9:80:53:63:7e:91:04:ec:ea:98:
                    89:b7:a3:8b:98:e1:17:e2:85:bd:0e:eb:d1:10:e0:
                    ce:07:af:74:51:17:96:9a:f3:67:22:ea:ca:c5:60:
                    1b:30:1f:46:d9:0d:eb:ba:c3:e1:23:8a:23:2c:86:
                    84:1f:31:31:0f:e5:ee:e6:c5:b5:bc:ab:bd:0e:22:
                    96:b9:c8:34:59:ca:ec:35:68:f9:92:0d:4e:b3:21:
                    70:c8:c6:9a:1d:ce:e3:55:68:20:07:f1:5a:68:40:
                    fe:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:13:BE:BB:8D:FA:8A:45:95:9A:10:6E:8B:79:32:9A:E9:67:8B:6A
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YRO-u436ikWVmhBui3kymulni2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:96:1e:d7:c3:50:46:80:f1:24:b0:39:a3:c6:7a:f2:4d:8d:
         8f:46:8f:d3:cf:86:60:0e:25:64:de:28:71:b4:ed:bd:60:11:
         07:d0:c3:8d:70:45:cc:3f:e8:8c:da:b6:04:c2:46:d2:74:1d:
         23:66:9b:d5:61:b2:e0:3a:ca:04:ae:99:bc:89:55:27:54:32:
         3c:87:17:60:cd:30:0a:80:bd:3e:c5:c0:42:43:b6:22:6e:53:
         9f:03:21:64:2c:d1:3b:1d:68:7b:27:4e:31:7c:a8:6c:0f:98:
         2c:d8:2a:a5:91:29:23:e4:d3:92:a4:9e:aa:43:1d:af:c3:d1:
         d3:4a:33:0f:7e:05:b1:11:5b:a9:eb:c6:87:ed:4a:35:0b:6b:
         4a:10:bb:40:61:61:21:b4:78:87:3d:02:98:bf:73:85:54:c4:
         5f:34:38:4a:69:69:74:90:0a:cd:df:6b:eb:d4:c1:1c:8c:e6:
         9f:e6:1a:9b:1d:a0:25:13:43:73:c0:e0:a8:ac:d2:98:70:66:
         6d:ca:67:e6:ad:f9:c3:a1:11:83:12:bc:d7:09:cf:56:ba:f5:
         cf:28:5b:f4:e2:b5:9d:ed:d4:4b:cf:74:2c:f9:d7:85:a3:82:
         01:63:07:5a:5c:85:6b:f2:fe:78:7f:ab:fc:41:05:50:55:62:
         d1:b1:fe:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdvkt3SJhd/N5PZJKYQbedSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDExMDkwODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTEzYmViYjhkZmE4YTQ1OTU5YTEwNmU4Yjc5MzI5YWU5Njc4YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jrQLf8e+3wpg5ty7TgyElxjnGPQ
ImNGYTM8ERf/BmXLjS+KRhpRMdzgy4RG5mdkRQByqIAp81GtXZlxzf+wYClYvjox
J30Z4rFoHv4eLCDwTZelrvmxF9rgNqh6MVOnUJh2pje2QtoSC3/HRmVRpKY2SQ/a
h92LDaTgxq2eCDiwwe0nlngDR3XclBaCPbypYy48dqi0I827uemAU2N+kQTs6piJ
t6OLmOEX4oW9DuvREODOB690UReWmvNnIurKxWAbMB9G2Q3rusPhI4ojLIaEHzEx
D+Xu5sW1vKu9DiKWucg0WcrsNWj5kg1OsyFwyMaaHc7jVWggB/FaaED+VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGETvruN+opFlZoQbot5MprpZ4tqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWVJPLXU0MzZpa1dWbWhCdWkza3ltdWxuaTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI+WHtfDUEaA8SSwOaPG
evJNjY9Gj9PPhmAOJWTeKHG07b1gEQfQw41wRcw/6IzatgTCRtJ0HSNmm9VhsuA6
ygSumbyJVSdUMjyHF2DNMAqAvT7FwEJDtiJuU58DIWQs0TsdaHsnTjF8qGwPmCzY
KqWRKSPk05KknqpDHa/D0dNKMw9+BbERW6nrxoftSjULa0oQu0BhYSG0eIc9Api/
c4VUxF80OEppaXSQCs3fa+vUwRyM5p/mGpsdoCUTQ3PA4Kis0phwZm3KZ+at+cOh
EYMSvNcJz1a69c8oW/TitZ3t1EvPdCz514WjggFjB1pchWvy/nh/q/xBBVBVYtGx
/hE=
-----END CERTIFICATE-----