Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YYOH-FeUDU8etOQX7Y1jK9N_xjA.roa
File:                     YYOH-FeUDU8etOQX7Y1jK9N_xjA.roa (raw, json)
Hash identifier:          glBxf17uP8jXGnBNpzkJZc04g063IFeixRXn+NNNcCw=
Subject key identifier:   61:83:87:F8:57:94:0D:4F:1E:B4:E4:17:ED:8D:63:2B:D3:7F:C6:30
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186EF7C522CE37E233A61C5F1314D11D9F9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YYOH-FeUDU8etOQX7Y1jK9N_xjA.roa
Signing time:             Fri 17 Mar 2023 12:12:27 +0000
ROA not before:           Fri 17 Mar 2023 12:12:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:7c:52:2c:e3:7e:23:3a:61:c5:f1:31:4d:11:d9:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 17 12:12:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=618387f857940d4f1eb4e417ed8d632bd37fc630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5e:65:90:ec:d8:e3:d5:92:c1:78:c8:50:27:
                    e0:40:9d:00:d3:17:07:c6:96:9c:6b:44:e4:7c:47:
                    6d:7e:19:5c:96:13:ad:18:3b:ae:88:85:f7:c6:0d:
                    96:4a:8b:ec:9f:24:c3:1a:06:71:fd:0b:92:ee:f3:
                    86:2e:81:f8:81:65:33:fb:5a:04:18:b8:56:f7:4a:
                    a1:6e:75:15:b2:be:62:b9:f9:e0:4e:2b:e0:71:b6:
                    99:ab:62:72:2d:cf:f0:4a:d9:a1:69:71:4a:8e:5c:
                    de:a3:6e:54:c4:56:e7:17:62:d0:ef:23:80:1f:b7:
                    a6:26:3b:63:23:2f:db:b4:a0:02:e3:bc:ae:bd:80:
                    d3:09:f0:86:b4:14:8c:32:af:82:44:d2:5b:f2:28:
                    2a:cc:b0:e9:18:b4:f2:38:a4:d1:f7:70:97:89:52:
                    9e:39:ca:db:b4:82:b7:23:48:04:8a:d6:6f:70:c4:
                    db:57:94:2d:56:96:dc:3b:35:fb:fd:8c:cd:04:cf:
                    6c:c4:88:3c:02:ce:84:24:65:67:d6:14:88:9f:03:
                    de:6a:da:4a:97:9b:8c:a9:a9:18:95:fd:2f:76:47:
                    d6:0e:12:70:5b:c1:84:53:c2:0e:52:c8:7d:57:29:
                    74:6e:b7:96:4f:05:87:95:f1:1a:0a:1f:62:69:17:
                    d9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:83:87:F8:57:94:0D:4F:1E:B4:E4:17:ED:8D:63:2B:D3:7F:C6:30
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YYOH-FeUDU8etOQX7Y1jK9N_xjA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:4d:e1:5f:a1:e5:a5:67:76:8f:ab:4d:e6:05:1b:ae:3a:14:
         95:8c:81:eb:5b:03:56:1a:37:53:d7:f1:14:38:7f:be:9b:b9:
         c3:4e:5c:c5:0c:17:8c:44:9a:80:3a:01:67:e8:52:f9:3b:5f:
         83:01:c8:fe:d3:35:ec:21:df:54:f6:ff:52:81:6d:02:18:22:
         2f:56:3c:db:9b:a9:10:d7:ba:61:bf:06:cd:22:79:6a:17:ec:
         a4:c5:a0:7c:ae:e1:0e:61:b4:f6:a9:50:23:a7:8f:22:4c:61:
         f4:15:1a:7e:bc:45:dc:c1:a3:3a:14:aa:a3:43:ab:95:57:bc:
         81:d0:21:3c:76:a3:c3:ac:85:7d:d4:45:f1:a7:ca:98:d4:04:
         b3:87:ad:ef:23:41:ad:ac:a6:6a:4e:77:18:35:e7:d4:ad:c6:
         6d:c4:1d:15:38:90:40:01:10:27:84:e6:6b:53:7e:8b:3d:96:
         58:9e:2f:3a:72:55:fd:20:42:d2:59:df:91:7d:d2:2c:97:86:
         3d:5a:04:c9:39:f8:15:74:60:4a:f8:86:85:be:05:f8:77:a2:
         4b:95:20:ac:5f:c7:d1:2c:d8:2b:65:9e:aa:c1:4c:c1:d6:71:
         43:f6:a6:51:99:7e:59:13:91:3a:c5:ac:5f:1d:6d:bb:12:d1:
         5f:7d:8b:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbvfFIs434jOmHF8TFNEdn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE3MTIxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTgzODdmODU3OTQwZDRmMWViNGU0MTdlZDhkNjMyYmQzN2ZjNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF5lkOzY49WSwXjIUCfgQJ0A0xcH
xpaca0TkfEdtfhlclhOtGDuuiIX3xg2WSovsnyTDGgZx/QuS7vOGLoH4gWUz+1oE
GLhW90qhbnUVsr5iufngTivgcbaZq2JyLc/wStmhaXFKjlzeo25UxFbnF2LQ7yOA
H7emJjtjIy/btKAC47yuvYDTCfCGtBSMMq+CRNJb8igqzLDpGLTyOKTR93CXiVKe
OcrbtIK3I0gEitZvcMTbV5QtVpbcOzX7/YzNBM9sxIg8As6EJGVn1hSInwPeatpK
l5uMqakYlf0vdkfWDhJwW8GEU8IOUsh9Vyl0breWTwWHlfEaCh9iaRfZnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGDh/hXlA1PHrTkF+2NYyvTf8YwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWVlPSC1GZVVEVThldE9RWDdZMWpLOU5feGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAFN4V+h5aVndo+rTeYF
G646FJWMgetbA1YaN1PX8RQ4f76bucNOXMUMF4xEmoA6AWfoUvk7X4MByP7TNewh
31T2/1KBbQIYIi9WPNubqRDXumG/Bs0ieWoX7KTFoHyu4Q5htPapUCOnjyJMYfQV
Gn68RdzBozoUqqNDq5VXvIHQITx2o8OshX3URfGnypjUBLOHre8jQa2spmpOdxg1
59Stxm3EHRU4kEABECeE5mtTfos9llieLzpyVf0gQtJZ35F90iyXhj1aBMk5+BV0
YEr4hoW+Bfh3okuVIKxfx9Es2CtlnqrBTMHWcUP2plGZflkTkTrFrF8dbbsS0V99
ixU=
-----END CERTIFICATE-----