Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYm7f7Xj-TDGh2gsAKpMgRJegd0.roa
File:                     ZYm7f7Xj-TDGh2gsAKpMgRJegd0.roa (raw, json)
Hash identifier:          niqYDwv1Y1U0WKZ0oJY51fLsBwbR2Uz0z9Tqlgtq4og=
Subject key identifier:   65:89:BB:7F:B5:E3:F9:30:C6:87:68:2C:00:AA:4C:81:12:5E:81:DD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188662117E27D5532EDE8DE3BC635E54CDA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYm7f7Xj-TDGh2gsAKpMgRJegd0.roa
Signing time:             Mon 29 May 2023 06:10:24 +0000
ROA not before:           Mon 29 May 2023 06:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:66:21:17:e2:7d:55:32:ed:e8:de:3b:c6:35:e5:4c:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 29 06:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6589bb7fb5e3f930c687682c00aa4c81125e81dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c6:74:1c:55:72:c2:b6:db:89:20:04:58:7b:
                    8c:06:27:6c:1b:84:39:ec:c9:68:9d:57:bd:77:1d:
                    25:39:0a:5a:d8:19:1c:7b:55:08:1f:93:99:f6:c3:
                    cc:b5:28:ba:63:e4:c4:89:6d:03:9f:92:56:16:ac:
                    0a:29:9f:a0:59:a9:f5:c2:ea:99:e8:f5:42:da:a5:
                    23:71:b6:04:20:3f:46:18:19:8f:4c:f2:48:da:24:
                    69:b2:96:f8:88:6b:d1:d1:09:e4:11:64:f1:16:f6:
                    8a:86:b3:d8:ab:dd:8d:c7:91:4d:ed:75:0a:46:40:
                    a0:77:68:ad:41:f1:fd:84:ed:4f:6e:70:4c:fa:88:
                    1b:ae:5b:37:c5:2f:d2:d0:a2:87:db:6d:fc:17:bc:
                    f2:44:ad:f0:ca:37:3f:a4:4b:70:63:af:9c:0e:f3:
                    ac:4f:e0:6e:f6:44:3a:54:34:52:9c:81:2a:20:55:
                    d2:d1:de:6e:02:ce:63:cc:c7:1b:eb:0a:44:bd:7d:
                    6d:1a:ce:e5:ec:3d:1d:ef:b8:63:63:29:cc:d8:fb:
                    44:76:2e:98:d0:f2:94:55:c0:35:5c:fa:86:2a:24:
                    89:72:e4:cb:f8:52:f3:78:56:72:bc:59:06:95:d7:
                    ef:46:80:a6:00:88:66:99:83:92:81:49:6c:af:e4:
                    66:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:89:BB:7F:B5:E3:F9:30:C6:87:68:2C:00:AA:4C:81:12:5E:81:DD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYm7f7Xj-TDGh2gsAKpMgRJegd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:b6:3e:54:67:fa:24:7f:03:da:70:61:16:08:52:ee:9c:f1:
         bf:51:49:2b:7b:dd:a0:b2:9a:88:42:0d:ba:4d:6e:35:91:1f:
         45:c2:9a:af:56:56:59:44:4d:4a:57:98:60:27:df:c6:38:1e:
         6b:53:9d:fc:72:35:26:76:3e:ce:40:14:1d:d6:81:54:c5:f4:
         a6:8b:72:c9:fc:33:57:23:2a:3f:ab:39:43:7b:07:b8:49:ac:
         c1:8a:c6:65:ae:23:ed:5e:43:83:41:7b:43:d7:09:70:64:d6:
         3e:c1:c7:ef:05:28:3b:ec:c7:54:7d:62:10:40:7f:9f:53:0e:
         a2:a2:1f:69:01:13:b2:1d:c2:c2:d8:79:fd:eb:24:0f:49:4c:
         50:07:5b:97:4b:5f:71:5f:c3:d0:f9:f6:a7:42:1b:0f:14:3d:
         e8:9f:97:87:15:b0:73:d4:5b:be:37:42:f8:80:ec:93:db:9a:
         bc:98:8e:c5:1e:db:3a:96:9d:bb:7d:64:3b:0f:39:d3:91:15:
         42:40:31:4b:c8:58:b4:ba:41:45:df:d9:51:de:64:fe:89:ca:
         da:91:09:37:4b:f9:db:05:ff:e7:a8:6b:75:ab:36:89:4d:b5:
         d6:c8:c3:1b:78:7e:c2:7c:77:fb:16:5b:51:16:ee:14:45:e8:
         cb:61:b7:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhmIRfifVUy7ejeO8Y15UzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI5MDYxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg5YmI3ZmI1ZTNmOTMwYzY4NzY4MmMwMGFhNGM4MTEyNWU4MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMZ0HFVywrbbiSAEWHuMBidsG4Q5
7MlonVe9dx0lOQpa2Bkce1UIH5OZ9sPMtSi6Y+TEiW0Dn5JWFqwKKZ+gWan1wuqZ
6PVC2qUjcbYEID9GGBmPTPJI2iRpspb4iGvR0QnkEWTxFvaKhrPYq92Nx5FN7XUK
RkCgd2itQfH9hO1PbnBM+ogbrls3xS/S0KKH2238F7zyRK3wyjc/pEtwY6+cDvOs
T+Bu9kQ6VDRSnIEqIFXS0d5uAs5jzMcb6wpEvX1tGs7l7D0d77hjYynM2PtEdi6Y
0PKUVcA1XPqGKiSJcuTL+FLzeFZyvFkGldfvRoCmAIhmmYOSgUlsr+RmQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWJu3+14/kwxodoLACqTIESXoHdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWlltN2Y3WGotVERHaDJnc0FLcE1nUkplZ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHy2PlRn+iR/A9pwYRYI
Uu6c8b9RSSt73aCymohCDbpNbjWRH0XCmq9WVllETUpXmGAn38Y4HmtTnfxyNSZ2
Ps5AFB3WgVTF9KaLcsn8M1cjKj+rOUN7B7hJrMGKxmWuI+1eQ4NBe0PXCXBk1j7B
x+8FKDvsx1R9YhBAf59TDqKiH2kBE7IdwsLYef3rJA9JTFAHW5dLX3Ffw9D59qdC
Gw8UPeifl4cVsHPUW743QviA7JPbmryYjsUe2zqWnbt9ZDsPOdORFUJAMUvIWLS6
QUXf2VHeZP6JytqRCTdL+dsF/+eoa3WrNolNtdbIwxt4fsJ8d/sWW1EW7hRF6Mth
t/Q=
-----END CERTIFICATE-----