Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bU8mCNXOdt5QS5cRR7Am23fuEM0.roa
File:                     bU8mCNXOdt5QS5cRR7Am23fuEM0.roa (raw, json)
Hash identifier:          PUtWQRSuTUJQ8KEec8QI+41GPTfwvyAPukvmVwZmBxE=
Subject key identifier:   6D:4F:26:08:D5:CE:76:DE:50:4B:97:11:47:B0:26:DB:77:EE:10:CD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187571CDFA05007DEFF3849FEBFA49BCE5A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bU8mCNXOdt5QS5cRR7Am23fuEM0.roa
Signing time:             Thu 06 Apr 2023 15:08:42 +0000
ROA not before:           Thu 06 Apr 2023 15:08:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:57:1c:df:a0:50:07:de:ff:38:49:fe:bf:a4:9b:ce:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  6 15:08:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d4f2608d5ce76de504b971147b026db77ee10cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5d:76:ba:9a:9f:02:3d:a0:2a:ca:34:47:7a:
                    b4:61:b3:da:49:0a:a5:75:a8:a9:10:93:a8:e3:26:
                    a7:4f:8a:69:e0:b0:c7:ea:a2:2f:a9:2f:a6:b8:b5:
                    36:7e:f7:27:92:f2:3b:2f:91:6f:3a:30:fc:20:d4:
                    23:48:d1:c2:c8:86:01:2f:5f:db:98:d9:d5:4a:cd:
                    1c:a1:26:dd:9e:f2:04:58:59:63:17:6a:d2:b8:53:
                    77:ba:64:1e:77:8b:69:85:e3:53:6b:e3:24:d6:84:
                    d9:f0:ac:6f:08:33:90:37:a4:78:f5:5a:49:45:4e:
                    56:e1:43:a4:53:7a:c2:67:9f:1d:36:79:cc:e8:15:
                    ef:3c:63:c0:34:ea:26:fd:4c:77:9d:65:87:e6:63:
                    98:59:d6:fd:0e:2f:bd:1f:17:b0:50:fd:2b:1b:86:
                    5f:a3:2b:34:bb:26:ee:99:c3:a8:a8:aa:89:83:a4:
                    88:5b:85:c5:44:79:f8:7a:06:49:0f:7a:fe:7a:9a:
                    e7:66:e9:bf:68:85:01:b2:bb:e7:c6:4c:47:63:cc:
                    48:74:0d:0f:d0:c4:aa:c5:4c:7b:fd:bf:af:db:0e:
                    4b:3a:e7:07:ea:51:23:88:40:37:df:21:96:d2:13:
                    41:33:28:18:58:af:f8:d5:18:51:41:52:e6:70:a0:
                    2b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:4F:26:08:D5:CE:76:DE:50:4B:97:11:47:B0:26:DB:77:EE:10:CD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bU8mCNXOdt5QS5cRR7Am23fuEM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:f1:de:16:5e:55:e5:fb:5e:73:b0:a4:5f:c9:1e:1e:f3:aa:
         b9:2b:3d:17:d3:d4:14:78:f7:34:1b:d0:59:39:f7:d2:c5:7a:
         81:06:08:65:5a:a0:34:4a:73:b7:22:3d:b2:2d:b3:97:ed:88:
         e4:79:bf:d6:e1:06:ce:50:83:e2:71:a0:5c:70:6b:39:f7:b9:
         4f:92:f6:9c:00:e4:38:97:92:b5:56:bc:86:20:c2:87:cb:12:
         34:0e:f1:b0:a3:5f:00:9c:37:46:62:b2:5e:eb:a1:7e:b3:87:
         e6:07:c6:db:94:92:17:4d:4f:2b:df:8d:9b:67:0a:ee:77:81:
         c0:de:21:ec:11:ff:6e:b0:84:37:38:a8:cf:0d:ae:f7:65:82:
         a4:c0:20:b4:cb:55:94:b4:3f:96:80:a8:82:42:df:83:27:b3:
         18:ad:f9:ae:58:c4:9c:a5:bc:ef:9d:ee:cb:ac:48:bc:36:4e:
         c9:83:94:f3:aa:ac:7e:73:e3:77:72:17:38:03:4c:52:ff:b7:
         1f:3d:33:31:2f:52:67:82:7c:6f:65:35:0d:2a:fb:6d:54:8a:
         6d:5f:64:0f:b5:8d:4a:04:1a:ef:04:73:2c:55:48:66:d7:35:
         ce:5e:49:af:fd:e5:68:36:ee:9c:2a:6d:30:68:3b:cd:0a:d8:
         12:6e:a5:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdXHN+gUAfe/zhJ/r+km85aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA2MTUwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRmMjYwOGQ1Y2U3NmRlNTA0Yjk3MTE0N2IwMjZkYjc3ZWUxMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk112upqfAj2gKso0R3q0YbPaSQql
daipEJOo4yanT4pp4LDH6qIvqS+muLU2fvcnkvI7L5FvOjD8INQjSNHCyIYBL1/b
mNnVSs0coSbdnvIEWFljF2rSuFN3umQed4tpheNTa+Mk1oTZ8KxvCDOQN6R49VpJ
RU5W4UOkU3rCZ58dNnnM6BXvPGPANOom/Ux3nWWH5mOYWdb9Di+9HxewUP0rG4Zf
oys0uybumcOoqKqJg6SIW4XFRHn4egZJD3r+eprnZum/aIUBsrvnxkxHY8xIdA0P
0MSqxUx7/b+v2w5LOucH6lEjiEA33yGW0hNBMygYWK/41RhRQVLmcKArkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1PJgjVznbeUEuXEUewJtt37hDNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYlU4bUNOWE9kdDVRUzVjUlI3QW0yM2Z1RU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLx3hZeVeX7XnOwpF/J
Hh7zqrkrPRfT1BR49zQb0Fk599LFeoEGCGVaoDRKc7ciPbIts5ftiOR5v9bhBs5Q
g+JxoFxwazn3uU+S9pwA5DiXkrVWvIYgwofLEjQO8bCjXwCcN0Zisl7roX6zh+YH
xtuUkhdNTyvfjZtnCu53gcDeIewR/26whDc4qM8NrvdlgqTAILTLVZS0P5aAqIJC
34Mnsxit+a5YxJylvO+d7susSLw2TsmDlPOqrH5z43dyFzgDTFL/tx89MzEvUmeC
fG9lNQ0q+21Uim1fZA+1jUoEGu8EcyxVSGbXNc5eSa/95Wg27pwqbTBoO80K2BJu
pQU=
-----END CERTIFICATE-----