Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXSmdDch5ebAcExjEhyuEqGF6Q4.roa
File:                     bXSmdDch5ebAcExjEhyuEqGF6Q4.roa (raw, json)
Hash identifier:          lUTq1dKBYWjwe+9jGkRiMFKr+rQNWgMfJqfP5SsULeA=
Subject key identifier:   6D:74:A6:74:37:21:E5:E6:C0:70:4C:63:12:1C:AE:12:A1:85:E9:0E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01871B40D8F769F390CABEB687900D056E21
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXSmdDch5ebAcExjEhyuEqGF6Q4.roa
Signing time:             Sun 26 Mar 2023 00:10:47 +0000
ROA not before:           Sun 26 Mar 2023 00:10:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:1b:40:d8:f7:69:f3:90:ca:be:b6:87:90:0d:05:6e:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 26 00:10:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d74a6743721e5e6c0704c63121cae12a185e90e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f7:89:0f:f2:f4:7d:4a:88:14:39:c7:1c:1c:
                    7f:08:9c:24:a2:8a:51:68:f5:07:ec:c1:af:a8:cf:
                    27:a9:37:d5:33:5e:be:1d:46:09:a7:4e:63:ff:1a:
                    ed:9d:11:00:ab:c5:c5:64:f0:8f:69:f7:23:6d:bb:
                    01:9c:44:31:f0:44:51:b4:1e:b0:87:59:93:cc:4a:
                    b1:ea:c8:03:7c:d2:80:58:ae:e9:7d:58:07:3d:d8:
                    d7:36:b9:a0:ec:32:10:ae:4f:2d:d9:98:4d:62:70:
                    f2:10:1e:e4:d1:c9:c4:c4:c1:48:6e:7b:5c:ef:ee:
                    f0:2a:6a:f8:aa:54:61:32:68:e7:e4:56:d0:2a:25:
                    39:df:a5:b9:b7:4f:21:d3:04:80:71:66:8d:df:52:
                    05:95:4c:e5:53:dc:43:b8:e7:a9:b3:17:40:2d:cb:
                    1c:81:5d:82:7e:d9:e3:b1:e4:9e:9e:93:58:71:bb:
                    44:30:cf:15:40:33:a3:2d:62:33:99:2b:5a:4d:e6:
                    0a:d8:98:6d:7a:5c:b1:95:2e:58:e7:15:59:be:7e:
                    7b:6e:90:44:4c:1a:7a:11:d3:90:d3:99:a3:dd:64:
                    e1:28:7d:14:7d:ab:bc:22:4d:44:df:7f:78:31:13:
                    01:a7:75:d4:a7:25:95:88:ee:05:8d:d1:c5:da:11:
                    d0:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:74:A6:74:37:21:E5:E6:C0:70:4C:63:12:1C:AE:12:A1:85:E9:0E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXSmdDch5ebAcExjEhyuEqGF6Q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:5a:1d:7f:3f:7b:b1:2a:20:79:a9:d7:ea:b8:a5:a4:a8:14:
         95:e9:dd:51:25:84:34:3a:28:1b:3a:f0:c1:e8:5d:7d:03:32:
         b7:f6:c1:c6:b9:95:8f:e8:2b:c3:d6:eb:50:36:bf:f3:39:1b:
         ba:95:66:23:59:98:02:c5:04:b5:50:cb:cf:e9:72:10:ce:19:
         e7:39:3d:4e:49:2e:03:72:5e:4d:21:f3:31:a0:0b:31:e6:9f:
         df:b3:00:6f:b8:b5:9a:58:12:44:a6:60:c8:e1:23:b8:fc:55:
         46:16:93:6e:57:68:f4:53:d3:35:03:84:5a:84:eb:49:f7:db:
         18:e3:97:10:08:30:63:a5:71:de:27:a1:ba:d4:48:b8:f4:67:
         21:1f:d1:82:1c:24:0b:bd:a4:58:dd:67:f1:ff:c4:65:76:f5:
         df:55:81:d0:39:c3:05:be:ae:17:8e:45:da:d4:73:e2:9f:da:
         f9:42:06:d3:be:ab:ef:11:ad:1e:a3:61:00:05:c6:73:c3:64:
         9c:12:28:35:46:a8:b2:26:90:ee:d4:b6:38:e2:0d:88:e0:dd:
         e1:c8:b5:a5:eb:c9:5b:cf:66:c3:98:af:a6:73:ea:b7:c6:4d:
         9a:b5:c5:de:b0:64:a7:dd:85:15:08:b2:c0:a1:bd:2c:ec:12:
         91:9a:f4:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcbQNj3afOQyr62h5ANBW4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI2MDAxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc0YTY3NDM3MjFlNWU2YzA3MDRjNjMxMjFjYWUxMmExODVlOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/eJD/L0fUqIFDnHHBx/CJwkoopR
aPUH7MGvqM8nqTfVM16+HUYJp05j/xrtnREAq8XFZPCPafcjbbsBnEQx8ERRtB6w
h1mTzEqx6sgDfNKAWK7pfVgHPdjXNrmg7DIQrk8t2ZhNYnDyEB7k0cnExMFIbntc
7+7wKmr4qlRhMmjn5FbQKiU536W5t08h0wSAcWaN31IFlUzlU9xDuOepsxdALcsc
gV2CftnjseSenpNYcbtEMM8VQDOjLWIzmStaTeYK2JhtelyxlS5Y5xVZvn57bpBE
TBp6EdOQ05mj3WThKH0Ufau8Ik1E3394MRMBp3XUpyWViO4FjdHF2hHQ/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG10pnQ3IeXmwHBMYxIcrhKhhekOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYlhTbWREY2g1ZWJBY0V4akVoeXVFcUdGNlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALRaHX8/e7EqIHmp1+q4
paSoFJXp3VElhDQ6KBs68MHoXX0DMrf2wca5lY/oK8PW61A2v/M5G7qVZiNZmALF
BLVQy8/pchDOGec5PU5JLgNyXk0h8zGgCzHmn9+zAG+4tZpYEkSmYMjhI7j8VUYW
k25XaPRT0zUDhFqE60n32xjjlxAIMGOlcd4nobrUSLj0ZyEf0YIcJAu9pFjdZ/H/
xGV29d9VgdA5wwW+rheORdrUc+Kf2vlCBtO+q+8RrR6jYQAFxnPDZJwSKDVGqLIm
kO7UtjjiDYjg3eHItaXryVvPZsOYr6Zz6rfGTZq1xd6wZKfdhRUIssChvSzsEpGa
9HA=
-----END CERTIFICATE-----