Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bt7gyRoClQ_PxpsleblOweXEam4.roa
File:                     bt7gyRoClQ_PxpsleblOweXEam4.roa (raw, json)
Hash identifier:          ZVOghzUBtDHu9IXc9OQNybfRAS5L0bPlJFbfXMYcDLk=
Subject key identifier:   6E:DE:E0:C9:1A:02:95:0F:CF:C6:9B:25:79:B9:4E:C1:E5:C4:6A:6E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187123F8B456711660DEEF83E882B871435
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bt7gyRoClQ_PxpsleblOweXEam4.roa
Signing time:             Fri 24 Mar 2023 06:12:46 +0000
ROA not before:           Fri 24 Mar 2023 06:12:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:12:3f:8b:45:67:11:66:0d:ee:f8:3e:88:2b:87:14:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 24 06:12:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6edee0c91a02950fcfc69b2579b94ec1e5c46a6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a4:01:3e:de:ba:8e:4a:da:9f:c5:49:e3:da:
                    37:e8:64:fa:12:42:52:aa:45:e6:14:16:b8:c7:2d:
                    49:6f:7c:96:a8:72:37:b5:2b:93:47:e4:bd:5e:4d:
                    cd:21:28:1b:cf:b7:52:66:b0:e7:7b:d1:70:5b:06:
                    a9:4d:23:a7:fc:77:2a:90:44:86:be:90:db:75:60:
                    da:6d:34:fe:69:d7:be:16:27:ec:fc:0b:9e:d1:9f:
                    3b:1d:e6:a7:e7:56:b4:6f:39:7f:19:46:1d:f8:f7:
                    bb:4d:82:b6:ff:56:f5:55:8b:d0:cb:d6:9a:56:72:
                    df:80:f2:91:d6:4a:b4:3d:be:e7:37:d5:99:6e:fb:
                    57:2b:65:05:6f:fd:3a:c2:34:f4:53:1e:1b:ca:99:
                    f2:b6:e5:ab:f8:11:9f:f1:09:09:0a:18:33:9c:1b:
                    6a:38:8c:6a:5e:da:f5:41:47:e2:5f:38:de:95:f0:
                    1d:1e:44:45:86:de:31:d5:ef:6b:11:2f:9f:02:8a:
                    19:97:19:32:10:fc:6c:f3:99:89:23:ad:60:49:16:
                    83:31:8a:b2:30:f4:79:83:3c:00:e2:4d:db:a8:ea:
                    bd:fb:22:71:95:d3:f0:2c:f2:93:26:26:2a:84:b9:
                    a1:e2:78:36:eb:92:de:03:84:4a:84:b9:cc:45:95:
                    96:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:DE:E0:C9:1A:02:95:0F:CF:C6:9B:25:79:B9:4E:C1:E5:C4:6A:6E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bt7gyRoClQ_PxpsleblOweXEam4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:2c:17:11:02:32:47:1d:8f:49:39:d1:b5:3b:dd:dc:de:20:
         e4:05:30:e3:67:c1:e9:08:aa:b6:2c:1e:90:a4:3b:90:e7:e6:
         7c:30:42:63:fe:d1:ba:ad:7e:56:29:7e:d6:a3:ba:bb:5b:bf:
         fe:56:dd:14:99:54:06:4f:f5:27:61:0c:37:f8:4d:f3:45:55:
         2e:b1:a5:8c:5c:ed:af:8b:c9:b7:d9:e3:d5:fe:f8:ff:60:bb:
         48:56:7e:75:62:ac:c0:64:91:aa:d3:00:2a:c4:a1:b0:d0:5d:
         37:87:17:77:70:f3:69:0f:a8:f1:f5:83:7d:94:b4:0e:29:74:
         fa:71:ed:d0:99:cd:5f:83:61:c3:16:cc:cc:1e:12:b8:65:d3:
         65:65:1d:d9:7e:fe:3c:9a:aa:e2:1f:e8:5e:45:0b:90:1a:3e:
         e2:f3:07:97:6b:5c:d2:e3:24:5d:f8:cc:14:b9:09:2e:2a:17:
         29:7d:97:40:6a:72:6d:7d:17:77:c6:a4:07:a0:62:e5:9d:04:
         87:2e:45:9f:09:4f:89:ed:87:42:3f:46:94:f0:f7:d4:73:62:
         78:f5:19:c3:ed:33:62:4f:82:94:e8:84:65:56:99:ca:a1:56:
         d3:30:26:a1:94:4b:7e:c2:2b:fd:44:24:a3:58:80:73:98:7e:
         8e:64:e2:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcSP4tFZxFmDe74PogrhxQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI0MDYxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRlZTBjOTFhMDI5NTBmY2ZjNjliMjU3OWI5NGVjMWU1YzQ2YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraQBPt66jkran8VJ49o36GT6EkJS
qkXmFBa4xy1Jb3yWqHI3tSuTR+S9Xk3NISgbz7dSZrDne9FwWwapTSOn/HcqkESG
vpDbdWDabTT+ade+Fifs/Aue0Z87Hean51a0bzl/GUYd+Pe7TYK2/1b1VYvQy9aa
VnLfgPKR1kq0Pb7nN9WZbvtXK2UFb/06wjT0Ux4bypnytuWr+BGf8QkJChgznBtq
OIxqXtr1QUfiXzjelfAdHkRFht4x1e9rES+fAooZlxkyEPxs85mJI61gSRaDMYqy
MPR5gzwA4k3bqOq9+yJxldPwLPKTJiYqhLmh4ng265LeA4RKhLnMRZWWtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG7e4MkaApUPz8abJXm5TsHlxGpuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYnQ3Z3lSb0NsUV9QeHBzbGVibE93ZVhFYW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAcsFxECMkcdj0k50bU7
3dzeIOQFMONnwekIqrYsHpCkO5Dn5nwwQmP+0bqtflYpftajurtbv/5W3RSZVAZP
9SdhDDf4TfNFVS6xpYxc7a+LybfZ49X++P9gu0hWfnVirMBkkarTACrEobDQXTeH
F3dw82kPqPH1g32UtA4pdPpx7dCZzV+DYcMWzMweErhl02VlHdl+/jyaquIf6F5F
C5AaPuLzB5drXNLjJF34zBS5CS4qFyl9l0Bqcm19F3fGpAegYuWdBIcuRZ8JT4nt
h0I/RpTw99RzYnj1GcPtM2JPgpTohGVWmcqhVtMwJqGUS37CK/1EJKNYgHOYfo5k
4pY=
-----END CERTIFICATE-----