Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ce0MjgYdRrYDv8smVhKXl7SHmf4.roa
File:                     ce0MjgYdRrYDv8smVhKXl7SHmf4.roa (raw, json)
Hash identifier:          neR2AhRvIWK9CRXXdV7uxXxL6j91MY5Udu2Xzjnoi4M=
Subject key identifier:   71:ED:0C:8E:06:1D:46:B6:03:BF:CB:26:56:12:97:97:B4:87:99:FE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01875CE45C76DC590F49FE3F80BD32B0608F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ce0MjgYdRrYDv8smVhKXl7SHmf4.roa
Signing time:             Fri 07 Apr 2023 18:04:42 +0000
ROA not before:           Fri 07 Apr 2023 18:04:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:187:5ce3:e583/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5c:e4:5c:76:dc:59:0f:49:fe:3f:80:bd:32:b0:60:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  7 18:04:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71ed0c8e061d46b603bfcb2656129797b48799fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ea:ae:01:71:8c:75:df:0b:b3:36:41:a5:17:
                    2c:5e:94:27:75:7c:5b:79:02:fd:5b:41:52:c0:bb:
                    92:de:75:29:a0:0c:7b:65:30:3a:c8:51:09:c0:21:
                    04:c5:aa:b5:70:89:22:26:ae:7c:ab:28:e3:82:97:
                    50:cd:95:70:48:63:74:9b:3c:99:65:df:f5:24:8a:
                    da:8c:93:10:60:ad:19:84:15:97:07:00:50:77:c4:
                    d4:2a:96:a9:f7:0f:9f:14:ae:58:77:90:79:b1:eb:
                    36:21:b6:10:3d:ec:3b:35:40:c8:d9:18:22:f5:65:
                    a1:fd:7a:8a:4a:4b:15:b8:31:ba:63:09:87:b4:15:
                    cd:ad:99:ec:5c:c3:a6:b6:98:e1:3b:63:b3:41:7a:
                    17:08:7d:72:8f:9e:a4:30:4d:bd:bc:e8:51:d0:e9:
                    e5:7f:d9:65:8c:3d:bb:a1:e7:db:06:da:9d:ef:98:
                    b5:82:fe:56:4d:8c:0a:3b:14:c3:c7:0e:f1:d3:e6:
                    17:31:d7:ed:15:84:b3:c3:fc:3b:3b:d0:00:44:c7:
                    3f:e6:a3:58:8f:4c:9a:2c:07:87:c7:d4:df:09:40:
                    ac:8d:56:78:34:e7:1f:d3:46:14:a3:b0:a8:fd:7e:
                    8f:c1:9a:92:7c:97:04:df:46:d8:b2:07:2d:69:ce:
                    4a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:ED:0C:8E:06:1D:46:B6:03:BF:CB:26:56:12:97:97:B4:87:99:FE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ce0MjgYdRrYDv8smVhKXl7SHmf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:58:72:04:59:06:a2:f8:7f:3d:7e:77:15:ca:1c:e6:44:7c:
         8f:9d:50:59:c1:f4:e7:50:5d:eb:17:a1:50:24:58:83:e1:41:
         af:7b:b9:1f:1c:25:32:ef:ad:a6:da:28:c8:81:52:8c:fd:eb:
         99:d0:fc:17:0f:00:f3:fe:50:c4:0e:52:6b:72:07:d2:21:9d:
         57:37:d6:51:3f:61:a7:d7:fa:f7:f4:4c:bb:23:31:5c:eb:3b:
         b3:50:a3:f1:c3:f4:4e:54:15:2e:71:8c:a5:00:e2:32:65:9b:
         55:03:73:29:b6:94:8e:0a:c0:37:e1:81:20:54:4b:4c:9d:47:
         97:32:ec:2b:94:0c:84:c6:e8:df:4f:a1:76:5d:b6:e1:8a:23:
         1d:4f:90:c2:d8:e0:7a:d8:6d:86:8e:21:b7:f0:ed:11:23:0c:
         cf:53:6d:73:05:ff:91:78:1c:ee:2d:e2:9f:97:b0:88:6f:6b:
         e8:29:4d:e7:e5:d0:41:39:ad:39:fd:33:3f:5b:61:60:ee:67:
         5d:26:b4:de:74:1b:03:9c:2a:ed:c4:58:39:aa:7e:fe:c7:d8:
         4d:bd:31:61:3f:f3:3d:5e:8c:6d:e6:d7:46:f8:d2:be:8a:04:
         fe:06:04:74:bd:0f:28:78:e7:89:30:39:4d:34:f7:83:c9:23:
         ed:65:62:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdc5Fx23FkPSf4/gL0ysGCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA3MTgwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVkMGM4ZTA2MWQ0NmI2MDNiZmNiMjY1NjEyOTc5N2I0ODc5OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuquAXGMdd8LszZBpRcsXpQndXxb
eQL9W0FSwLuS3nUpoAx7ZTA6yFEJwCEExaq1cIkiJq58qyjjgpdQzZVwSGN0mzyZ
Zd/1JIrajJMQYK0ZhBWXBwBQd8TUKpap9w+fFK5Yd5B5ses2IbYQPew7NUDI2Rgi
9WWh/XqKSksVuDG6YwmHtBXNrZnsXMOmtpjhO2OzQXoXCH1yj56kME29vOhR0Onl
f9lljD27oefbBtqd75i1gv5WTYwKOxTDxw7x0+YXMdftFYSzw/w7O9AARMc/5qNY
j0yaLAeHx9TfCUCsjVZ4NOcf00YUo7Co/X6PwZqSfJcE30bYsgctac5KqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHHtDI4GHUa2A7/LJlYSl5e0h5n+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY2UwTWpnWWRScllEdjhzbVZoS1hsN1NIbWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALRYcgRZBqL4fz1+dxXK
HOZEfI+dUFnB9OdQXesXoVAkWIPhQa97uR8cJTLvrabaKMiBUoz965nQ/BcPAPP+
UMQOUmtyB9IhnVc31lE/YafX+vf0TLsjMVzrO7NQo/HD9E5UFS5xjKUA4jJlm1UD
cym2lI4KwDfhgSBUS0ydR5cy7CuUDITG6N9PoXZdtuGKIx1PkMLY4HrYbYaOIbfw
7REjDM9TbXMF/5F4HO4t4p+XsIhva+gpTefl0EE5rTn9Mz9bYWDuZ10mtN50GwOc
Ku3EWDmqfv7H2E29MWE/8z1ejG3m10b40r6KBP4GBHS9Dyh454kwOU0094PJI+1l
YuM=
-----END CERTIFICATE-----