Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cg0QeJpSGSV-2Fk1aJiqHfWcmDM.roa
File:                     cg0QeJpSGSV-2Fk1aJiqHfWcmDM.roa (raw, json)
Hash identifier:          kVw1Xt5o3ahfj8iqQ+ykumQ/LyAjSspYM/J9ijSpV3g=
Subject key identifier:   72:0D:10:78:9A:52:19:25:7E:D8:59:35:68:98:AA:1D:F5:9C:98:33
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01879BFED32170BCDC34E93F59A0EE8E07E0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cg0QeJpSGSV-2Fk1aJiqHfWcmDM.roa
Signing time:             Thu 20 Apr 2023 00:09:41 +0000
ROA not before:           Thu 20 Apr 2023 00:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9b:fe:d3:21:70:bc:dc:34:e9:3f:59:a0:ee:8e:07:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 20 00:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=720d10789a5219257ed859356898aa1df59c9833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:63:03:e7:5c:bf:51:8f:b1:d9:37:07:6a:1a:
                    bd:35:52:e7:1b:27:fc:2c:54:5a:75:c8:c8:7f:7e:
                    3e:6f:05:77:e2:da:d2:30:19:30:13:e7:b9:07:79:
                    66:f0:f5:00:69:68:68:d2:28:8e:17:b1:b6:88:20:
                    e1:92:af:eb:ab:d1:f5:79:e0:e0:e0:95:2e:59:26:
                    2b:a7:8f:ea:23:ea:38:5f:0a:4e:cb:52:82:58:81:
                    ee:46:8d:b6:ce:f7:67:cd:94:ad:59:81:60:67:c3:
                    c3:72:b5:dc:4c:b2:e3:56:ff:33:81:c7:c3:af:74:
                    42:39:ef:c2:87:01:5c:a7:e2:69:f2:72:30:c6:36:
                    bf:c3:dc:bc:6c:6a:7c:52:39:8e:38:d2:8a:86:f9:
                    ac:ca:0b:bd:53:9e:d9:e6:f8:39:98:0d:45:3c:81:
                    79:66:d6:96:7d:3b:c1:29:6c:51:fb:7c:97:16:9e:
                    5c:88:21:26:9d:28:2f:f0:8e:5f:1e:1c:7a:89:68:
                    02:fb:03:36:46:d0:3e:d6:1e:8a:cf:c7:29:6f:a6:
                    f1:bd:95:d8:28:2c:df:75:9f:03:8a:8f:ce:5d:88:
                    54:4f:ad:3b:d3:35:dd:fc:39:ca:69:ce:ff:ee:1a:
                    05:85:5a:9f:dd:bd:a1:f0:6d:37:49:2b:59:e4:1f:
                    4f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:0D:10:78:9A:52:19:25:7E:D8:59:35:68:98:AA:1D:F5:9C:98:33
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cg0QeJpSGSV-2Fk1aJiqHfWcmDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:f5:f2:9f:4e:d6:d5:7f:7e:38:68:c4:82:be:5d:56:d7:61:
         05:79:7b:54:02:03:a1:c2:23:73:8a:02:ac:3b:d3:a4:6d:ee:
         0c:5e:62:06:6f:02:cb:c5:fc:89:94:b9:0a:80:83:0a:f0:25:
         19:ff:cc:cf:36:12:f3:4e:2c:40:df:1d:47:b0:79:8d:66:30:
         6b:58:9f:6d:48:0a:2f:c2:7f:17:7e:63:82:8f:df:ef:30:0f:
         d2:60:66:c7:a5:2f:67:25:90:82:36:11:64:ee:3f:17:ca:f4:
         ea:c4:61:4f:7b:ca:a1:e2:2b:37:90:c1:94:08:19:12:ef:1a:
         5a:85:8e:c3:ac:de:74:22:4c:56:f0:9a:57:9f:ec:97:7e:d6:
         ce:4b:59:d2:5b:3b:16:6f:09:d0:ed:02:62:4e:77:24:e5:9b:
         9d:da:22:9e:29:86:3f:b8:86:7f:bc:d6:eb:4b:9f:06:27:01:
         f1:a5:fe:77:80:74:99:45:49:13:e3:54:6e:f6:c8:4f:a7:db:
         45:7c:5c:0c:68:69:bc:bf:3a:a3:32:27:09:f6:c6:6a:c5:48:
         66:ab:04:cb:ca:cf:1d:a2:ab:17:6e:c9:07:3a:8a:c7:c1:aa:
         45:e7:8b:0a:14:b5:b1:c2:90:7e:5e:89:af:e5:0b:b0:fb:6c:
         fa:c1:89:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeb/tMhcLzcNOk/WaDujgfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDIwMDAwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBkMTA3ODlhNTIxOTI1N2VkODU5MzU2ODk4YWExZGY1OWM5ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2MD51y/UY+x2TcHahq9NVLnGyf8
LFRadcjIf34+bwV34trSMBkwE+e5B3lm8PUAaWho0iiOF7G2iCDhkq/rq9H1eeDg
4JUuWSYrp4/qI+o4XwpOy1KCWIHuRo22zvdnzZStWYFgZ8PDcrXcTLLjVv8zgcfD
r3RCOe/ChwFcp+Jp8nIwxja/w9y8bGp8UjmOONKKhvmsygu9U57Z5vg5mA1FPIF5
ZtaWfTvBKWxR+3yXFp5ciCEmnSgv8I5fHhx6iWgC+wM2RtA+1h6Kz8cpb6bxvZXY
KCzfdZ8Dio/OXYhUT6070zXd/DnKac7/7hoFhVqf3b2h8G03SStZ5B9P8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHINEHiaUhklfthZNWiYqh31nJgzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY2cwUWVKcFNHU1YtMkZrMWFKaXFIZldjbURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKn18p9O1tV/fjhoxIK+
XVbXYQV5e1QCA6HCI3OKAqw706Rt7gxeYgZvAsvF/ImUuQqAgwrwJRn/zM82EvNO
LEDfHUeweY1mMGtYn21ICi/Cfxd+Y4KP3+8wD9JgZselL2clkII2EWTuPxfK9OrE
YU97yqHiKzeQwZQIGRLvGlqFjsOs3nQiTFbwmlef7Jd+1s5LWdJbOxZvCdDtAmJO
dyTlm53aIp4phj+4hn+81utLnwYnAfGl/neAdJlFSRPjVG72yE+n20V8XAxoaby/
OqMyJwn2xmrFSGarBMvKzx2iqxduyQc6isfBqkXniwoUtbHCkH5eia/lC7D7bPrB
iUs=
-----END CERTIFICATE-----