Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d-JMIxgBt760pzi1tLKA3T_ytP0.roa
File:                     d-JMIxgBt760pzi1tLKA3T_ytP0.roa (raw, json)
Hash identifier:          8VULsN3RbE4tzyEIoOfENIXzCFr4IiyNtX6s+zuiuwA=
Subject key identifier:   77:E2:4C:23:18:01:B7:BE:B4:A7:38:B5:B4:B2:80:DD:3F:F2:B4:FD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187E56041178F7AC9A003E35BCF3E10697D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d-JMIxgBt760pzi1tLKA3T_ytP0.roa
Signing time:             Thu 04 May 2023 06:08:23 +0000
ROA not before:           Thu 04 May 2023 06:08:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e5:60:41:17:8f:7a:c9:a0:03:e3:5b:cf:3e:10:69:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  4 06:08:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77e24c231801b7beb4a738b5b4b280dd3ff2b4fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:95:af:2e:92:01:0e:f6:2c:e0:59:4f:0e:45:
                    23:2d:4b:41:ba:32:32:12:3a:34:37:1d:28:98:7d:
                    cb:85:72:0f:96:63:85:04:3c:ee:10:d6:6c:de:f3:
                    59:bd:41:d0:55:6f:92:d5:27:9d:c5:fe:c9:c1:f3:
                    cd:c9:f3:f9:55:7b:3e:49:94:11:4d:49:55:a7:71:
                    78:e0:d5:f7:e4:89:7c:53:d6:cd:01:e2:97:d6:69:
                    0d:f5:4f:c1:02:0e:53:5c:e1:ce:36:9d:91:c4:bd:
                    dc:b9:3a:17:36:99:69:4e:70:51:91:e4:03:02:69:
                    21:e0:ee:74:75:ac:ae:21:9e:2d:6e:24:69:c9:c2:
                    df:17:73:3e:e1:9b:1e:f3:fa:5d:a2:8a:f6:0a:c4:
                    ab:23:eb:a8:bb:d1:4b:52:a7:4b:e0:14:49:a6:0b:
                    20:cc:c2:2f:72:fe:a7:77:92:19:1f:13:db:ad:8d:
                    ed:e2:37:01:b3:e7:13:0e:7e:78:47:df:d2:3f:d2:
                    aa:c7:d2:18:41:a0:cb:47:45:a3:11:27:b8:93:19:
                    6f:db:9d:00:15:7c:68:d1:cf:14:a7:8e:48:b3:97:
                    5b:de:56:51:bd:ea:23:a1:fe:b2:c0:30:0e:0d:b1:
                    cc:3b:b4:b6:d6:7b:23:33:e6:14:a2:0a:69:c3:b3:
                    a9:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:E2:4C:23:18:01:B7:BE:B4:A7:38:B5:B4:B2:80:DD:3F:F2:B4:FD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d-JMIxgBt760pzi1tLKA3T_ytP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:71:58:97:b4:26:08:3e:13:e6:af:12:85:3c:6e:41:3f:9b:
         75:ce:a1:a6:41:55:28:62:cf:f7:be:09:53:4a:98:f5:c4:4d:
         48:5c:0b:ec:f4:90:8d:14:76:6e:cc:8f:f8:83:50:99:f1:b0:
         07:ff:c8:99:19:c3:a7:23:6b:d7:84:3b:82:e4:81:dc:6c:79:
         91:03:11:73:ff:3a:02:2d:28:89:87:80:1f:8a:03:8e:7e:1f:
         71:9b:92:76:c9:dd:98:9c:ce:b3:e5:88:72:07:6b:48:43:19:
         c1:43:21:0c:ad:2f:a6:e5:2b:cf:28:9d:f5:42:60:8e:18:c6:
         c1:79:1e:56:4c:46:6c:4d:ce:0f:33:71:cb:4d:31:8c:15:ee:
         04:04:f6:b1:0d:33:d6:4d:f4:1e:3d:41:55:10:2c:fd:a1:5c:
         c5:42:bf:12:b5:7f:5d:b8:cb:c5:46:52:ca:73:f4:26:92:db:
         e2:d3:60:c7:e4:bc:0d:da:0a:84:d9:8f:66:da:32:0c:06:03:
         be:9f:41:b8:78:cc:d2:fe:9d:59:6c:00:a4:4d:0f:da:0c:ef:
         8d:3c:cc:63:ce:6c:08:5d:0d:85:87:67:a7:f0:a7:bf:12:ff:
         e9:2d:7d:0a:8d:d4:6b:fb:d1:bb:a5:0e:29:b9:fc:ef:17:72:
         c0:a5:e1:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYflYEEXj3rJoAPjW88+EGl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA0MDYwODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2UyNGMyMzE4MDFiN2JlYjRhNzM4YjViNGIyODBkZDNmZjJiNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZWvLpIBDvYs4FlPDkUjLUtBujIy
Ejo0Nx0omH3LhXIPlmOFBDzuENZs3vNZvUHQVW+S1Sedxf7JwfPNyfP5VXs+SZQR
TUlVp3F44NX35Il8U9bNAeKX1mkN9U/BAg5TXOHONp2RxL3cuToXNplpTnBRkeQD
Amkh4O50dayuIZ4tbiRpycLfF3M+4Zse8/pdoor2CsSrI+uou9FLUqdL4BRJpgsg
zMIvcv6nd5IZHxPbrY3t4jcBs+cTDn54R9/SP9Kqx9IYQaDLR0WjESe4kxlv250A
FXxo0c8Up45Is5db3lZRveojof6ywDAODbHMO7S21nsjM+YUogppw7OpuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHfiTCMYAbe+tKc4tbSygN0/8rT9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZC1KTUl4Z0J0NzYwcHppMXRMS0EzVF95dFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGpxWJe0Jgg+E+avEoU8
bkE/m3XOoaZBVShiz/e+CVNKmPXETUhcC+z0kI0Udm7Mj/iDUJnxsAf/yJkZw6cj
a9eEO4LkgdxseZEDEXP/OgItKImHgB+KA45+H3GbknbJ3ZiczrPliHIHa0hDGcFD
IQytL6blK88onfVCYI4YxsF5HlZMRmxNzg8zcctNMYwV7gQE9rENM9ZN9B49QVUQ
LP2hXMVCvxK1f124y8VGUspz9CaS2+LTYMfkvA3aCoTZj2baMgwGA76fQbh4zNL+
nVlsAKRND9oM7408zGPObAhdDYWHZ6fwp78S/+ktfQqN1Gv70bulDim5/O8XcsCl
4TY=
-----END CERTIFICATE-----