Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dD6KateDuFZS0dZbMgQlh461pf4.roa
File:                     dD6KateDuFZS0dZbMgQlh461pf4.roa (raw, json)
Hash identifier:          sFWetH0W7qWzKr6JjvafFLJZLcbQ3MlYRSV15cOxtT4=
Subject key identifier:   74:3E:8A:6A:D7:83:B8:56:52:D1:D6:5B:32:04:25:87:8E:B5:A5:FE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188D50FCAEACCFD5CD7172ED7E24B81C08F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dD6KateDuFZS0dZbMgQlh461pf4.roa
Signing time:             Mon 19 Jun 2023 19:09:21 +0000
ROA not before:           Mon 19 Jun 2023 19:09:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d5:0f:ca:ea:cc:fd:5c:d7:17:2e:d7:e2:4b:81:c0:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 19 19:09:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=743e8a6ad783b85652d1d65b320425878eb5a5fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:f5:41:3e:85:91:ba:c8:0a:b9:92:6a:d7:
                    7d:5f:7e:86:9d:ec:56:b0:90:a7:d6:c3:3a:26:0a:
                    48:6f:f5:e3:7f:7f:00:27:ca:b2:bf:7b:b7:58:16:
                    dc:db:7e:6e:1a:e9:7c:68:03:a3:31:12:b4:55:61:
                    4f:b3:2b:d8:21:7b:e1:b0:8e:9a:71:3f:97:8b:56:
                    55:33:ba:92:b2:13:a6:58:41:b1:98:e9:69:31:61:
                    3a:f4:1e:c2:dd:aa:b0:c9:19:03:dc:0c:06:3f:fd:
                    d1:13:99:94:4c:cd:32:f1:fb:6d:63:ef:0b:29:1f:
                    cc:2d:d5:9b:fe:6a:f8:3a:ef:73:4f:55:51:28:32:
                    43:90:96:f2:59:23:47:c5:be:13:6d:a1:0d:44:e5:
                    fb:99:62:bd:fb:1d:38:bd:6b:00:48:bd:ac:d4:36:
                    72:f6:d9:a5:c4:78:59:f6:66:83:b8:1a:7e:8a:69:
                    6f:d3:ff:ec:3d:29:ab:4f:4d:aa:b4:7f:47:0b:a0:
                    6e:5b:53:e1:c2:6c:57:bc:92:2c:f0:4e:81:01:9c:
                    80:ed:87:2a:1d:2b:a1:81:e7:e2:ae:6b:8f:c0:6b:
                    b6:b4:41:62:53:b7:54:86:8e:d3:22:77:7c:63:55:
                    3c:62:95:a5:a1:37:37:e7:09:d4:ac:22:18:c7:05:
                    a2:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3E:8A:6A:D7:83:B8:56:52:D1:D6:5B:32:04:25:87:8E:B5:A5:FE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dD6KateDuFZS0dZbMgQlh461pf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:8c:ae:01:49:82:72:70:dd:89:15:c7:9a:7e:c7:a6:53:68:
         c8:07:a6:68:d6:e4:9e:ec:84:a4:7a:b0:6a:79:5e:17:04:ea:
         be:32:2e:f9:de:9e:4d:ab:5f:fc:f0:19:f2:1d:c1:b5:f8:d6:
         b6:84:f8:37:68:ec:1f:b4:5f:e2:78:22:38:5d:bf:70:4c:13:
         da:6d:8c:a5:7d:69:48:14:24:f3:a2:dd:b3:0f:3b:9e:f5:a2:
         c3:fa:b4:90:30:b5:cf:da:ae:4d:62:7f:72:2c:a5:25:43:4f:
         45:0e:5f:e3:bc:5d:ba:e6:6b:cd:80:87:74:15:cd:d8:a6:8c:
         ad:55:4d:2c:7f:c1:d5:2b:33:72:ba:c0:71:46:a2:ba:74:22:
         d9:f8:e0:9b:5e:73:d6:42:71:42:65:f5:d1:58:f4:1d:9b:a6:
         36:47:13:26:f3:d5:da:38:f7:9d:6a:a0:4a:ae:7d:ab:16:30:
         b5:33:7f:63:11:ed:74:e0:0b:87:20:6d:ab:4b:b5:e5:5e:a5:
         5e:07:b7:91:8a:bc:e2:82:83:0e:a9:0a:be:96:60:8f:ee:1e:
         9b:f5:36:c1:c8:b2:d8:a8:7f:10:f8:2b:6e:fa:09:5e:a2:79:
         4a:29:5c:0c:88:b7:d8:8e:5b:0a:c8:2f:34:f4:9a:56:5d:24:
         d8:0a:51:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjVD8rqzP1c1xcu1+JLgcCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE5MTkwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNlOGE2YWQ3ODNiODU2NTJkMWQ2NWIzMjA0MjU4NzhlYjVhNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGH1QT6FkbrICrmSatd9X36GnexW
sJCn1sM6JgpIb/Xjf38AJ8qyv3u3WBbc235uGul8aAOjMRK0VWFPsyvYIXvhsI6a
cT+Xi1ZVM7qSshOmWEGxmOlpMWE69B7C3aqwyRkD3AwGP/3RE5mUTM0y8fttY+8L
KR/MLdWb/mr4Ou9zT1VRKDJDkJbyWSNHxb4TbaENROX7mWK9+x04vWsASL2s1DZy
9tmlxHhZ9maDuBp+imlv0//sPSmrT02qtH9HC6BuW1PhwmxXvJIs8E6BAZyA7Ycq
HSuhgefirmuPwGu2tEFiU7dUho7TInd8Y1U8YpWloTc35wnUrCIYxwWiBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHQ+imrXg7hWUtHWWzIEJYeOtaX+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZEQ2S2F0ZUR1RlpTMGRaYk1nUWxoNDYxcGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAESMrgFJgnJw3YkVx5p+
x6ZTaMgHpmjW5J7shKR6sGp5XhcE6r4yLvnenk2rX/zwGfIdwbX41raE+Ddo7B+0
X+J4Ijhdv3BME9ptjKV9aUgUJPOi3bMPO571osP6tJAwtc/ark1if3IspSVDT0UO
X+O8Xbrma82Ah3QVzdimjK1VTSx/wdUrM3K6wHFGorp0Itn44Jtec9ZCcUJl9dFY
9B2bpjZHEybz1do4951qoEqufasWMLUzf2MR7XTgC4cgbatLteVepV4Ht5GKvOKC
gw6pCr6WYI/uHpv1NsHIstiofxD4K276CV6ieUopXAyIt9iOWwrILzT0mlZdJNgK
UXE=
-----END CERTIFICATE-----