Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/evZPM2e_raQehYTYMPg5bI60sn4.roa
File:                     evZPM2e_raQehYTYMPg5bI60sn4.roa (raw, json)
Hash identifier:          Ov+JZlYVpK5sjLphnCvvL+EaP57l87EBURwP5loiVbU=
Subject key identifier:   7A:F6:4F:33:67:BF:AD:A4:1E:85:84:D8:30:F8:39:6C:8E:B4:B2:7E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018813BA31CECA336C1AE4047E1369A647B6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/evZPM2e_raQehYTYMPg5bI60sn4.roa
Signing time:             Sat 13 May 2023 06:09:09 +0000
ROA not before:           Sat 13 May 2023 06:09:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:13:ba:31:ce:ca:33:6c:1a:e4:04:7e:13:69:a6:47:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 13 06:09:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7af64f3367bfada41e8584d830f8396c8eb4b27e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8f:c9:c0:95:e3:fb:c7:e6:74:e5:bf:ef:70:
                    67:5d:ce:1a:cc:ca:9b:f6:d9:40:60:35:9b:c2:84:
                    b8:51:4d:1b:b4:5b:38:b2:65:8b:de:03:f9:4b:7d:
                    8f:9d:09:68:e4:6a:5a:0b:14:4e:d7:48:96:18:5b:
                    10:f7:a8:7c:fe:4c:4f:2b:cb:e8:53:b8:70:87:7f:
                    c9:58:89:7c:6e:64:78:b7:a2:8e:d0:f8:f5:e6:99:
                    77:9f:be:a4:cb:82:37:a0:e8:fa:89:5a:c8:45:69:
                    59:09:e1:10:ec:a9:53:e7:f5:71:de:dd:f0:e7:4f:
                    8b:a3:12:3f:59:d9:5c:c3:38:a4:db:94:84:8f:48:
                    3e:dd:48:26:46:78:9b:2e:fa:de:ac:05:b0:f2:df:
                    aa:b4:b8:60:9d:c3:1e:29:90:ee:d3:54:1a:97:27:
                    d8:c9:47:dc:92:b4:47:37:14:21:31:cb:07:3f:ae:
                    89:17:bd:ee:4b:30:d8:5f:fb:f1:ab:59:4e:b4:59:
                    e1:39:df:ed:cd:23:1d:d4:57:a9:75:65:07:3f:55:
                    a7:d4:09:d1:f1:70:ef:28:71:72:8f:ad:6b:2e:66:
                    f3:4d:f1:81:2d:5c:97:42:c5:c9:bd:58:b3:08:ab:
                    ce:cc:be:2d:73:a5:0a:55:5c:47:f4:7d:d6:9d:7f:
                    6d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F6:4F:33:67:BF:AD:A4:1E:85:84:D8:30:F8:39:6C:8E:B4:B2:7E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/evZPM2e_raQehYTYMPg5bI60sn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:62:d1:63:68:ab:82:7a:9f:ae:b5:2f:31:67:7e:7d:2b:22:
         b4:c2:a6:16:87:33:85:2b:a7:0e:ee:3b:01:6f:ab:fb:43:31:
         5a:e3:76:da:39:b3:b6:c7:5d:5e:65:4d:fc:24:8b:29:1c:8a:
         f9:88:f5:95:dc:ec:c9:c3:a7:8f:54:1f:d9:35:ec:83:b3:fb:
         f3:6b:45:13:aa:27:a8:42:21:39:ca:0e:f2:e5:cf:71:d8:bf:
         e6:2f:f1:74:f2:87:bc:32:27:a3:ab:3f:ce:b7:5e:33:e6:78:
         c2:48:62:c9:a5:64:2d:02:4f:bd:ec:11:fc:5e:2c:0b:1f:a4:
         9c:f8:cb:bc:a3:0a:a9:a3:e8:3f:ac:9e:19:e8:74:58:7e:ad:
         d3:f3:c8:e9:85:3b:7f:c5:24:03:ff:d9:26:6a:03:0d:2f:f3:
         c6:93:1b:e9:f4:d9:94:08:b8:70:83:77:f5:8b:8a:4b:3c:e5:
         7b:43:fa:f3:ba:cd:2a:a0:1c:d0:91:ba:1e:64:e1:e3:66:c8:
         45:9a:09:16:63:83:ef:95:3a:35:0c:73:97:d5:d4:7d:04:e8:
         cb:15:9d:ff:b6:8d:a9:a2:c7:d8:87:9e:c5:48:28:4e:04:ea:
         85:f5:0e:c1:ab:57:f7:33:17:cd:37:3b:d3:09:f9:59:ab:82:
         66:83:23:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgTujHOyjNsGuQEfhNppke2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTEzMDYwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY2NGYzMzY3YmZhZGE0MWU4NTg0ZDgzMGY4Mzk2YzhlYjRiMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio/JwJXj+8fmdOW/73BnXc4azMqb
9tlAYDWbwoS4UU0btFs4smWL3gP5S32PnQlo5GpaCxRO10iWGFsQ96h8/kxPK8vo
U7hwh3/JWIl8bmR4t6KO0Pj15pl3n76ky4I3oOj6iVrIRWlZCeEQ7KlT5/Vx3t3w
50+LoxI/Wdlcwzik25SEj0g+3UgmRnibLvrerAWw8t+qtLhgncMeKZDu01QalyfY
yUfckrRHNxQhMcsHP66JF73uSzDYX/vxq1lOtFnhOd/tzSMd1FepdWUHP1Wn1AnR
8XDvKHFyj61rLmbzTfGBLVyXQsXJvVizCKvOzL4tc6UKVVxH9H3WnX9tmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHr2TzNnv62kHoWE2DD4OWyOtLJ+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZXZaUE0yZV9yYVFlaFlUWU1QZzViSTYwc240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxi0WNoq4J6n661LzFn
fn0rIrTCphaHM4Urpw7uOwFvq/tDMVrjdto5s7bHXV5lTfwkiykcivmI9ZXc7MnD
p49UH9k17IOz+/NrRROqJ6hCITnKDvLlz3HYv+Yv8XTyh7wyJ6OrP863XjPmeMJI
YsmlZC0CT73sEfxeLAsfpJz4y7yjCqmj6D+snhnodFh+rdPzyOmFO3/FJAP/2SZq
Aw0v88aTG+n02ZQIuHCDd/WLiks85XtD+vO6zSqgHNCRuh5k4eNmyEWaCRZjg++V
OjUMc5fV1H0E6MsVnf+2jamix9iHnsVIKE4E6oX1DsGrV/czF803O9MJ+VmrgmaD
I+Y=
-----END CERTIFICATE-----