Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fr69p3MvB4f2lbvmBOfKBj1cqt0.roa
File:                     fr69p3MvB4f2lbvmBOfKBj1cqt0.roa (raw, json)
Hash identifier:          8VOmPArIN98JZDGgPbnGFbO8rMkERC+d07FllqCAAcU=
Subject key identifier:   7E:BE:BD:A7:73:2F:07:87:F6:95:BB:E6:04:E7:CA:06:3D:5C:AA:DD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187C154EEDA0F2591DE603A0D3D9EA2173F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fr69p3MvB4f2lbvmBOfKBj1cqt0.roa
Signing time:             Thu 27 Apr 2023 06:09:41 +0000
ROA not before:           Thu 27 Apr 2023 06:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c1:54:ee:da:0f:25:91:de:60:3a:0d:3d:9e:a2:17:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 27 06:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ebebda7732f0787f695bbe604e7ca063d5caadd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:04:d5:19:6c:a7:85:01:f3:31:a9:ef:d9:8c:
                    79:23:5e:95:36:8b:c1:04:ff:b9:4a:50:17:d6:12:
                    61:a7:35:d0:90:84:a3:f8:58:23:9e:e2:50:87:50:
                    e0:47:34:20:db:8a:c2:6a:06:ec:01:70:6b:2c:5b:
                    9f:e5:66:f6:76:c9:02:fb:73:45:45:bb:49:92:26:
                    7b:29:e0:e1:12:df:b9:77:97:0d:7e:e5:93:9a:52:
                    2e:ee:81:49:8e:18:4f:44:df:ea:80:ed:04:ba:f1:
                    eb:ac:15:1f:cb:cb:ed:2a:92:49:cd:cb:4e:2e:cf:
                    2a:54:25:60:be:d9:a1:ce:79:dc:34:22:d1:af:ad:
                    ee:93:c8:d4:24:ba:f6:b9:8b:65:6e:10:0b:3d:0e:
                    5b:27:19:1b:43:d5:63:32:1d:d2:e0:e4:6a:b3:05:
                    65:3d:6c:b8:18:07:b3:9e:60:5d:97:69:60:7f:f5:
                    1a:ff:83:c7:ce:0d:fe:86:96:1d:21:e9:ba:a6:e3:
                    b2:ee:18:ee:b4:6f:4d:b0:a8:15:c6:65:2e:7d:9f:
                    f7:b9:b7:26:67:12:b0:0c:32:71:99:90:ef:cc:67:
                    32:68:4b:53:f6:4b:4b:56:c1:a5:a4:6e:2a:11:7f:
                    dc:7d:c5:7f:6e:17:bb:00:c1:c2:7a:ce:90:94:36:
                    c9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:BE:BD:A7:73:2F:07:87:F6:95:BB:E6:04:E7:CA:06:3D:5C:AA:DD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fr69p3MvB4f2lbvmBOfKBj1cqt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:b7:8b:42:e6:cd:0a:9d:fc:9b:e2:5b:de:67:29:81:05:50:
         eb:25:7d:da:ed:4a:c5:00:8e:f8:3a:71:b3:bf:4a:bb:65:bd:
         24:e4:d2:5e:9b:b9:22:93:a0:7c:8b:5d:19:29:bd:a6:de:0e:
         b0:63:f7:b2:38:a7:30:83:b1:82:9c:e2:27:53:7b:4d:a6:40:
         ac:be:01:49:61:97:13:92:a7:df:5f:aa:67:63:66:93:58:8d:
         01:22:ad:f3:44:e3:de:a3:74:e0:1e:94:44:c7:4f:d1:ec:6f:
         75:b6:63:ac:a0:62:6c:3b:87:ce:46:0b:a7:1b:f1:1d:47:a5:
         c8:3e:c7:e7:45:58:48:06:5f:f6:5b:c5:7b:17:15:87:7c:2b:
         6e:99:e1:0e:99:46:97:eb:8d:c7:8d:00:4e:48:03:35:f9:fa:
         c3:a7:bf:3a:ba:fd:8a:78:ad:63:ee:20:60:38:33:6f:2f:3e:
         d4:0d:07:42:a2:f1:b3:ba:26:d9:3c:50:ee:b5:9b:21:ca:42:
         d8:9b:6f:0f:17:40:78:ba:b9:31:f3:f0:46:6c:75:24:4b:4f:
         ac:54:3a:25:b2:33:6c:a4:61:46:16:4b:e2:e2:25:65:cc:0c:
         81:68:b2:4e:da:1b:7a:42:85:48:2b:06:a7:3c:80:c0:cb:1f:
         64:32:80:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfBVO7aDyWR3mA6DT2eohc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI3MDYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWJlYmRhNzczMmYwNzg3ZjY5NWJiZTYwNGU3Y2EwNjNkNWNhYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgTVGWynhQHzManv2Yx5I16VNovB
BP+5SlAX1hJhpzXQkISj+FgjnuJQh1DgRzQg24rCagbsAXBrLFuf5Wb2dskC+3NF
RbtJkiZ7KeDhEt+5d5cNfuWTmlIu7oFJjhhPRN/qgO0EuvHrrBUfy8vtKpJJzctO
Ls8qVCVgvtmhznncNCLRr63uk8jUJLr2uYtlbhALPQ5bJxkbQ9VjMh3S4ORqswVl
PWy4GAeznmBdl2lgf/Ua/4PHzg3+hpYdIem6puOy7hjutG9NsKgVxmUufZ/3ubcm
ZxKwDDJxmZDvzGcyaEtT9ktLVsGlpG4qEX/cfcV/bhe7AMHCes6QlDbJ7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH6+vadzLweH9pW75gTnygY9XKrdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZnI2OXAzTXZCNGYybGJ2bUJPZktCajFjcXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEa3i0LmzQqd/JviW95n
KYEFUOslfdrtSsUAjvg6cbO/SrtlvSTk0l6buSKToHyLXRkpvabeDrBj97I4pzCD
sYKc4idTe02mQKy+AUlhlxOSp99fqmdjZpNYjQEirfNE496jdOAelETHT9Hsb3W2
Y6ygYmw7h85GC6cb8R1Hpcg+x+dFWEgGX/ZbxXsXFYd8K26Z4Q6ZRpfrjceNAE5I
AzX5+sOnvzq6/Yp4rWPuIGA4M28vPtQNB0Ki8bO6Jtk8UO61myHKQtibbw8XQHi6
uTHz8EZsdSRLT6xUOiWyM2ykYUYWS+LiJWXMDIFosk7aG3pChUgrBqc8gMDLH2Qy
gMg=
-----END CERTIFICATE-----