Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h6JBR7KhoQOVAdFX2-mLHnfnDgY.roa
File:                     h6JBR7KhoQOVAdFX2-mLHnfnDgY.roa (raw, json)
Hash identifier:          Byn+LuMXnhMN7zJY0B7w4apZUqEGi7ILjrK383Ad26c=
Subject key identifier:   87:A2:41:47:B2:A1:A1:03:95:01:D1:57:DB:E9:8B:1E:77:E7:0E:06
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018961CFBEE6303991D6E026A567E8CA0881
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h6JBR7KhoQOVAdFX2-mLHnfnDgY.roa
Signing time:             Mon 17 Jul 2023 03:05:51 +0000
ROA not before:           Mon 17 Jul 2023 03:05:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:189:61cf:1ba2/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:61:cf:be:e6:30:39:91:d6:e0:26:a5:67:e8:ca:08:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 17 03:05:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87a24147b2a1a1039501d157dbe98b1e77e70e06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:12:91:23:91:8c:c5:f1:b1:9e:4c:b8:2e:66:
                    31:db:35:bc:d1:a0:4c:3c:4f:65:7e:04:c6:2a:02:
                    ab:89:bf:16:20:6d:44:bf:f7:46:3d:8d:f6:2c:ea:
                    6e:58:f7:82:dd:fb:01:cf:60:04:e4:3e:0f:7e:53:
                    76:df:0f:88:b9:4d:a1:75:c1:31:14:23:9b:cf:50:
                    e8:a5:b1:78:e2:71:92:ac:73:89:4f:5c:03:5f:0a:
                    a5:e0:a9:86:f8:87:e1:90:c5:38:3d:1c:3a:88:9e:
                    50:9f:d2:e8:fa:dc:62:7a:a7:c0:63:5b:d9:b3:70:
                    73:c6:15:7e:b8:5f:26:87:7a:66:e9:31:7d:9a:4c:
                    1f:49:63:8d:f7:77:4e:61:7c:88:71:5d:0d:3a:55:
                    89:fa:46:b9:d1:2c:a9:02:1e:a4:2b:09:7b:91:db:
                    da:6b:15:04:ae:d9:06:57:2e:da:2a:1d:72:b9:e2:
                    85:02:e0:1f:5a:e4:3c:8c:8f:14:ee:8d:39:7c:2b:
                    9a:55:20:76:fa:32:9d:c7:2c:a9:8b:35:65:45:63:
                    ca:da:2e:1e:80:42:ec:49:2e:b4:69:97:fc:c6:96:
                    f4:d0:66:d5:73:78:3f:e7:f6:0f:b0:25:1d:15:bf:
                    65:00:3b:94:5c:6a:ee:2a:ab:76:bd:1b:c9:aa:0c:
                    b0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:A2:41:47:B2:A1:A1:03:95:01:D1:57:DB:E9:8B:1E:77:E7:0E:06
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h6JBR7KhoQOVAdFX2-mLHnfnDgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:d7:0b:be:a9:d2:37:04:6b:81:8d:fe:f1:f1:fd:15:d0:90:
         34:d7:24:89:d6:3d:ba:45:d7:d2:f8:87:ae:b4:06:3b:81:04:
         55:4a:c8:d9:d2:77:c3:61:ff:60:ce:cb:26:8c:b0:99:21:f8:
         a3:46:49:4f:88:76:0a:ad:79:e3:a5:e4:bf:15:fe:73:b9:4a:
         bf:01:da:73:2a:c1:7a:ef:b9:5e:b9:87:89:ae:0b:f6:85:ad:
         29:d6:27:fe:92:39:4c:cd:be:e5:56:0a:ab:c5:9f:75:92:56:
         b4:0b:04:9a:d3:fe:c2:ca:a9:07:4e:a1:0c:e6:16:91:f7:34:
         2b:86:5f:37:e8:a8:5c:a2:18:48:ea:2f:d9:f4:e8:36:53:83:
         28:7c:ef:e4:7c:02:d0:8b:93:f5:50:30:36:f2:31:bc:4a:43:
         c1:3d:27:e8:c3:05:df:16:18:b9:a3:54:ca:20:70:8e:ae:51:
         fb:72:2c:17:0f:84:85:ae:57:f2:4d:7e:1a:a9:57:1b:b0:ac:
         1a:f0:42:7a:3a:9a:2f:45:65:82:ef:61:b8:fa:03:d8:a3:94:
         7e:42:d0:e1:d9:61:45:40:70:65:17:74:84:74:f9:59:bf:9e:
         53:96:a6:9e:fe:d1:6e:7a:00:97:71:26:3a:3d:ae:c6:0e:79:
         87:72:87:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlhz77mMDmR1uAmpWfoygiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE3MDMwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2EyNDE0N2IyYTFhMTAzOTUwMWQxNTdkYmU5OGIxZTc3ZTcwZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxKRI5GMxfGxnky4LmYx2zW80aBM
PE9lfgTGKgKrib8WIG1Ev/dGPY32LOpuWPeC3fsBz2AE5D4PflN23w+IuU2hdcEx
FCObz1DopbF44nGSrHOJT1wDXwql4KmG+IfhkMU4PRw6iJ5Qn9Lo+txieqfAY1vZ
s3BzxhV+uF8mh3pm6TF9mkwfSWON93dOYXyIcV0NOlWJ+ka50SypAh6kKwl7kdva
axUErtkGVy7aKh1yueKFAuAfWuQ8jI8U7o05fCuaVSB2+jKdxyypizVlRWPK2i4e
gELsSS60aZf8xpb00GbVc3g/5/YPsCUdFb9lADuUXGruKqt2vRvJqgywkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIeiQUeyoaEDlQHRV9vpix535w4GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaDZKQlI3S2hvUU9WQWRGWDItbUxIbmZuRGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEzXC76p0jcEa4GN/vHx
/RXQkDTXJInWPbpF19L4h660BjuBBFVKyNnSd8Nh/2DOyyaMsJkh+KNGSU+Idgqt
eeOl5L8V/nO5Sr8B2nMqwXrvuV65h4muC/aFrSnWJ/6SOUzNvuVWCqvFn3WSVrQL
BJrT/sLKqQdOoQzmFpH3NCuGXzfoqFyiGEjqL9n06DZTgyh87+R8AtCLk/VQMDby
MbxKQ8E9J+jDBd8WGLmjVMogcI6uUftyLBcPhIWuV/JNfhqpVxuwrBrwQno6mi9F
ZYLvYbj6A9ijlH5C0OHZYUVAcGUXdIR0+Vm/nlOWpp7+0W56AJdxJjo9rsYOeYdy
h9o=
-----END CERTIFICATE-----