Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iuTEd_a9bL_Sj5dPMJrZN5FpcGU.roa
File:                     iuTEd_a9bL_Sj5dPMJrZN5FpcGU.roa (raw, json)
Hash identifier:          F4XxmS/yUUX11UlhvQ9tRgDXPHzw5Zzo+0R0/lAHeJk=
Subject key identifier:   8A:E4:C4:77:F6:BD:6C:BF:D2:8F:97:4F:30:9A:D9:37:91:69:70:65
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187BEF41C804AEAA30DE69F36E8C4854AC0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iuTEd_a9bL_Sj5dPMJrZN5FpcGU.roa
Signing time:             Wed 26 Apr 2023 19:04:41 +0000
ROA not before:           Wed 26 Apr 2023 19:04:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:187:bef3:b7e9/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:be:f4:1c:80:4a:ea:a3:0d:e6:9f:36:e8:c4:85:4a:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 26 19:04:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ae4c477f6bd6cbfd28f974f309ad93791697065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:85:f0:6d:bf:eb:aa:57:58:02:8b:f6:1a:81:
                    68:41:fd:07:1e:e3:a6:fb:47:45:9e:cd:a2:54:b3:
                    d1:5d:ec:96:c3:ca:3c:96:d7:bc:37:af:aa:8d:4c:
                    82:7c:75:e8:09:d8:c1:ab:7f:7b:74:64:45:ee:78:
                    79:d1:55:51:f0:2b:02:8e:87:9d:57:e9:12:0a:14:
                    82:d5:a9:8a:74:25:23:b1:3e:a4:83:a7:1c:f9:8f:
                    0a:80:d8:4f:f5:04:61:b5:6c:7e:fb:ac:a1:60:43:
                    cc:e9:4e:b4:68:fe:5a:df:23:d1:b7:6e:ec:ce:14:
                    71:4a:f4:59:fa:88:b9:2a:48:36:3d:b8:02:d4:89:
                    bd:0b:fc:35:f6:42:5d:aa:92:32:15:04:4c:39:78:
                    d9:63:f9:41:11:0d:f4:e5:78:18:cb:4d:99:31:a1:
                    91:4c:8c:65:c8:c7:98:74:9c:f6:08:4d:c7:23:10:
                    d6:40:03:87:87:bd:37:69:90:0e:8e:f3:0e:43:6a:
                    1b:a6:41:c7:2a:0a:5c:a2:dd:2b:c9:06:af:8a:60:
                    c8:ea:89:36:70:35:a5:a6:79:70:50:92:eb:48:a3:
                    e4:50:66:0c:bd:22:42:59:74:77:68:8b:cc:9d:c1:
                    da:6a:0b:5d:f4:3e:fb:ce:ad:92:4e:70:46:21:ef:
                    30:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:E4:C4:77:F6:BD:6C:BF:D2:8F:97:4F:30:9A:D9:37:91:69:70:65
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iuTEd_a9bL_Sj5dPMJrZN5FpcGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:10:59:4e:7b:4a:2d:d1:c9:4a:fc:ad:fe:73:d3:a9:1d:50:
         1b:de:92:8e:f4:93:03:26:eb:27:34:4c:c5:7e:84:23:d1:f8:
         3e:52:77:e7:e1:c2:da:5d:d6:8f:d5:b7:e1:1e:1c:f0:94:8b:
         05:af:61:e9:74:31:b9:66:07:78:a6:ce:95:c3:8b:d0:c2:be:
         2e:29:fc:52:69:75:7e:30:c8:ce:77:db:99:6b:5d:a1:e3:d8:
         67:0c:ff:b7:c5:4a:22:a0:9b:44:32:0c:40:6d:04:0d:db:e9:
         fb:43:11:76:9a:b9:2c:07:e9:ab:8e:a6:77:e1:2c:08:73:a2:
         c3:71:83:38:8c:93:23:3b:e6:f4:19:19:b4:36:3e:11:22:7b:
         f5:c5:a7:44:51:f4:81:e3:f9:ed:02:5b:f0:d9:80:a4:fa:85:
         c1:9f:cf:40:db:e4:e0:41:38:34:2f:ca:c6:bf:89:6e:1c:c1:
         e2:b6:fc:34:29:20:98:db:eb:6a:34:8b:0c:d1:45:60:7d:ba:
         65:b7:d6:9c:4e:c5:52:91:d2:ad:1f:1b:f3:e8:fa:c4:bc:46:
         ed:fe:79:4e:15:13:b5:89:f5:85:c0:22:66:1a:d0:3d:6e:2d:
         cb:c6:53:8a:d9:65:12:b2:4f:d2:26:1f:c3:cb:d4:c0:a7:de:
         92:e8:cc:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe+9ByASuqjDeafNujEhUrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI2MTkwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU0YzQ3N2Y2YmQ2Y2JmZDI4Zjk3NGYzMDlhZDkzNzkxNjk3MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4Xwbb/rqldYAov2GoFoQf0HHuOm
+0dFns2iVLPRXeyWw8o8lte8N6+qjUyCfHXoCdjBq397dGRF7nh50VVR8CsCjoed
V+kSChSC1amKdCUjsT6kg6cc+Y8KgNhP9QRhtWx++6yhYEPM6U60aP5a3yPRt27s
zhRxSvRZ+oi5Kkg2PbgC1Im9C/w19kJdqpIyFQRMOXjZY/lBEQ305XgYy02ZMaGR
TIxlyMeYdJz2CE3HIxDWQAOHh703aZAOjvMOQ2obpkHHKgpcot0ryQavimDI6ok2
cDWlpnlwUJLrSKPkUGYMvSJCWXR3aIvMncHaagtd9D77zq2STnBGIe8wTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrkxHf2vWy/0o+XTzCa2TeRaXBlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaXVURWRfYTliTF9TajVkUE1KclpONUZwY0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA0QWU57Si3RyUr8rf5z
06kdUBveko70kwMm6yc0TMV+hCPR+D5Sd+fhwtpd1o/Vt+EeHPCUiwWvYel0Mblm
B3imzpXDi9DCvi4p/FJpdX4wyM5325lrXaHj2GcM/7fFSiKgm0QyDEBtBA3b6ftD
EXaauSwH6auOpnfhLAhzosNxgziMkyM75vQZGbQ2PhEie/XFp0RR9IHj+e0CW/DZ
gKT6hcGfz0Db5OBBODQvysa/iW4cweK2/DQpIJjb62o0iwzRRWB9umW31pxOxVKR
0q0fG/Po+sS8Ru3+eU4VE7WJ9YXAImYa0D1uLcvGU4rZZRKyT9ImH8PL1MCn3pLo
zAY=
-----END CERTIFICATE-----