Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jgmFWL6W4hYKuZZrrCD9Fk-iLzg.roa
File:                     jgmFWL6W4hYKuZZrrCD9Fk-iLzg.roa (raw, json)
Hash identifier:          euNE08ORyIn56cGgqGKBPICYibFUu4YbW7a5CnqrtKg=
Subject key identifier:   8E:09:85:58:BE:96:E2:16:0A:B9:96:6B:AC:20:FD:16:4F:A2:2F:38
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E831901E3D0237621D69586C00691B16
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jgmFWL6W4hYKuZZrrCD9Fk-iLzg.roa
Signing time:             Thu 16 Mar 2023 02:13:27 +0000
ROA not before:           Thu 16 Mar 2023 02:13:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e8:31:90:1e:3d:02:37:62:1d:69:58:6c:00:69:1b:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 16 02:13:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e098558be96e2160ab9966bac20fd164fa22f38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:58:09:67:27:17:dc:6a:aa:e9:3d:2a:3a:75:
                    be:10:b8:31:84:16:5f:c8:2b:4d:1c:b6:6d:9e:df:
                    87:ad:64:4b:f9:59:e1:a9:8f:4f:16:34:b2:dd:30:
                    74:61:af:ee:5e:66:30:8a:3a:6f:11:80:da:23:43:
                    87:9d:a9:16:a6:ac:e8:8a:92:91:2a:c7:c0:8f:39:
                    69:8a:a3:49:82:01:e4:91:3e:b7:f7:a8:4d:95:54:
                    83:95:7c:3b:86:4c:ea:4e:62:07:2b:b3:55:ac:41:
                    38:77:1b:ae:e9:66:7e:85:86:46:09:de:21:06:df:
                    2f:e3:c7:31:ab:8e:dc:d0:cd:49:4e:59:18:f6:51:
                    2e:a2:da:c8:27:f2:af:31:f2:eb:22:27:bf:98:25:
                    d8:8e:66:15:96:07:b9:6f:fb:e8:15:b1:10:56:64:
                    cd:c5:8e:f3:36:c4:b3:67:77:e8:6f:5a:b3:32:9d:
                    14:d4:6f:15:10:81:bc:f7:9b:ee:c9:bc:84:dc:1d:
                    83:4e:74:d4:f4:41:35:90:47:81:d1:d2:8a:d9:1f:
                    cf:0b:7b:48:f2:01:ef:21:d3:50:74:63:65:4f:86:
                    3b:74:f5:b7:c8:2c:8c:25:a8:2f:24:09:64:10:c3:
                    9a:85:f4:29:e3:a8:84:17:e6:ef:d0:cf:bf:72:81:
                    4a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:09:85:58:BE:96:E2:16:0A:B9:96:6B:AC:20:FD:16:4F:A2:2F:38
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jgmFWL6W4hYKuZZrrCD9Fk-iLzg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a3:30:02:60:36:f8:f8:bd:4c:cb:2e:ef:3a:4e:f3:0c:ea:5e:
         5b:9e:c2:fe:a9:55:c3:e2:3d:06:6a:e5:01:f4:da:be:e3:08:
         b4:ae:c3:e2:a4:af:87:92:8f:b1:67:a0:62:77:90:b2:4e:1a:
         da:34:2d:66:0f:65:4b:46:0c:38:b6:17:72:64:51:12:c5:d6:
         c9:c6:36:9c:2d:bb:54:25:6e:f8:3f:89:89:8f:15:d3:73:32:
         5a:e9:ed:fd:eb:eb:8f:a9:36:2c:cc:ad:8a:47:50:26:c4:fe:
         59:9a:12:60:6a:4a:2a:38:1e:f8:08:6c:58:03:80:b1:8c:45:
         a9:88:95:1f:e4:b8:ff:ae:79:c3:a2:38:28:50:72:01:58:3f:
         1e:4e:b3:6b:ea:e5:97:9a:2d:5e:da:3b:22:7c:4f:18:da:f6:
         de:96:8f:1d:35:2c:dc:90:76:7f:ca:51:02:e2:1f:b4:42:7e:
         52:38:41:4d:f3:72:3a:82:7d:89:48:3a:13:3a:96:20:c9:78:
         76:2c:67:eb:6b:56:9a:f6:2a:15:14:cf:5c:68:21:e9:45:ec:
         c2:2c:2f:b2:a3:58:13:81:c0:c0:62:4f:21:67:b7:62:e8:b8:
         31:6f:d6:2b:3a:a6:6e:bf:ee:9a:c7:40:5f:28:da:28:53:59:
         9d:48:2d:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYboMZAePQI3Yh1pWGwAaRsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE2MDIxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA5ODU1OGJlOTZlMjE2MGFiOTk2NmJhYzIwZmQxNjRmYTIyZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VgJZycX3Gqq6T0qOnW+ELgxhBZf
yCtNHLZtnt+HrWRL+VnhqY9PFjSy3TB0Ya/uXmYwijpvEYDaI0OHnakWpqzoipKR
KsfAjzlpiqNJggHkkT6396hNlVSDlXw7hkzqTmIHK7NVrEE4dxuu6WZ+hYZGCd4h
Bt8v48cxq47c0M1JTlkY9lEuotrIJ/KvMfLrIie/mCXYjmYVlge5b/voFbEQVmTN
xY7zNsSzZ3fob1qzMp0U1G8VEIG895vuybyE3B2DTnTU9EE1kEeB0dKK2R/PC3tI
8gHvIdNQdGNlT4Y7dPW3yCyMJagvJAlkEMOahfQp46iEF+bv0M+/coFKIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI4JhVi+luIWCrmWa6wg/RZPoi84MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvamdtRldMNlc0aFlLdVpacnJDRDlGay1pTHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKMwAmA2+Pi9TMsu7zpO
8wzqXluewv6pVcPiPQZq5QH02r7jCLSuw+Kkr4eSj7FnoGJ3kLJOGto0LWYPZUtG
DDi2F3JkURLF1snGNpwtu1Qlbvg/iYmPFdNzMlrp7f3r64+pNizMrYpHUCbE/lma
EmBqSio4HvgIbFgDgLGMRamIlR/kuP+uecOiOChQcgFYPx5Os2vq5ZeaLV7aOyJ8
Txja9t6Wjx01LNyQdn/KUQLiH7RCflI4QU3zcjqCfYlIOhM6liDJeHYsZ+trVpr2
KhUUz1xoIelF7MIsL7KjWBOBwMBiTyFnt2LouDFv1is6pm6/7prHQF8o2ihTWZ1I
LZg=
-----END CERTIFICATE-----