Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kvy_JW1Ipj78UJiKGWFa7G28Z-E.roa
File:                     kvy_JW1Ipj78UJiKGWFa7G28Z-E.roa (raw, json)
Hash identifier:          IrphhMiVqKadzOPM71F7LwmTUYxNhCZaSaxROum9dgw=
Subject key identifier:   92:FC:BF:25:6D:48:A6:3E:FC:50:98:8A:19:61:5A:EC:6D:BC:67:E1
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01884BF5432AE8F9F6DEF2F25FB47213E555
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kvy_JW1Ipj78UJiKGWFa7G28Z-E.roa
Signing time:             Wed 24 May 2023 04:12:24 +0000
ROA not before:           Wed 24 May 2023 04:12:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4b:f5:43:2a:e8:f9:f6:de:f2:f2:5f:b4:72:13:e5:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 24 04:12:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92fcbf256d48a63efc50988a19615aec6dbc67e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:2c:84:0a:75:d7:05:ca:89:e5:d6:3b:26:62:
                    fa:48:33:8c:e4:98:4c:28:37:63:de:1c:70:3f:f5:
                    b2:c1:13:0b:35:37:d4:f9:86:84:2e:aa:76:d9:67:
                    44:1f:a9:e0:d1:a3:f9:4c:3d:5c:30:92:3d:05:d1:
                    75:9b:3a:8e:34:e5:2e:a7:41:88:ca:c2:fa:d5:cb:
                    04:6e:5c:0e:ef:3b:c8:8c:a4:b9:39:46:0b:d0:92:
                    42:a8:f6:d8:1e:59:05:dc:48:57:f0:7e:5b:e5:6d:
                    6e:dd:c1:ff:cd:12:da:c2:25:a5:b2:0b:55:5f:ab:
                    f2:8c:2e:74:d4:20:ff:84:c0:da:ec:01:72:47:a3:
                    78:79:4f:45:26:03:21:e3:fa:0e:74:96:f4:ff:81:
                    f4:04:d6:22:77:45:80:77:02:0a:0a:23:6b:89:df:
                    2f:92:d4:bc:d7:e5:48:00:f6:b8:12:ca:fd:8f:4c:
                    a1:46:81:76:e7:2f:c7:df:9d:e8:28:fd:4c:49:fe:
                    8b:e2:db:d6:d9:13:06:32:3d:d5:e3:b8:2e:cc:a1:
                    b6:bf:91:e9:ea:6d:62:f5:5c:23:74:e3:bc:8c:bf:
                    3b:a0:aa:8f:96:31:7b:bc:16:b0:89:af:db:7b:3e:
                    bc:b9:1f:61:7c:14:3c:75:ff:02:73:3c:8b:2e:89:
                    40:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:FC:BF:25:6D:48:A6:3E:FC:50:98:8A:19:61:5A:EC:6D:BC:67:E1
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kvy_JW1Ipj78UJiKGWFa7G28Z-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:57:de:7e:f2:78:fb:34:2f:02:4b:f6:b1:6b:61:a1:b3:c2:
         97:6e:1e:cd:e9:4c:4d:d3:20:41:86:06:b2:8c:6f:7f:4b:00:
         2f:16:a9:39:18:5e:01:4c:8c:00:6b:0b:01:16:97:bd:88:a6:
         fc:a8:4b:4b:60:1a:6a:22:81:95:47:b8:18:38:58:3f:da:03:
         24:f7:16:83:f5:84:9d:ad:b8:33:62:5a:60:10:0c:b1:da:b4:
         9d:0b:34:85:1b:4c:cf:ed:88:3f:44:3a:09:89:f5:e7:c8:1c:
         14:cb:a6:2c:b9:2f:e2:31:74:ec:a6:50:1a:84:8e:75:d9:1c:
         0a:73:47:39:cc:d6:fb:e0:3f:b7:a2:00:a4:f3:ae:c1:a7:70:
         de:16:8b:69:ba:21:8e:06:e3:b5:06:c6:c8:2e:d0:39:ea:aa:
         d6:c4:a0:9c:19:e9:56:49:44:1b:90:d3:a2:93:67:a0:85:e8:
         e9:67:d7:12:5e:38:b6:06:2a:fc:3d:84:cd:c1:b1:bf:92:99:
         eb:13:54:d3:36:8b:10:77:d3:58:6d:97:bb:e7:a0:87:20:50:
         dd:34:90:94:fd:3b:0f:6a:2b:d6:68:33:03:09:84:7a:4c:37:
         3e:6a:10:d9:3d:3f:63:59:73:8e:a5:57:ea:cc:ce:9d:6a:29:
         f2:1c:2a:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhL9UMq6Pn23vLyX7RyE+VVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI0MDQxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZjYmYyNTZkNDhhNjNlZmM1MDk4OGExOTYxNWFlYzZkYmM2N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSyECnXXBcqJ5dY7JmL6SDOM5JhM
KDdj3hxwP/WywRMLNTfU+YaELqp22WdEH6ng0aP5TD1cMJI9BdF1mzqONOUup0GI
ysL61csEblwO7zvIjKS5OUYL0JJCqPbYHlkF3EhX8H5b5W1u3cH/zRLawiWlsgtV
X6vyjC501CD/hMDa7AFyR6N4eU9FJgMh4/oOdJb0/4H0BNYid0WAdwIKCiNrid8v
ktS81+VIAPa4Esr9j0yhRoF25y/H353oKP1MSf6L4tvW2RMGMj3V47guzKG2v5Hp
6m1i9VwjdOO8jL87oKqPljF7vBawia/bez68uR9hfBQ8df8CczyLLolAWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJL8vyVtSKY+/FCYihlhWuxtvGfhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva3Z5X0pXMUlwajc4VUppS0dXRmE3RzI4Wi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHFX3n7yePs0LwJL9rFr
YaGzwpduHs3pTE3TIEGGBrKMb39LAC8WqTkYXgFMjABrCwEWl72IpvyoS0tgGmoi
gZVHuBg4WD/aAyT3FoP1hJ2tuDNiWmAQDLHatJ0LNIUbTM/tiD9EOgmJ9efIHBTL
piy5L+IxdOymUBqEjnXZHApzRznM1vvgP7eiAKTzrsGncN4Wi2m6IY4G47UGxsgu
0DnqqtbEoJwZ6VZJRBuQ06KTZ6CF6Oln1xJeOLYGKvw9hM3Bsb+SmesTVNM2ixB3
01htl7vnoIcgUN00kJT9Ow9qK9ZoMwMJhHpMNz5qENk9P2NZc46lV+rMzp1qKfIc
Kmg=
-----END CERTIFICATE-----