Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l6BTylUnv-YHA2JW0h2ROMOHUi4.roa
File:                     l6BTylUnv-YHA2JW0h2ROMOHUi4.roa (raw, json)
Hash identifier:          brJklQLfioSw7z18kfGlSUk+1kFCJEnOL98XrVUzC3M=
Subject key identifier:   97:A0:53:CA:55:27:BF:E6:07:03:62:56:D2:1D:91:38:C3:87:52:2E
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018736153EA38AE79C67ACBEAEBD4AC743E7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l6BTylUnv-YHA2JW0h2ROMOHUi4.roa
Signing time:             Fri 31 Mar 2023 05:12:54 +0000
ROA not before:           Fri 31 Mar 2023 05:12:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:36:15:3e:a3:8a:e7:9c:67:ac:be:ae:bd:4a:c7:43:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 31 05:12:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97a053ca5527bfe607036256d21d9138c387522e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:dc:e6:1e:95:d2:93:47:8d:6a:3c:7b:87:93:
                    cf:9b:44:52:04:ee:c3:c8:55:c0:de:2f:b8:19:4d:
                    e4:96:f6:63:1c:86:7f:fb:c1:e3:f0:fb:9e:2b:9b:
                    5f:73:e5:bb:14:13:fc:f8:79:77:ff:63:31:33:62:
                    08:ff:20:ce:09:0e:83:df:1f:28:4b:2c:cc:92:f1:
                    f0:9f:8c:5e:64:b6:9e:e7:04:e3:da:c6:d7:f8:39:
                    b7:a0:1b:63:f4:f8:da:0c:c8:ec:e7:b8:fe:26:3a:
                    bf:92:ba:8d:d9:77:5f:0b:cf:5a:b0:0d:70:2e:8d:
                    07:2c:4c:03:83:79:68:79:e8:c2:d7:9d:59:41:73:
                    84:6c:86:56:f9:18:85:30:ea:c0:7a:82:a7:b7:12:
                    70:2c:a0:82:97:be:05:59:c2:1e:07:a8:91:99:a0:
                    ad:42:97:81:31:21:fc:cf:02:e7:77:9a:fa:67:1a:
                    05:2f:29:80:69:fe:25:23:7d:92:cd:bb:14:b2:ad:
                    81:47:16:03:0f:c8:dd:98:50:45:e5:31:4f:6f:70:
                    70:f2:b2:e3:1f:a4:90:1b:1e:74:df:9d:c7:34:bb:
                    49:f6:4f:a5:c4:61:61:d3:fc:2e:ce:57:f3:2d:5c:
                    27:80:5e:d1:66:51:b4:7b:c3:d3:47:d0:b6:fb:65:
                    19:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:A0:53:CA:55:27:BF:E6:07:03:62:56:D2:1D:91:38:C3:87:52:2E
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l6BTylUnv-YHA2JW0h2ROMOHUi4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:77:6b:17:33:44:97:10:78:d0:09:a2:db:79:fc:89:d6:09:
         7c:6e:ca:15:18:78:54:33:b7:62:1c:54:e0:4d:cb:00:23:67:
         67:0d:ce:c1:99:ec:b8:b5:f3:ad:61:25:5e:62:ac:41:fb:89:
         a5:2c:b9:b5:80:c4:a3:68:7e:88:25:72:87:fb:e8:31:4e:41:
         ba:d1:f9:91:e4:c0:41:8b:ab:50:88:02:83:d4:ae:4e:bb:01:
         07:d5:3f:7e:c4:c8:76:c4:90:20:e5:47:da:6e:85:ee:e9:4a:
         b6:ba:76:d2:05:f8:1b:50:3d:d2:06:e9:38:9e:fa:b7:ba:b4:
         81:e8:d7:be:68:a7:82:b7:8e:58:e6:23:81:f9:bc:08:8d:fc:
         e8:b9:97:b4:e0:d6:e6:ad:22:d6:38:5d:cd:b9:78:80:0c:9f:
         e9:9e:85:47:b6:94:4f:14:c2:fc:73:5c:c7:f3:59:93:eb:13:
         39:77:30:f1:eb:2d:0a:cc:26:e3:75:b0:b6:8b:2f:ac:ab:05:
         17:dd:0e:0d:6b:36:41:e2:03:64:ac:56:cb:d6:2d:72:bc:af:
         a7:ee:a1:73:c5:e8:75:ed:89:66:2c:6b:d0:dc:2c:d7:f9:39:
         e0:6f:43:fb:4b:e5:90:08:22:28:17:d7:6a:a5:d3:63:fa:48:
         ee:c3:6c:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYc2FT6jiuecZ6y+rr1Kx0PnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMxMDUxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2EwNTNjYTU1MjdiZmU2MDcwMzYyNTZkMjFkOTEzOGMzODc1MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNzmHpXSk0eNajx7h5PPm0RSBO7D
yFXA3i+4GU3klvZjHIZ/+8Hj8PueK5tfc+W7FBP8+Hl3/2MxM2II/yDOCQ6D3x8o
SyzMkvHwn4xeZLae5wTj2sbX+Dm3oBtj9PjaDMjs57j+Jjq/krqN2XdfC89asA1w
Lo0HLEwDg3loeejC151ZQXOEbIZW+RiFMOrAeoKntxJwLKCCl74FWcIeB6iRmaCt
QpeBMSH8zwLnd5r6ZxoFLymAaf4lI32SzbsUsq2BRxYDD8jdmFBF5TFPb3Bw8rLj
H6SQGx50353HNLtJ9k+lxGFh0/wuzlfzLVwngF7RZlG0e8PTR9C2+2UZywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJegU8pVJ7/mBwNiVtIdkTjDh1IuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbDZCVHlsVW52LVlIQTJKVzBoMlJPTU9IVWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA13axczRJcQeNAJott5
/InWCXxuyhUYeFQzt2IcVOBNywAjZ2cNzsGZ7Li1861hJV5irEH7iaUsubWAxKNo
foglcof76DFOQbrR+ZHkwEGLq1CIAoPUrk67AQfVP37EyHbEkCDlR9puhe7pSra6
dtIF+BtQPdIG6Tie+re6tIHo175op4K3jljmI4H5vAiN/Oi5l7Tg1uatItY4Xc25
eIAMn+mehUe2lE8UwvxzXMfzWZPrEzl3MPHrLQrMJuN1sLaLL6yrBRfdDg1rNkHi
A2SsVsvWLXK8r6fuoXPF6HXtiWYsa9DcLNf5OeBvQ/tL5ZAIIigX12ql02P6SO7D
bHA=
-----END CERTIFICATE-----