Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o6bY79__pDBR2s5rE5YhmXFjjZM.roa
File:                     o6bY79__pDBR2s5rE5YhmXFjjZM.roa (raw, json)
Hash identifier:          Mb6AsQWpJLOIQaeg599FK7uQpJhE6y4wdOkQ7uWVqMg=
Subject key identifier:   A3:A6:D8:EF:DF:FF:A4:30:51:DA:CE:6B:13:96:21:99:71:63:8D:93
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01888D2DC868FDD8980384232834AACA70FC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o6bY79__pDBR2s5rE5YhmXFjjZM.roa
Signing time:             Mon 05 Jun 2023 20:09:27 +0000
ROA not before:           Mon 05 Jun 2023 20:09:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8d:2d:c8:68:fd:d8:98:03:84:23:28:34:aa:ca:70:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  5 20:09:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3a6d8efdfffa43051dace6b1396219971638d93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:23:86:3d:63:d0:ff:fe:93:e7:88:52:3a:73:
                    03:3e:f8:a2:0e:07:74:40:84:3e:df:93:a8:c6:1f:
                    35:98:ee:de:2f:0c:68:66:c5:fa:e0:6a:a7:3b:48:
                    d5:8c:42:69:83:76:d3:9d:12:53:ea:ae:f4:cc:33:
                    08:e2:ba:85:42:00:52:01:e4:26:0c:8c:da:ec:09:
                    35:7e:18:06:47:22:9f:0b:c3:6f:1f:4d:3d:68:ff:
                    93:4b:ad:3e:ca:e8:c3:8e:fb:2c:50:56:9b:10:cb:
                    3b:30:58:71:07:f2:c6:d6:de:fc:d1:53:7c:07:23:
                    ef:22:42:29:07:19:d3:e3:56:f6:18:f1:e8:c4:12:
                    9e:8d:80:d4:1f:b8:50:52:3d:68:24:fe:07:f2:84:
                    94:fa:e3:fc:bc:83:13:b8:47:b3:77:82:c3:f9:67:
                    06:bf:c5:f3:ad:55:9f:98:6e:a2:d2:86:5c:6c:bb:
                    d1:c4:f8:89:49:6e:58:c3:b1:d8:33:df:3d:24:b1:
                    8c:18:d1:c8:16:9d:69:86:20:9a:7d:a3:d3:cc:14:
                    d3:8f:77:48:bb:f2:e8:11:6d:0b:f6:e7:e3:a1:a0:
                    a9:b5:20:35:6e:82:89:1c:58:a9:66:9e:5f:41:7f:
                    25:72:b7:63:e1:0a:7a:42:94:44:dc:e1:31:34:e0:
                    ae:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A6:D8:EF:DF:FF:A4:30:51:DA:CE:6B:13:96:21:99:71:63:8D:93
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o6bY79__pDBR2s5rE5YhmXFjjZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:98:dd:40:45:00:29:b6:d9:e4:b9:f5:4f:d0:e9:26:c0:81:
         d9:5a:f3:f1:46:fb:1b:cb:19:07:ef:b5:56:7c:8e:67:af:c4:
         0b:17:52:59:ed:b6:f4:a8:6d:c3:1d:ea:10:23:6f:e1:c7:8a:
         30:dd:1f:de:ca:94:a7:70:72:3a:29:b5:f8:ab:ce:f7:6c:d3:
         15:b2:1c:42:76:f8:30:fa:e5:cd:da:db:d0:9f:28:60:50:d3:
         96:44:60:45:e6:cf:cf:10:70:fa:a5:d5:6b:b5:dd:52:94:60:
         12:e4:4e:55:ab:f0:84:54:09:1b:38:26:31:33:b7:c3:be:aa:
         ed:7a:a2:2c:0c:8e:47:cd:f2:25:05:38:e3:28:9a:48:48:96:
         9f:9a:eb:26:ad:4c:0d:1c:89:d0:8a:1c:b0:69:f4:f1:44:73:
         aa:dc:8d:0e:1d:f0:f6:2d:93:2c:60:5e:c0:12:77:56:97:13:
         98:db:18:f3:0e:ed:2e:35:ac:5f:65:9d:c5:ae:50:2f:ae:1f:
         60:bb:06:cf:57:d5:6b:16:7e:75:e8:38:82:ca:e2:86:98:3b:
         69:83:65:fb:a6:2a:91:af:da:9b:ca:51:cc:3f:eb:fc:89:d8:
         73:56:67:af:2d:fb:50:fc:bf:15:29:a9:77:99:e4:89:f3:14:
         ee:8f:a3:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiNLcho/diYA4QjKDSqynD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA1MjAwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E2ZDhlZmRmZmZhNDMwNTFkYWNlNmIxMzk2MjE5OTcxNjM4ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSOGPWPQ//6T54hSOnMDPviiDgd0
QIQ+35Ooxh81mO7eLwxoZsX64GqnO0jVjEJpg3bTnRJT6q70zDMI4rqFQgBSAeQm
DIza7Ak1fhgGRyKfC8NvH009aP+TS60+yujDjvssUFabEMs7MFhxB/LG1t780VN8
ByPvIkIpBxnT41b2GPHoxBKejYDUH7hQUj1oJP4H8oSU+uP8vIMTuEezd4LD+WcG
v8XzrVWfmG6i0oZcbLvRxPiJSW5Yw7HYM989JLGMGNHIFp1phiCafaPTzBTTj3dI
u/LoEW0L9ufjoaCptSA1boKJHFipZp5fQX8lcrdj4Qp6QpRE3OExNOCuQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOm2O/f/6QwUdrOaxOWIZlxY42TMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbzZiWTc5X19wREJSMnM1ckU1WWhtWEZqalpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH+Y3UBFACm22eS59U/Q
6SbAgdla8/FG+xvLGQfvtVZ8jmevxAsXUlnttvSobcMd6hAjb+HHijDdH97KlKdw
cjoptfirzvds0xWyHEJ2+DD65c3a29CfKGBQ05ZEYEXmz88QcPql1Wu13VKUYBLk
TlWr8IRUCRs4JjEzt8O+qu16oiwMjkfN8iUFOOMomkhIlp+a6yatTA0cidCKHLBp
9PFEc6rcjQ4d8PYtkyxgXsASd1aXE5jbGPMO7S41rF9lncWuUC+uH2C7Bs9X1WsW
fnXoOILK4oaYO2mDZfumKpGv2pvKUcw/6/yJ2HNWZ68t+1D8vxUpqXeZ5InzFO6P
o6w=
-----END CERTIFICATE-----