Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p1S8cGqoYTQ8PYpPy9R_JH0oALU.roa
File:                     p1S8cGqoYTQ8PYpPy9R_JH0oALU.roa (raw, json)
Hash identifier:          KnbWWVPloPMUzP3kVtlIzP2k+Kl9EQjnLEuVPtUZ/Fc=
Subject key identifier:   A7:54:BC:70:6A:A8:61:34:3C:3D:8A:4F:CB:D4:7F:24:7D:28:00:B5
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186D7AAB18A9E1D85B4455F2A6707300CBF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p1S8cGqoYTQ8PYpPy9R_JH0oALU.roa
Signing time:             Sun 12 Mar 2023 21:12:13 +0000
ROA not before:           Sun 12 Mar 2023 21:12:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d7:aa:b1:8a:9e:1d:85:b4:45:5f:2a:67:07:30:0c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 12 21:12:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a754bc706aa861343c3d8a4fcbd47f247d2800b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:00:32:1b:04:25:0e:fa:51:a1:75:9f:a5:1a:
                    97:82:8e:6c:19:6e:6d:46:96:ad:8c:cf:34:95:29:
                    f3:fb:15:3a:ed:a6:7a:77:a2:98:ac:46:03:f8:00:
                    c1:63:cc:51:12:d4:7c:87:76:fd:31:c5:2d:d0:9f:
                    89:83:94:9a:81:96:08:36:4d:e8:8b:5f:17:16:26:
                    65:8d:02:d3:78:d4:f9:a0:9c:38:ab:79:5e:c9:9c:
                    6c:12:22:45:9a:c5:a3:f2:df:df:fb:de:d2:e4:13:
                    f0:3e:d4:5e:d0:f0:8f:a0:89:48:5e:32:f2:f6:b3:
                    73:b9:c0:3c:36:44:7c:b8:ca:f3:9d:0b:c7:e3:19:
                    5e:53:75:e7:6b:db:2e:f1:c3:06:bf:2e:b8:57:62:
                    5e:c8:4a:3b:b0:c2:bf:4f:e4:b3:bb:f6:9f:a9:10:
                    32:9c:96:43:7f:d0:3e:b5:4f:04:d9:34:48:22:bd:
                    8f:5a:ed:75:2b:a3:dd:c2:04:6a:31:99:32:85:19:
                    ab:89:d4:12:34:3c:4a:e0:bc:ca:48:ea:6f:80:bb:
                    50:f5:67:95:b4:86:76:4a:99:ba:34:8a:31:98:07:
                    a6:d1:a6:66:9e:ee:3d:dd:28:e1:e8:62:1a:b4:06:
                    65:63:dc:7e:2b:ae:55:89:92:b0:59:97:e2:bd:54:
                    df:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:54:BC:70:6A:A8:61:34:3C:3D:8A:4F:CB:D4:7F:24:7D:28:00:B5
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p1S8cGqoYTQ8PYpPy9R_JH0oALU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:72:40:ca:bd:47:9e:e5:3f:26:09:a3:0e:19:f3:b2:00:d9:
         77:d0:29:d6:67:09:5a:97:30:49:84:c0:99:c0:50:57:fd:0a:
         9c:25:ba:fd:6b:7a:f7:61:4b:06:96:3d:8e:e8:12:c8:1e:13:
         35:e9:31:dd:9b:cf:14:0c:41:fa:45:fa:f0:30:c3:62:6a:3e:
         f6:70:b7:0b:c0:c4:82:bc:1f:58:67:3f:08:48:66:8a:62:51:
         88:4a:a0:7f:7c:3d:bb:d2:32:e5:de:66:11:74:27:6a:f3:e9:
         7e:a7:47:68:a6:7f:16:32:0b:15:87:48:a5:68:c9:c8:f9:01:
         57:ea:0e:24:ad:61:f1:b7:bb:0f:ea:85:98:fa:bc:db:29:10:
         15:c8:23:39:34:2a:ae:43:49:ae:50:1d:1b:7c:08:ca:42:ad:
         b7:36:10:b8:a2:fe:e7:3d:cf:cb:e7:f8:54:94:5c:ee:70:f6:
         b9:aa:40:e0:0c:a9:59:1a:0e:41:c1:42:21:78:76:39:c5:17:
         9d:5d:c1:cc:00:17:a6:a8:20:df:73:30:b7:89:9e:90:00:d3:
         81:4a:0a:55:7e:15:cc:da:0c:90:5b:f3:b2:3c:7f:62:83:fd:
         ed:8e:57:4a:db:1d:25:b9:8a:70:7b:bc:30:cd:d2:27:fc:a6:
         b5:3f:d3:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbXqrGKnh2FtEVfKmcHMAy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEyMjExMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU0YmM3MDZhYTg2MTM0M2MzZDhhNGZjYmQ0N2YyNDdkMjgwMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwAyGwQlDvpRoXWfpRqXgo5sGW5t
RpatjM80lSnz+xU67aZ6d6KYrEYD+ADBY8xREtR8h3b9McUt0J+Jg5SagZYINk3o
i18XFiZljQLTeNT5oJw4q3leyZxsEiJFmsWj8t/f+97S5BPwPtRe0PCPoIlIXjLy
9rNzucA8NkR8uMrznQvH4xleU3Xna9su8cMGvy64V2JeyEo7sMK/T+Szu/afqRAy
nJZDf9A+tU8E2TRIIr2PWu11K6PdwgRqMZkyhRmridQSNDxK4LzKSOpvgLtQ9WeV
tIZ2Spm6NIoxmAem0aZmnu493Sjh6GIatAZlY9x+K65ViZKwWZfivVTfowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKdUvHBqqGE0PD2KT8vUfyR9KAC1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcDFTOGNHcW9ZVFE4UFlwUHk5Ul9KSDBvQUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNyQMq9R57lPyYJow4Z
87IA2XfQKdZnCVqXMEmEwJnAUFf9Cpwluv1revdhSwaWPY7oEsgeEzXpMd2bzxQM
QfpF+vAww2JqPvZwtwvAxIK8H1hnPwhIZopiUYhKoH98PbvSMuXeZhF0J2rz6X6n
R2imfxYyCxWHSKVoycj5AVfqDiStYfG3uw/qhZj6vNspEBXIIzk0Kq5DSa5QHRt8
CMpCrbc2ELii/uc9z8vn+FSUXO5w9rmqQOAMqVkaDkHBQiF4djnFF51dwcwAF6ao
IN9zMLeJnpAA04FKClV+FczaDJBb87I8f2KD/e2OV0rbHSW5inB7vDDN0if8prU/
0/E=
-----END CERTIFICATE-----