Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pb0ePJ1sTtG2BcUXMKa-GxmFbVw.roa
File:                     pb0ePJ1sTtG2BcUXMKa-GxmFbVw.roa (raw, json)
Hash identifier:          ut2AyjcupVwIVPUVLkiUvCDc6ZVMIc/saFa9awbLp7A=
Subject key identifier:   A5:BD:1E:3C:9D:6C:4E:D1:B6:05:C5:17:30:A6:BE:1B:19:85:6D:5C
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018831FFE5A1F09A91E1381F547639ECCA05
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pb0ePJ1sTtG2BcUXMKa-GxmFbVw.roa
Signing time:             Fri 19 May 2023 03:13:53 +0000
ROA not before:           Fri 19 May 2023 03:13:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:31:ff:e5:a1:f0:9a:91:e1:38:1f:54:76:39:ec:ca:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 19 03:13:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5bd1e3c9d6c4ed1b605c51730a6be1b19856d5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2c:73:4c:aa:e5:0a:c9:02:e1:58:f2:64:a1:
                    e4:29:03:23:d0:14:a3:55:af:20:69:0e:f8:e8:6d:
                    aa:c0:a6:63:77:2d:e3:54:07:eb:67:fa:3e:23:32:
                    06:6a:c3:a3:f7:9d:89:35:19:7e:65:99:2f:01:cd:
                    4a:4f:7d:35:8a:f9:0d:da:af:e9:89:07:ff:f9:8c:
                    bf:cb:cf:5f:b6:c4:e7:bf:a9:df:23:2c:f3:ec:f6:
                    ca:30:d9:ad:26:1d:59:d4:d2:3a:d1:5f:e7:1a:f0:
                    db:bd:a9:e3:fd:83:27:e4:1d:b6:af:a0:c0:34:2a:
                    b2:42:08:03:a8:b0:74:4e:76:08:e6:49:8a:6a:a7:
                    ed:52:e9:67:00:fc:ab:88:de:f4:06:fc:f6:5e:5e:
                    98:4a:5e:2c:3e:53:b0:f9:49:ce:77:cf:1e:6e:f4:
                    bf:0d:e2:3f:3e:a5:64:a9:89:45:89:22:83:3d:8a:
                    30:de:39:21:0b:65:26:f4:5f:56:16:46:53:70:79:
                    3c:cd:38:1f:fc:d6:f7:60:ad:e9:fd:ba:93:a6:7f:
                    c6:34:f5:91:8e:91:bb:53:6f:35:78:45:f5:96:48:
                    d3:b5:0e:a9:4e:6e:c1:a2:4e:eb:e7:53:9b:38:5d:
                    8b:67:ad:54:17:ee:25:09:d2:ad:50:bf:7d:f7:44:
                    27:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BD:1E:3C:9D:6C:4E:D1:B6:05:C5:17:30:A6:BE:1B:19:85:6D:5C
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pb0ePJ1sTtG2BcUXMKa-GxmFbVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:aa:bb:ec:a3:44:a2:de:23:1b:42:25:2d:56:72:ef:b7:13:
         f2:dd:4d:6c:0b:99:cb:52:83:37:00:d9:07:ff:b5:e1:a6:91:
         15:6a:77:a4:1d:25:dc:4c:f9:60:62:27:dd:b9:1e:4d:99:60:
         c6:dc:7e:50:56:c0:2f:2d:0e:37:75:3e:03:4c:75:bb:3e:86:
         15:fa:3f:86:8c:0e:c4:6d:4c:98:b1:ec:e7:73:1d:4f:2c:98:
         67:ca:6d:97:17:08:6f:86:e2:76:13:0d:3c:ab:2f:ef:46:ae:
         78:67:aa:5b:14:02:e8:b5:0d:e5:bb:a4:b5:be:15:fc:94:5b:
         00:97:04:fa:0d:fb:29:94:eb:79:5e:4b:6b:14:9c:07:2b:6d:
         8e:ae:6e:75:45:d1:90:9d:7f:13:08:63:30:70:64:ef:ba:e8:
         d5:bb:6c:f1:ca:8e:7c:05:e8:be:9f:fa:6e:69:82:c2:cf:fa:
         ea:4e:07:0a:f2:c7:26:26:c9:85:21:d8:ff:bc:1b:90:78:de:
         9d:f2:84:ca:ad:c3:d9:7e:b9:a8:ac:90:23:22:e5:2b:1c:f4:
         ed:7e:da:55:0b:ea:66:db:9c:42:f0:76:b1:72:3c:8e:d7:3b:
         19:56:ea:24:c2:ea:72:e0:34:28:8e:fd:76:fc:39:f0:6c:7c:
         4c:fb:43:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgx/+Wh8JqR4TgfVHY57MoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE5MDMxMzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkMWUzYzlkNmM0ZWQxYjYwNWM1MTczMGE2YmUxYjE5ODU2ZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCxzTKrlCskC4VjyZKHkKQMj0BSj
Va8gaQ746G2qwKZjdy3jVAfrZ/o+IzIGasOj952JNRl+ZZkvAc1KT301ivkN2q/p
iQf/+Yy/y89ftsTnv6nfIyzz7PbKMNmtJh1Z1NI60V/nGvDbvanj/YMn5B22r6DA
NCqyQggDqLB0TnYI5kmKaqftUulnAPyriN70Bvz2Xl6YSl4sPlOw+UnOd88ebvS/
DeI/PqVkqYlFiSKDPYow3jkhC2Um9F9WFkZTcHk8zTgf/Nb3YK3p/bqTpn/GNPWR
jpG7U281eEX1lkjTtQ6pTm7Bok7r51ObOF2LZ61UF+4lCdKtUL9990QnzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW9HjydbE7RtgXFFzCmvhsZhW1cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcGIwZVBKMXNUdEcyQmNVWE1LYS1HeG1GYlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAISqu+yjRKLeIxtCJS1W
cu+3E/LdTWwLmctSgzcA2Qf/teGmkRVqd6QdJdxM+WBiJ925Hk2ZYMbcflBWwC8t
Djd1PgNMdbs+hhX6P4aMDsRtTJix7OdzHU8smGfKbZcXCG+G4nYTDTyrL+9Grnhn
qlsUAui1DeW7pLW+FfyUWwCXBPoN+ymU63leS2sUnAcrbY6ubnVF0ZCdfxMIYzBw
ZO+66NW7bPHKjnwF6L6f+m5pgsLP+upOBwryxyYmyYUh2P+8G5B43p3yhMqtw9l+
uaiskCMi5Ssc9O1+2lUL6mbbnELwdrFyPI7XOxlW6iTC6nLgNCiO/Xb8OfBsfEz7
Q4Y=
-----END CERTIFICATE-----