Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qFLswMg-3DgI1MVUcGoq2xcM6CA.roa
File:                     qFLswMg-3DgI1MVUcGoq2xcM6CA.roa (raw, json)
Hash identifier:          AAQ6ZXNU+wdvtJ0iUWpXo4Kku94fNQwFKo5JPwMbGxE=
Subject key identifier:   A8:52:EC:C0:C8:3E:DC:38:08:D4:C5:54:70:6A:2A:DB:17:0C:E8:20
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01880E5EBB9B9384AC0D26FC5BC31A40CBF5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qFLswMg-3DgI1MVUcGoq2xcM6CA.roa
Signing time:             Fri 12 May 2023 05:11:09 +0000
ROA not before:           Fri 12 May 2023 05:11:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0e:5e:bb:9b:93:84:ac:0d:26:fc:5b:c3:1a:40:cb:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 12 05:11:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a852ecc0c83edc3808d4c554706a2adb170ce820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:1b:a4:05:68:85:94:7c:17:1f:8b:19:46:9e:
                    9e:af:62:ce:57:7b:a8:57:be:fd:82:b3:c0:18:79:
                    f4:c8:8c:e5:66:ab:e4:23:1e:c4:a4:68:4e:1e:61:
                    56:6d:4f:e6:7d:00:aa:1e:29:33:ca:3b:16:f3:8c:
                    34:22:5b:80:ec:30:19:a2:3a:71:da:49:1a:79:bf:
                    e6:e8:80:8c:9c:19:de:3e:a6:ba:ed:12:56:18:5e:
                    15:0e:e3:6a:84:11:82:0e:18:5b:ff:f5:46:f5:40:
                    7c:0a:07:f1:72:07:d6:b9:4b:ed:fb:36:55:33:bd:
                    16:58:e9:3b:98:05:60:5c:ad:7c:e1:00:a8:d0:cb:
                    35:c1:b2:cb:f7:2c:b1:db:db:a9:17:e7:d1:3e:4c:
                    b5:76:3f:d6:80:7f:63:52:e3:5c:54:ae:29:65:92:
                    03:d1:d3:55:25:48:41:92:35:f0:c9:4d:2f:bc:3e:
                    b8:56:42:b7:6a:34:6f:d4:31:d5:7e:11:6a:0a:de:
                    5a:0d:c8:b1:33:50:8f:6c:15:ff:bf:a0:b9:bb:bb:
                    a6:f1:c3:db:70:00:a0:40:c0:15:2b:cd:5f:f0:57:
                    62:72:36:32:8a:45:79:26:4c:c3:44:e6:4a:69:85:
                    f2:81:c1:49:f2:d1:df:8c:14:0f:a6:b3:d7:82:ce:
                    70:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:52:EC:C0:C8:3E:DC:38:08:D4:C5:54:70:6A:2A:DB:17:0C:E8:20
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qFLswMg-3DgI1MVUcGoq2xcM6CA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:77:22:7b:26:18:7e:1f:17:69:fa:94:b4:24:a7:5c:d2:2e:
         2d:00:4c:d2:8d:96:f3:67:ce:70:60:d8:15:59:c7:63:f3:6b:
         42:8d:2f:59:7d:80:d3:e2:0e:cf:61:18:9c:89:a1:ca:e8:5d:
         a7:a8:6d:99:e2:59:a8:b5:92:be:db:83:6f:1b:19:1f:dd:60:
         f2:3c:93:c4:fa:47:fa:63:14:f9:e3:c0:d1:67:17:d6:f8:61:
         82:37:bf:5e:bd:65:4a:71:6c:05:34:62:e3:17:48:e7:85:29:
         5b:01:56:b7:2a:23:10:88:c7:e5:58:51:16:38:45:64:16:e8:
         f0:fe:ac:a8:59:71:5b:72:68:f7:ca:7f:04:1a:e1:5f:7e:63:
         1d:a5:7c:70:e5:2c:4a:5d:32:5b:0d:e6:0c:dd:2d:52:58:11:
         b4:ef:75:f9:44:c7:ea:78:43:bc:a1:31:2e:cd:a5:ac:8e:6c:
         b4:57:58:ed:d6:b3:8e:95:6e:6e:4e:4a:54:21:fe:7c:b1:1d:
         0f:b3:9c:a7:35:c7:39:bd:ae:57:e0:b5:6e:01:27:0d:ac:97:
         1a:8e:07:99:ca:23:45:98:4a:2e:db:a9:d8:0d:c3:fe:d7:92:
         0d:0c:48:8d:f5:9c:70:d4:8c:ae:a2:c4:b4:b7:6b:55:5f:69:
         f6:25:8f:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgOXrubk4SsDSb8W8MaQMv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTEyMDUxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODUyZWNjMGM4M2VkYzM4MDhkNGM1NTQ3MDZhMmFkYjE3MGNlODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxukBWiFlHwXH4sZRp6er2LOV3uo
V779grPAGHn0yIzlZqvkIx7EpGhOHmFWbU/mfQCqHikzyjsW84w0IluA7DAZojpx
2kkaeb/m6ICMnBnePqa67RJWGF4VDuNqhBGCDhhb//VG9UB8CgfxcgfWuUvt+zZV
M70WWOk7mAVgXK184QCo0Ms1wbLL9yyx29upF+fRPky1dj/WgH9jUuNcVK4pZZID
0dNVJUhBkjXwyU0vvD64VkK3ajRv1DHVfhFqCt5aDcixM1CPbBX/v6C5u7um8cPb
cACgQMAVK81f8FdicjYyikV5JkzDROZKaYXygcFJ8tHfjBQPprPXgs5weQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKhS7MDIPtw4CNTFVHBqKtsXDOggMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcUZMc3dNZy0zRGdJMU1WVWNHb3EyeGNNNkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEx3InsmGH4fF2n6lLQk
p1zSLi0ATNKNlvNnznBg2BVZx2Pza0KNL1l9gNPiDs9hGJyJocroXaeobZniWai1
kr7bg28bGR/dYPI8k8T6R/pjFPnjwNFnF9b4YYI3v169ZUpxbAU0YuMXSOeFKVsB
VrcqIxCIx+VYURY4RWQW6PD+rKhZcVtyaPfKfwQa4V9+Yx2lfHDlLEpdMlsN5gzd
LVJYEbTvdflEx+p4Q7yhMS7NpayObLRXWO3Ws46Vbm5OSlQh/nyxHQ+znKc1xzm9
rlfgtW4BJw2slxqOB5nKI0WYSi7bqdgNw/7Xkg0MSI31nHDUjK6ixLS3a1VfafYl
jyk=
-----END CERTIFICATE-----