Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qyATxQQNf8QUBMqfBcCQSPMpJ9Q.roa
File:                     qyATxQQNf8QUBMqfBcCQSPMpJ9Q.roa (raw, json)
Hash identifier:          2IF87D2b/rRqS0rJI7+Awb/BE64BM1ad6huD/iq+zdM=
Subject key identifier:   AB:20:13:C5:04:0D:7F:C4:14:04:CA:9F:05:C0:90:48:F3:29:27:D4
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189410459D563F0AD6B951542B570F47395
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qyATxQQNf8QUBMqfBcCQSPMpJ9Q.roa
Signing time:             Mon 10 Jul 2023 18:15:51 +0000
ROA not before:           Mon 10 Jul 2023 18:15:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:41:04:59:d5:63:f0:ad:6b:95:15:42:b5:70:f4:73:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 10 18:15:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab2013c5040d7fc41404ca9f05c09048f32927d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c5:22:c2:6e:9a:0b:fb:bf:8d:30:8d:90:61:
                    30:5e:40:73:f0:a4:30:3c:9d:ce:f4:9e:b3:1c:26:
                    f0:17:9a:66:66:47:dc:d9:8c:ff:97:64:53:01:70:
                    25:e3:14:ac:d0:2a:65:8c:f5:6f:37:bb:06:81:86:
                    f7:34:b9:b8:31:a7:82:c3:3c:33:51:35:f5:de:d1:
                    64:70:da:bf:1e:34:d7:a0:a2:d2:f7:f5:dd:f8:0a:
                    1f:33:f4:35:92:29:ff:86:30:c2:46:ad:76:fb:9a:
                    cf:ba:50:98:83:21:52:ba:af:38:c3:5d:5c:f1:57:
                    bd:fb:f5:48:76:4f:3e:96:1e:e1:79:68:53:fd:b1:
                    84:ea:db:1b:a4:71:6b:16:f3:31:8e:1a:bf:3b:30:
                    72:0c:f1:6e:57:41:64:8f:5c:66:e2:9f:11:06:bf:
                    e9:85:a5:cc:1d:6c:5e:3d:a2:a5:3e:ab:9c:7b:e2:
                    87:cf:b9:dd:57:a2:d3:5a:e1:64:32:bd:c9:eb:30:
                    9f:ed:13:ec:7c:81:91:63:a1:58:11:7f:1b:47:cd:
                    72:00:e1:29:d6:bc:39:4f:db:d7:4d:c7:77:de:43:
                    fb:9a:a7:b3:0c:e5:16:06:af:9a:83:0a:4b:46:2e:
                    51:6d:40:cd:4b:12:9d:58:6d:40:05:ef:db:54:4e:
                    b5:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:20:13:C5:04:0D:7F:C4:14:04:CA:9F:05:C0:90:48:F3:29:27:D4
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qyATxQQNf8QUBMqfBcCQSPMpJ9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:f9:01:43:84:9b:c1:46:fb:61:08:38:9c:96:7e:a5:c5:fd:
         6d:ce:d8:47:a8:20:f7:e1:a6:d2:c1:37:f7:f6:15:07:db:7c:
         f7:98:d0:a3:98:7d:b9:7a:f0:e6:fb:c3:e8:44:c7:67:77:c8:
         d3:9e:94:08:d1:46:e6:a0:d2:9c:bd:9b:2b:2e:71:8f:75:fd:
         32:08:77:5b:1c:36:60:88:c5:b2:7e:1f:62:f1:2f:9a:39:76:
         6d:88:b9:98:36:26:f2:05:63:f5:66:07:95:cf:cc:54:cf:43:
         dc:b3:66:e2:12:3d:f6:a2:c4:69:e3:b7:40:b2:4f:05:51:80:
         69:35:83:e6:e8:2f:5e:77:dc:9d:06:11:7d:db:1c:8a:91:fc:
         32:63:94:0d:30:7c:61:0a:3b:88:9c:12:77:e9:6e:e2:a8:b5:
         25:4b:19:44:b5:4b:f9:99:18:36:e0:e5:cd:b0:22:0b:40:d8:
         35:2f:8b:b1:11:1e:ca:d9:db:29:05:9c:5c:8c:8b:cd:10:25:
         61:3b:df:76:73:b0:e1:88:9b:f0:97:67:f2:d1:58:2a:f1:1f:
         fd:1c:24:50:13:7b:5e:8e:42:df:80:0c:cf:80:69:d2:08:58:
         32:0b:fb:4e:c0:f8:71:1e:90:e8:4d:8a:60:09:02:28:1c:4f:
         01:c2:4a:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlBBFnVY/Cta5UVQrVw9HOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzEwMTgxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIwMTNjNTA0MGQ3ZmM0MTQwNGNhOWYwNWMwOTA0OGYzMjkyN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMUiwm6aC/u/jTCNkGEwXkBz8KQw
PJ3O9J6zHCbwF5pmZkfc2Yz/l2RTAXAl4xSs0CpljPVvN7sGgYb3NLm4MaeCwzwz
UTX13tFkcNq/HjTXoKLS9/Xd+AofM/Q1kin/hjDCRq12+5rPulCYgyFSuq84w11c
8Ve9+/VIdk8+lh7heWhT/bGE6tsbpHFrFvMxjhq/OzByDPFuV0Fkj1xm4p8RBr/p
haXMHWxePaKlPquce+KHz7ndV6LTWuFkMr3J6zCf7RPsfIGRY6FYEX8bR81yAOEp
1rw5T9vXTcd33kP7mqezDOUWBq+agwpLRi5RbUDNSxKdWG1ABe/bVE61lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKsgE8UEDX/EFATKnwXAkEjzKSfUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcXlBVHhRUU5mOFFVQk1xZkJjQ1FTUE1wSjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACX5AUOEm8FG+2EIOJyW
fqXF/W3O2EeoIPfhptLBN/f2FQfbfPeY0KOYfbl68Ob7w+hEx2d3yNOelAjRRuag
0py9mysucY91/TIId1scNmCIxbJ+H2LxL5o5dm2IuZg2JvIFY/VmB5XPzFTPQ9yz
ZuISPfaixGnjt0CyTwVRgGk1g+boL1533J0GEX3bHIqR/DJjlA0wfGEKO4icEnfp
buKotSVLGUS1S/mZGDbg5c2wIgtA2DUvi7ERHsrZ2ykFnFyMi80QJWE733ZzsOGI
m/CXZ/LRWCrxH/0cJFATe16OQt+ADM+AadIIWDIL+07A+HEekOhNimAJAigcTwHC
SiA=
-----END CERTIFICATE-----