Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhE-FOt1SkP3KGBJPNtD1TJwWnw.roa
File:                     rhE-FOt1SkP3KGBJPNtD1TJwWnw.roa (raw, json)
Hash identifier:          JeDmwoI3qKb0UniX7WWD/caakgdhduaSRi2pyLqemvM=
Subject key identifier:   AE:11:3E:14:EB:75:4A:43:F7:28:60:49:3C:DB:43:D5:32:70:5A:7C
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186F3C08B1532331D47CB433F669836A959
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhE-FOt1SkP3KGBJPNtD1TJwWnw.roa
Signing time:             Sat 18 Mar 2023 08:05:27 +0000
ROA not before:           Sat 18 Mar 2023 08:05:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:f3bf:c5b1/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f3:c0:8b:15:32:33:1d:47:cb:43:3f:66:98:36:a9:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 18 08:05:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae113e14eb754a43f72860493cdb43d532705a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:72:a2:37:6f:91:7c:69:98:00:4a:fc:7c:ff:
                    69:8a:12:ac:b4:fb:14:9f:8a:f9:58:78:b3:ae:ec:
                    cc:9e:75:40:89:02:51:9b:1f:98:7e:02:43:0e:31:
                    69:ea:d5:c1:7b:64:ab:e5:e1:2f:3f:13:ef:36:24:
                    85:36:70:88:1e:39:59:e8:be:11:8c:43:16:0e:15:
                    49:70:c7:7e:ba:23:22:5a:3a:59:4e:60:16:0d:df:
                    9b:06:f2:d0:4f:ea:bb:aa:f2:f5:9c:79:d2:a8:2a:
                    98:a5:4c:25:ff:f7:8d:93:ff:39:d8:a3:5c:d6:56:
                    2b:e6:6f:e0:a3:3f:a1:34:1d:b0:2b:eb:9e:53:f6:
                    fc:e4:e3:5e:b4:2e:a3:2a:d7:32:50:e0:45:9d:19:
                    57:02:51:33:de:52:2f:bf:61:9f:4a:4e:81:2d:25:
                    97:6b:54:ba:82:04:c9:3f:73:e7:3f:41:de:e7:93:
                    62:65:ca:9c:b9:45:81:9c:46:46:6d:74:1b:07:44:
                    f9:a4:58:fa:34:de:c9:ba:92:b6:02:76:e0:8e:c9:
                    2a:bc:b8:96:84:08:71:2a:74:e1:f8:6a:ac:8f:8b:
                    f7:e4:65:ee:f6:2d:ed:07:da:f0:28:f9:51:f6:72:
                    22:36:cd:a9:83:b3:90:de:c1:0e:4e:99:d6:b3:b7:
                    3f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:11:3E:14:EB:75:4A:43:F7:28:60:49:3C:DB:43:D5:32:70:5A:7C
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhE-FOt1SkP3KGBJPNtD1TJwWnw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:e6:e5:57:8a:1f:b1:79:0d:ca:f5:f8:75:53:ab:97:a3:ca:
         a6:34:35:cc:e3:20:28:aa:a6:b5:23:be:2e:b1:2f:c1:f3:7f:
         10:4d:bc:66:76:c1:9f:1e:99:05:1c:db:e1:de:25:5a:97:84:
         64:e4:30:75:bd:73:4a:51:f8:eb:c3:5c:0a:9f:b2:e0:8d:65:
         b4:bf:9d:c0:7b:41:c0:c1:8e:4e:68:dd:23:1c:4a:54:19:25:
         d0:b5:89:f7:92:f8:2e:47:13:cc:39:92:a5:6c:31:ed:8c:74:
         5c:71:f5:63:b9:d2:93:ce:01:01:29:b5:ad:2f:40:b1:af:ec:
         f8:ad:e6:55:df:c9:67:ba:db:37:e1:ce:bd:fe:6a:13:17:d8:
         52:7f:f9:44:95:6b:1a:9e:90:24:2e:b6:43:61:16:cf:e9:f6:
         54:a8:3f:4d:ec:5f:5b:6e:f8:a4:7f:01:d4:07:ef:74:7e:55:
         51:7d:2c:84:d3:65:c1:1e:d2:a5:f2:47:a9:0e:68:86:71:c4:
         fe:a7:55:63:a1:a0:58:60:d6:7e:d0:7e:37:4d:4a:0f:7b:b8:
         bd:26:84:e9:a3:0d:cb:63:82:95:e9:fd:b3:f8:8e:4c:70:04:
         72:21:3f:37:1b:10:4a:3c:a0:25:20:2f:e1:da:03:25:aa:d9:
         95:ed:ad:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbzwIsVMjMdR8tDP2aYNqlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE4MDgwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTExM2UxNGViNzU0YTQzZjcyODYwNDkzY2RiNDNkNTMyNzA1YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3KiN2+RfGmYAEr8fP9pihKstPsU
n4r5WHizruzMnnVAiQJRmx+YfgJDDjFp6tXBe2Sr5eEvPxPvNiSFNnCIHjlZ6L4R
jEMWDhVJcMd+uiMiWjpZTmAWDd+bBvLQT+q7qvL1nHnSqCqYpUwl//eNk/852KNc
1lYr5m/goz+hNB2wK+ueU/b85ONetC6jKtcyUOBFnRlXAlEz3lIvv2GfSk6BLSWX
a1S6ggTJP3PnP0He55NiZcqcuUWBnEZGbXQbB0T5pFj6NN7JupK2AnbgjskqvLiW
hAhxKnTh+Gqsj4v35GXu9i3tB9rwKPlR9nIiNs2pg7OQ3sEOTpnWs7c/PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4RPhTrdUpD9yhgSTzbQ9UycFp8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcmhFLUZPdDFTa1AzS0dCSlBOdEQxVEp3V253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEbm5VeKH7F5Dcr1+HVT
q5ejyqY0NczjICiqprUjvi6xL8HzfxBNvGZ2wZ8emQUc2+HeJVqXhGTkMHW9c0pR
+OvDXAqfsuCNZbS/ncB7QcDBjk5o3SMcSlQZJdC1ifeS+C5HE8w5kqVsMe2MdFxx
9WO50pPOAQEpta0vQLGv7Pit5lXfyWe62zfhzr3+ahMX2FJ/+USVaxqekCQutkNh
Fs/p9lSoP03sX1tu+KR/AdQH73R+VVF9LITTZcEe0qXyR6kOaIZxxP6nVWOhoFhg
1n7QfjdNSg97uL0mhOmjDctjgpXp/bP4jkxwBHIhPzcbEEo8oCUgL+HaAyWq2ZXt
rSc=
-----END CERTIFICATE-----