Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rmagqyg73WUASc112rqg0Db05N0.roa
File:                     rmagqyg73WUASc112rqg0Db05N0.roa (raw, json)
Hash identifier:          NLmbVFeFZ9vRPJu+heuV1Zw+eFNdAik57ZNffjlCR7I=
Subject key identifier:   AE:66:A0:AB:28:3B:DD:65:00:49:CD:75:DA:BA:A0:D0:36:F4:E4:DD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188755C26288C7E1DF79F0EB5A4013D3DB0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rmagqyg73WUASc112rqg0Db05N0.roa
Signing time:             Thu 01 Jun 2023 05:09:13 +0000
ROA not before:           Thu 01 Jun 2023 05:09:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:75:5c:26:28:8c:7e:1d:f7:9f:0e:b5:a4:01:3d:3d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun  1 05:09:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae66a0ab283bdd650049cd75dabaa0d036f4e4dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:90:4f:68:9f:23:8b:4c:91:de:3f:16:ec:c3:
                    f2:ff:f3:b6:0c:9e:08:91:6f:3e:b5:32:b6:0c:d9:
                    19:21:b0:56:e3:b3:7b:66:d2:d9:1c:10:bc:2a:52:
                    41:84:2e:b5:85:4c:52:4f:4a:3f:08:ff:b6:00:15:
                    b0:db:fd:c5:37:a4:67:fe:13:db:0c:ef:2f:91:b0:
                    12:61:b1:eb:87:d0:4c:63:59:b5:de:55:02:1e:eb:
                    ce:e3:5a:fa:10:b6:02:88:bb:33:d4:d5:48:9d:cd:
                    a6:81:4b:a3:1a:e6:a3:9f:13:ad:4f:30:4c:11:18:
                    32:82:3b:f4:08:2c:41:a6:1e:f2:02:32:2c:33:49:
                    23:eb:d8:3c:b6:fb:2f:ca:3f:7b:c5:13:f2:ef:60:
                    58:23:8e:e4:47:10:27:eb:ac:03:8a:63:02:99:e3:
                    29:68:5f:4b:d9:ba:67:72:b4:09:9f:05:28:90:26:
                    bf:ad:b0:f0:bb:01:64:63:2a:43:92:63:9c:6f:b8:
                    d1:37:9e:5e:cc:a9:4b:11:3a:95:54:6a:59:72:47:
                    8a:b0:da:85:25:67:25:c6:6d:5d:6f:75:70:96:db:
                    07:56:c3:a2:36:a6:29:53:7e:be:88:03:e1:82:ec:
                    75:81:67:fb:08:ef:da:07:cd:af:4c:84:9b:86:92:
                    83:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:66:A0:AB:28:3B:DD:65:00:49:CD:75:DA:BA:A0:D0:36:F4:E4:DD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rmagqyg73WUASc112rqg0Db05N0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:6a:b2:8d:40:3d:f7:ba:a1:c9:7b:14:6f:ea:41:89:eb:05:
         a9:8e:d5:3d:82:13:10:b2:f5:c7:78:a5:04:5a:c3:e2:fa:d8:
         f0:c6:85:90:90:c6:11:f5:f7:e7:6b:9b:70:0e:da:6d:4d:33:
         ed:80:f5:7e:cf:80:54:a9:4a:a2:1e:0a:02:b4:a6:96:b3:e5:
         0f:88:c9:51:e2:74:6f:b8:66:73:27:f4:e9:97:39:44:4b:19:
         f0:8e:e7:12:37:5a:ad:e0:b9:c2:34:3a:49:75:80:4a:c1:d9:
         3c:fc:09:88:9e:7c:ce:11:8f:4c:83:5d:71:64:da:62:f8:4e:
         a5:68:6a:e0:d8:ce:da:94:b9:0b:b3:c3:e1:54:6d:67:5c:19:
         80:b7:78:60:9b:07:fc:97:51:e0:cb:25:e6:da:23:15:6c:9c:
         45:07:0b:42:d8:af:b2:8d:12:f0:51:1a:e7:10:8e:98:37:4c:
         39:44:be:84:3c:0a:39:b6:18:5b:c6:76:1f:24:52:2d:c1:0b:
         a6:91:4c:6a:eb:38:4e:73:9f:72:a5:f7:c4:c2:90:59:4e:80:
         bc:21:2b:0d:e9:af:71:0d:48:f8:d9:9e:db:67:3f:d7:67:34:
         3b:35:db:b1:2f:4f:b1:22:1c:40:d9:6e:d8:68:a1:ab:c6:36:
         d9:8b:8f:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYh1XCYojH4d958OtaQBPT2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjAxMDUwOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY2YTBhYjI4M2JkZDY1MDA0OWNkNzVkYWJhYTBkMDM2ZjRlNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZBPaJ8ji0yR3j8W7MPy//O2DJ4I
kW8+tTK2DNkZIbBW47N7ZtLZHBC8KlJBhC61hUxST0o/CP+2ABWw2/3FN6Rn/hPb
DO8vkbASYbHrh9BMY1m13lUCHuvO41r6ELYCiLsz1NVInc2mgUujGuajnxOtTzBM
ERgygjv0CCxBph7yAjIsM0kj69g8tvsvyj97xRPy72BYI47kRxAn66wDimMCmeMp
aF9L2bpncrQJnwUokCa/rbDwuwFkYypDkmOcb7jRN55ezKlLETqVVGpZckeKsNqF
JWclxm1db3VwltsHVsOiNqYpU36+iAPhgux1gWf7CO/aB82vTISbhpKDyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK5moKsoO91lAEnNddq6oNA29OTdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcm1hZ3F5ZzczV1VBU2MxMTJycWcwRGIwNU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJqso1APfe6ocl7FG/q
QYnrBamO1T2CExCy9cd4pQRaw+L62PDGhZCQxhH19+drm3AO2m1NM+2A9X7PgFSp
SqIeCgK0ppaz5Q+IyVHidG+4ZnMn9OmXOURLGfCO5xI3Wq3gucI0Okl1gErB2Tz8
CYiefM4Rj0yDXXFk2mL4TqVoauDYztqUuQuzw+FUbWdcGYC3eGCbB/yXUeDLJeba
IxVsnEUHC0LYr7KNEvBRGucQjpg3TDlEvoQ8Cjm2GFvGdh8kUi3BC6aRTGrrOE5z
n3Kl98TCkFlOgLwhKw3pr3ENSPjZnttnP9dnNDs127EvT7EiHEDZbthooavGNtmL
j/8=
-----END CERTIFICATE-----