Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sFJw6zghR2M3BVQSUTnUCTs4OC8.roa
File:                     sFJw6zghR2M3BVQSUTnUCTs4OC8.roa (raw, json)
Hash identifier:          H+20+cfJCoYq14kEtQuOOxIPVA3dO8gv5d4HRUkJElI=
Subject key identifier:   B0:52:70:EB:38:21:47:63:37:05:54:12:51:39:D4:09:3B:38:38:2F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018728593CAC86729B25B82A96FFDDBA37A8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sFJw6zghR2M3BVQSUTnUCTs4OC8.roa
Signing time:             Tue 28 Mar 2023 13:12:29 +0000
ROA not before:           Tue 28 Mar 2023 13:12:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:28:59:3c:ac:86:72:9b:25:b8:2a:96:ff:dd:ba:37:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 28 13:12:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b05270eb38214763370554125139d4093b38382f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:31:f2:ae:0f:26:2f:14:f4:07:f8:66:c5:22:
                    52:04:66:3b:af:5e:c3:0d:1c:27:9f:b6:1f:bd:3b:
                    b9:f2:9e:13:0d:1b:71:03:68:48:98:70:ad:c2:5c:
                    f7:67:b0:8c:7d:68:bd:2e:d0:ff:f3:70:34:37:d2:
                    aa:68:1d:73:9c:4e:32:c1:28:46:16:09:17:59:9a:
                    50:43:b4:60:23:2c:5e:e5:44:19:86:a7:ec:07:ba:
                    a7:77:ef:1c:a0:24:93:c2:f6:80:4e:d1:ea:f3:34:
                    f4:bc:4e:7f:ac:f6:dc:b8:df:46:c4:74:8a:d4:1a:
                    96:70:87:c4:97:42:95:70:75:0a:90:40:66:de:16:
                    48:55:c3:1a:77:ae:28:54:f0:f5:0c:83:93:df:db:
                    89:5b:df:08:4d:31:a5:ca:a6:ff:a4:86:8b:c0:f4:
                    09:9d:e7:e7:bb:b4:db:89:3a:2b:4f:e0:f5:0f:5c:
                    f7:08:48:29:74:f2:0f:69:47:f9:50:4d:d6:fa:a7:
                    0c:42:8d:aa:01:62:cb:f8:43:c7:fc:1e:42:23:6d:
                    a9:7a:96:95:bd:18:0b:ce:d6:c7:e7:ee:9a:86:ea:
                    fa:8b:e0:1f:cc:63:3c:eb:9f:65:5f:f2:da:76:6b:
                    35:cf:de:28:9e:21:3e:ba:46:ac:97:eb:eb:c8:d2:
                    76:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:52:70:EB:38:21:47:63:37:05:54:12:51:39:D4:09:3B:38:38:2F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sFJw6zghR2M3BVQSUTnUCTs4OC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:ea:b0:3f:38:63:5c:01:6b:4f:fb:be:c5:39:37:c4:b1:6b:
         5a:10:99:aa:e9:ee:fa:17:e3:e4:15:a6:3e:9f:37:f7:92:89:
         29:a8:e5:93:fa:47:01:7b:e7:45:28:9b:97:c2:84:65:f8:fb:
         77:bf:5f:57:13:57:14:29:20:93:f0:a5:b4:ff:26:e3:bc:4c:
         3d:e5:9b:19:67:6a:c0:65:19:d2:02:76:25:de:9d:03:9e:98:
         16:f6:03:0b:47:32:d8:d3:e3:ab:79:7d:1a:df:0a:0d:8d:5a:
         ee:8a:6a:33:17:cc:f5:21:1a:b0:30:5a:82:f3:b4:09:e1:b1:
         3c:33:f3:e9:67:6e:6c:d3:be:69:8a:bf:b0:0d:e8:44:df:57:
         6c:11:bf:76:d4:ae:b2:ac:c4:7e:dd:19:b7:9e:5d:28:57:7d:
         2e:b8:08:19:65:10:63:b7:8b:bb:6e:4d:25:97:9d:00:e1:e1:
         fb:5f:1e:07:b2:4a:cb:ee:ed:16:42:26:bb:45:27:af:56:8a:
         0f:c7:32:76:ab:68:00:87:fe:6f:da:58:36:d9:53:82:3d:a1:
         c5:56:5d:53:a7:18:1a:13:aa:2f:cd:8c:51:4e:f1:fa:ef:bc:
         e4:e6:27:d9:56:74:9c:04:fd:58:66:ea:51:5a:48:b1:97:04:
         7d:15:bb:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcoWTyshnKbJbgqlv/dujeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI4MTMxMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDUyNzBlYjM4MjE0NzYzMzcwNTU0MTI1MTM5ZDQwOTNiMzgzODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDHyrg8mLxT0B/hmxSJSBGY7r17D
DRwnn7YfvTu58p4TDRtxA2hImHCtwlz3Z7CMfWi9LtD/83A0N9KqaB1znE4ywShG
FgkXWZpQQ7RgIyxe5UQZhqfsB7qnd+8coCSTwvaATtHq8zT0vE5/rPbcuN9GxHSK
1BqWcIfEl0KVcHUKkEBm3hZIVcMad64oVPD1DIOT39uJW98ITTGlyqb/pIaLwPQJ
nefnu7TbiTorT+D1D1z3CEgpdPIPaUf5UE3W+qcMQo2qAWLL+EPH/B5CI22pepaV
vRgLztbH5+6ahur6i+AfzGM8659lX/Ladms1z94oniE+ukasl+vryNJ2cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLBScOs4IUdjNwVUElE51Ak7ODgvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc0ZKdzZ6Z2hSMk0zQlZRU1VUblVDVHM0T0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGDqsD84Y1wBa0/7vsU5
N8Sxa1oQmarp7voX4+QVpj6fN/eSiSmo5ZP6RwF750Uom5fChGX4+3e/X1cTVxQp
IJPwpbT/JuO8TD3lmxlnasBlGdICdiXenQOemBb2AwtHMtjT46t5fRrfCg2NWu6K
ajMXzPUhGrAwWoLztAnhsTwz8+lnbmzTvmmKv7AN6ETfV2wRv3bUrrKsxH7dGbee
XShXfS64CBllEGO3i7tuTSWXnQDh4ftfHgeySsvu7RZCJrtFJ69Wig/HMnaraACH
/m/aWDbZU4I9ocVWXVOnGBoTqi/NjFFO8frvvOTmJ9lWdJwE/Vhm6lFaSLGXBH0V
u6E=
-----END CERTIFICATE-----