Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sbjnb4r7LJxoRqoY7aesn0tZ0gg.roa
File:                     sbjnb4r7LJxoRqoY7aesn0tZ0gg.roa (raw, json)
Hash identifier:          jVSEaxxYpuI90YNu0cjPOlijKiDN4B8auqEY6Qs4zVk=
Subject key identifier:   B1:B8:E7:6F:8A:FB:2C:9C:68:46:AA:18:ED:A7:AC:9F:4B:59:D2:08
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187EB5ED05DB45F73213A1E2627BB01DC88
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sbjnb4r7LJxoRqoY7aesn0tZ0gg.roa
Signing time:             Fri 05 May 2023 10:04:32 +0000
ROA not before:           Fri 05 May 2023 10:04:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:187:eb5e:6eab/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:eb:5e:d0:5d:b4:5f:73:21:3a:1e:26:27:bb:01:dc:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  5 10:04:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1b8e76f8afb2c9c6846aa18eda7ac9f4b59d208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f1:51:fc:f5:6e:81:39:dc:b0:91:5f:50:3f:
                    cd:51:6c:03:f8:c6:f1:86:5d:aa:88:ee:2a:b1:12:
                    8c:84:f3:44:4f:2e:83:94:15:0b:4a:70:65:59:8b:
                    3f:2c:dc:55:2f:07:9a:9e:ce:1a:97:b4:0f:1f:d1:
                    7d:9d:de:c7:49:0b:6c:41:a4:d3:a0:6d:1f:b0:6d:
                    dc:5b:15:e9:69:0e:be:10:85:46:bb:49:c1:67:ab:
                    84:05:d7:66:63:f5:7f:09:fa:7c:dd:ca:81:da:a3:
                    f3:42:74:15:7a:69:9e:be:69:ec:51:12:95:25:f0:
                    4e:dd:df:cc:02:1e:ba:45:ee:3f:2b:16:99:2e:40:
                    02:2d:9d:cf:a5:eb:74:18:8d:80:d9:07:03:01:4a:
                    8e:9e:4b:72:20:f1:d1:7c:5a:87:a1:c9:ac:ef:11:
                    86:66:8a:12:6d:0a:ab:5a:50:69:f2:51:77:5e:b1:
                    1c:a0:2d:59:c1:7c:df:74:67:2a:9d:6f:fa:56:0a:
                    cc:80:0c:91:44:c4:ba:36:7a:b3:51:39:52:63:95:
                    21:e4:44:46:fe:63:2d:45:15:73:8d:d3:5a:c0:12:
                    59:46:7c:a1:97:45:1a:02:04:a5:47:5c:ee:bb:51:
                    76:85:06:25:31:6c:a4:3b:f1:01:42:82:ef:cd:e9:
                    49:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:B8:E7:6F:8A:FB:2C:9C:68:46:AA:18:ED:A7:AC:9F:4B:59:D2:08
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sbjnb4r7LJxoRqoY7aesn0tZ0gg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:0a:37:26:82:38:55:c1:18:d1:72:5f:b3:cb:ce:f3:ca:50:
         39:67:b6:9d:24:be:51:11:ce:41:05:f8:fc:c0:c2:69:bb:0b:
         8b:4f:fd:06:62:e5:d1:ca:91:4c:29:e7:0f:8a:bc:94:4a:ff:
         c0:76:b4:88:ba:f9:a6:40:0b:c3:20:55:c4:54:d8:95:2a:b9:
         09:55:b5:ad:3c:b7:78:f9:67:b5:51:a1:37:19:a1:ce:e5:7f:
         ac:29:6e:a2:de:4c:40:50:5d:cc:a5:40:f4:c3:bd:23:31:26:
         7c:66:fc:5a:3d:32:ed:6d:1f:88:b2:80:41:c7:18:b0:87:2d:
         3f:66:a3:55:16:0a:9c:b8:59:88:c7:71:51:c8:d6:ca:fe:b6:
         84:d5:84:0f:ae:ce:27:04:62:94:90:bb:83:e8:92:6b:35:6b:
         25:c7:de:3e:07:47:f2:02:6a:81:e0:72:0c:c9:5b:e3:dd:b0:
         b6:fb:e8:58:aa:c7:97:2b:53:cd:d7:65:12:59:a2:66:69:d2:
         8d:cd:ba:ac:80:08:75:72:29:e1:2c:f5:6c:ae:6c:ab:45:1e:
         e6:4c:73:65:68:db:27:87:a0:0d:59:5c:65:1d:78:d4:9a:be:
         c4:d7:3b:9b:73:bf:f5:49:7f:94:d1:d1:0b:d1:93:8e:dc:66:
         e5:c0:11:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfrXtBdtF9zIToeJie7AdyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA1MTAwNDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI4ZTc2ZjhhZmIyYzljNjg0NmFhMThlZGE3YWM5ZjRiNTlkMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivFR/PVugTncsJFfUD/NUWwD+Mbx
hl2qiO4qsRKMhPNETy6DlBULSnBlWYs/LNxVLweans4al7QPH9F9nd7HSQtsQaTT
oG0fsG3cWxXpaQ6+EIVGu0nBZ6uEBddmY/V/Cfp83cqB2qPzQnQVemmevmnsURKV
JfBO3d/MAh66Re4/KxaZLkACLZ3Ppet0GI2A2QcDAUqOnktyIPHRfFqHocms7xGG
ZooSbQqrWlBp8lF3XrEcoC1ZwXzfdGcqnW/6VgrMgAyRRMS6NnqzUTlSY5Uh5ERG
/mMtRRVzjdNawBJZRnyhl0UaAgSlR1zuu1F2hQYlMWykO/EBQoLvzelJiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLG452+K+yycaEaqGO2nrJ9LWdIIMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc2JqbmI0cjdMSnhvUnFvWTdhZXNuMHRaMGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADAKNyaCOFXBGNFyX7PL
zvPKUDlntp0kvlERzkEF+PzAwmm7C4tP/QZi5dHKkUwp5w+KvJRK/8B2tIi6+aZA
C8MgVcRU2JUquQlVta08t3j5Z7VRoTcZoc7lf6wpbqLeTEBQXcylQPTDvSMxJnxm
/Fo9Mu1tH4iygEHHGLCHLT9mo1UWCpy4WYjHcVHI1sr+toTVhA+uzicEYpSQu4Po
kms1ayXH3j4HR/ICaoHgcgzJW+PdsLb76Fiqx5crU83XZRJZomZp0o3NuqyACHVy
KeEs9WyubKtFHuZMc2Vo2yeHoA1ZXGUdeNSavsTXO5tzv/VJf5TR0QvRk47cZuXA
EQg=
-----END CERTIFICATE-----