Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t4AJ0rNA30jtwwjMxQoaFQykXW0.roa
File:                     t4AJ0rNA30jtwwjMxQoaFQykXW0.roa (raw, json)
Hash identifier:          9scyZP6dT9HsU94Rv12CY68OqRukdGH/Fgk/5CyGaoI=
Subject key identifier:   B7:80:09:D2:B3:40:DF:48:ED:C3:08:CC:C5:0A:1A:15:0C:A4:5D:6D
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188A5DAED56CF3DDDE10DD47EB65A3C286B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t4AJ0rNA30jtwwjMxQoaFQykXW0.roa
Signing time:             Sat 10 Jun 2023 15:09:28 +0000
ROA not before:           Sat 10 Jun 2023 15:09:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a5:da:ed:56:cf:3d:dd:e1:0d:d4:7e:b6:5a:3c:28:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 10 15:09:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b78009d2b340df48edc308ccc50a1a150ca45d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0c:2e:45:25:05:84:c1:0b:90:ca:60:63:54:
                    ec:8b:bd:09:05:c6:62:48:01:77:cd:4c:c2:b7:3b:
                    87:34:a4:2c:1e:d3:ae:45:1b:c6:37:93:ea:4e:5c:
                    20:3c:ff:a9:81:91:85:93:a2:a1:2c:02:d0:de:0c:
                    79:2f:c2:d1:e2:3e:d2:2b:18:3b:e3:c5:97:f3:6a:
                    81:9c:e2:91:d1:bd:d0:36:d5:92:5e:a4:7f:85:96:
                    60:f1:f2:05:91:42:5d:96:d4:bb:7c:9f:ae:44:fd:
                    fe:6f:c9:21:8d:6f:8d:e6:10:11:c2:5d:2c:ff:1f:
                    73:0f:70:b2:32:96:55:31:1b:a7:47:c1:14:90:56:
                    0b:84:aa:d9:93:96:b9:35:45:18:4c:d9:a1:5c:56:
                    13:05:28:4b:fe:f7:d2:fa:c7:90:aa:b6:e6:7b:f0:
                    9c:26:47:58:43:19:d4:17:3b:e4:77:bf:92:4b:6d:
                    eb:ce:11:e9:b7:62:93:57:d4:53:7a:b5:7a:2c:03:
                    2a:64:31:92:9c:3b:ee:c8:42:5b:dd:6e:71:8c:1b:
                    aa:fd:27:1f:4c:51:67:04:00:c3:cd:a3:73:0a:64:
                    12:72:f6:fc:5b:6a:b6:14:56:f4:d1:7a:6c:72:e9:
                    ae:2c:9a:22:1f:d1:bf:f5:20:b3:50:29:11:53:0c:
                    38:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:80:09:D2:B3:40:DF:48:ED:C3:08:CC:C5:0A:1A:15:0C:A4:5D:6D
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t4AJ0rNA30jtwwjMxQoaFQykXW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:14:75:8a:78:a0:9d:e1:73:91:2a:70:0a:a9:d7:2e:80:57:
         b2:43:55:65:6c:e1:de:f2:3d:da:82:48:75:82:3c:c6:67:e4:
         53:23:fa:d9:86:73:fb:f5:d4:b3:47:5e:76:a1:6a:77:6f:bc:
         98:5b:9d:02:2d:d8:76:96:af:4c:5c:9d:8c:e0:a9:cb:c1:1c:
         e3:44:31:83:e8:b3:78:12:72:2c:45:99:31:ab:74:5c:dc:a8:
         6a:ca:a9:70:fb:85:8b:2c:02:17:f6:60:2d:72:2c:b5:ca:6a:
         24:db:8f:c3:0e:5a:a7:7f:4a:6f:4f:d9:bf:2d:cc:a2:ae:a1:
         3d:39:a2:fd:0a:58:c8:ea:b4:86:f1:22:c7:a0:ff:7b:8c:e0:
         67:55:4b:62:ac:89:e9:0b:1a:b1:4f:6c:11:cd:37:fa:08:58:
         ce:59:af:de:44:c0:b4:a1:6c:b0:0b:ad:d7:7b:eb:93:79:fd:
         cc:06:4d:aa:75:b5:7b:af:e4:b6:cf:eb:d3:68:1c:ff:44:a4:
         36:88:21:d2:d5:75:7e:55:b8:1d:16:64:b1:f8:ee:c2:9e:16:
         f5:6e:80:32:21:63:9a:1f:2a:81:c3:8c:60:10:53:5a:a2:10:
         e7:00:f2:be:71:28:03:5f:02:0d:bc:e2:9e:ea:3a:e1:73:e2:
         09:f1:8f:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYil2u1Wzz3d4Q3UfrZaPChrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEwMTUwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzgwMDlkMmIzNDBkZjQ4ZWRjMzA4Y2NjNTBhMWExNTBjYTQ1ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQwuRSUFhMELkMpgY1Tsi70JBcZi
SAF3zUzCtzuHNKQsHtOuRRvGN5PqTlwgPP+pgZGFk6KhLALQ3gx5L8LR4j7SKxg7
48WX82qBnOKR0b3QNtWSXqR/hZZg8fIFkUJdltS7fJ+uRP3+b8khjW+N5hARwl0s
/x9zD3CyMpZVMRunR8EUkFYLhKrZk5a5NUUYTNmhXFYTBShL/vfS+seQqrbme/Cc
JkdYQxnUFzvkd7+SS23rzhHpt2KTV9RTerV6LAMqZDGSnDvuyEJb3W5xjBuq/Scf
TFFnBADDzaNzCmQScvb8W2q2FFb00XpscumuLJoiH9G/9SCzUCkRUww4XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLeACdKzQN9I7cMIzMUKGhUMpF1tMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdDRBSjByTkEzMGp0d3dqTXhRb2FGUXlrWFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKAUdYp4oJ3hc5EqcAqp
1y6AV7JDVWVs4d7yPdqCSHWCPMZn5FMj+tmGc/v11LNHXnahandvvJhbnQIt2HaW
r0xcnYzgqcvBHONEMYPos3gScixFmTGrdFzcqGrKqXD7hYssAhf2YC1yLLXKaiTb
j8MOWqd/Sm9P2b8tzKKuoT05ov0KWMjqtIbxIseg/3uM4GdVS2KsiekLGrFPbBHN
N/oIWM5Zr95EwLShbLALrdd765N5/cwGTap1tXuv5LbP69NoHP9EpDaIIdLVdX5V
uB0WZLH47sKeFvVugDIhY5ofKoHDjGAQU1qiEOcA8r5xKANfAg284p7qOuFz4gnx
jxQ=
-----END CERTIFICATE-----