Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uHgod4Y0OPZGq17zlXDOWylzOIE.roa
File:                     uHgod4Y0OPZGq17zlXDOWylzOIE.roa (raw, json)
Hash identifier:          ouCxclLHyMBXn9ZjrOAlCTOP2diusjqhjmCeqIlul58=
Subject key identifier:   B8:78:28:77:86:34:38:F6:46:AB:5E:F3:95:70:CE:5B:29:73:38:81
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187BB8D70E930D0E6EA8FD0BEAF60E7FD3F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uHgod4Y0OPZGq17zlXDOWylzOIE.roa
Signing time:             Wed 26 Apr 2023 03:13:41 +0000
ROA not before:           Wed 26 Apr 2023 03:13:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bb:8d:70:e9:30:d0:e6:ea:8f:d0:be:af:60:e7:fd:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 26 03:13:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8782877863438f646ab5ef39570ce5b29733881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:02:51:cf:e1:f2:f4:72:a1:b9:fc:4e:64:2d:
                    bb:be:3c:e9:ee:48:d6:7e:21:f4:1b:08:29:60:ef:
                    82:2f:55:94:d5:c0:43:46:d4:66:4e:3d:d4:b3:07:
                    15:38:76:1e:63:0e:1c:47:54:6f:2a:8c:6b:ab:0c:
                    ef:f3:9e:20:4a:11:56:8e:1f:71:bf:d1:93:5f:21:
                    30:50:6a:20:77:ba:e9:78:78:6f:60:af:04:f5:b1:
                    4f:b5:62:85:b9:07:54:60:39:0c:f0:e1:19:0c:50:
                    91:3a:2f:a5:52:8c:fe:58:48:10:8f:c2:2f:26:21:
                    c8:bc:64:89:d6:9a:75:10:fa:4a:18:96:73:d6:59:
                    41:79:ad:63:0a:ec:86:47:bc:9c:00:4e:49:a0:be:
                    08:2c:9a:9b:76:b6:35:d1:fd:e5:e3:7c:2c:ed:50:
                    ca:1a:3d:42:f8:18:ef:8a:8a:6b:43:b1:57:bd:0b:
                    77:28:06:cb:df:36:ed:14:5a:d4:2f:85:80:77:0f:
                    e1:70:53:27:6d:4f:63:22:98:f9:99:53:d0:8d:9b:
                    e7:17:75:65:b2:95:d4:fe:f9:27:3f:7b:f7:9f:5a:
                    a5:07:16:e9:4c:dc:ff:2a:27:63:ca:56:a9:dc:3b:
                    09:27:f1:ea:cf:3f:dd:77:0b:56:9b:b2:53:5b:8d:
                    b4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:78:28:77:86:34:38:F6:46:AB:5E:F3:95:70:CE:5B:29:73:38:81
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uHgod4Y0OPZGq17zlXDOWylzOIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:0a:80:f1:a2:54:31:5b:f2:af:a9:64:b6:6e:38:ae:67:a5:
         25:49:33:78:24:e5:b5:c1:45:15:c5:c1:80:be:ab:5f:2d:8c:
         78:54:4e:9f:ce:27:eb:ee:22:70:7b:f8:92:f1:7a:a9:57:0d:
         52:0e:c8:73:63:35:1f:b8:05:ba:f0:51:56:bb:68:1e:2a:c4:
         b7:e5:8e:43:d1:45:0e:95:c8:6d:cc:c4:61:fe:f8:e2:fc:c0:
         b0:b7:4d:17:c0:35:51:9f:be:53:1d:99:ed:61:fc:64:5b:93:
         e4:eb:17:f9:68:8b:48:bf:1c:16:64:c9:a0:0c:18:78:7d:96:
         2e:15:bd:3b:c5:c0:e7:14:5b:3b:11:de:07:13:50:bd:c0:c2:
         4d:c4:c8:cf:f2:34:f3:49:b0:ae:f3:6e:64:f0:bc:f9:e1:6d:
         3f:cb:ce:6e:5b:e3:ca:fc:cc:e2:d0:65:0b:5a:f9:db:98:6f:
         c8:2f:8c:3a:62:31:40:5e:1c:f6:b9:ea:b5:2f:37:f5:59:5f:
         5a:c7:fe:a5:32:eb:0e:19:e7:ec:29:0f:f5:52:89:ea:b5:01:
         f2:ee:dd:19:84:8a:8a:a0:e6:f3:fe:5b:e4:f2:95:ca:5d:3d:
         f1:d6:7c:9d:98:70:29:b5:60:0b:79:ff:fa:b0:5f:7b:a7:34:
         93:d8:db:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe7jXDpMNDm6o/Qvq9g5/0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI2MDMxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODc4Mjg3Nzg2MzQzOGY2NDZhYjVlZjM5NTcwY2U1YjI5NzMzODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQJRz+Hy9HKhufxOZC27vjzp7kjW
fiH0GwgpYO+CL1WU1cBDRtRmTj3UswcVOHYeYw4cR1RvKoxrqwzv854gShFWjh9x
v9GTXyEwUGogd7rpeHhvYK8E9bFPtWKFuQdUYDkM8OEZDFCROi+lUoz+WEgQj8Iv
JiHIvGSJ1pp1EPpKGJZz1llBea1jCuyGR7ycAE5JoL4ILJqbdrY10f3l43ws7VDK
Gj1C+BjvioprQ7FXvQt3KAbL3zbtFFrUL4WAdw/hcFMnbU9jIpj5mVPQjZvnF3Vl
spXU/vknP3v3n1qlBxbpTNz/Kidjylap3DsJJ/Hqzz/ddwtWm7JTW420UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLh4KHeGNDj2Rqte85VwzlspcziBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdUhnb2Q0WTBPUFpHcTE3emxYRE9XeWx6T0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADAKgPGiVDFb8q+pZLZu
OK5npSVJM3gk5bXBRRXFwYC+q18tjHhUTp/OJ+vuInB7+JLxeqlXDVIOyHNjNR+4
BbrwUVa7aB4qxLfljkPRRQ6VyG3MxGH++OL8wLC3TRfANVGfvlMdme1h/GRbk+Tr
F/loi0i/HBZkyaAMGHh9li4VvTvFwOcUWzsR3gcTUL3Awk3EyM/yNPNJsK7zbmTw
vPnhbT/Lzm5b48r8zOLQZQta+duYb8gvjDpiMUBeHPa56rUvN/VZX1rH/qUy6w4Z
5+wpD/VSieq1AfLu3RmEioqg5vP+W+TylcpdPfHWfJ2YcCm1YAt5//qwX3unNJPY
2ys=
-----END CERTIFICATE-----