Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvLLTWbEAqmfo5v5lUSLBMgO4bQ.roa
File:                     uvLLTWbEAqmfo5v5lUSLBMgO4bQ.roa (raw, json)
Hash identifier:          FIjnV6qAKjhuSUkqIyg60ReXy6/n+Aa/7HhDwU3qtRI=
Subject key identifier:   BA:F2:CB:4D:66:C4:02:A9:9F:A3:9B:F9:95:44:8B:04:C8:0E:E1:B4
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187EB2E4ACFA7A40E6DA89C3F2B1CEBF400
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvLLTWbEAqmfo5v5lUSLBMgO4bQ.roa
Signing time:             Fri 05 May 2023 09:11:32 +0000
ROA not before:           Fri 05 May 2023 09:11:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:eb:2e:4a:cf:a7:a4:0e:6d:a8:9c:3f:2b:1c:eb:f4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  5 09:11:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=baf2cb4d66c402a99fa39bf995448b04c80ee1b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:21:05:6d:0d:fb:57:92:49:63:ac:6f:7e:2a:
                    91:08:2e:31:2b:1c:3b:d0:a3:22:38:39:e8:e0:c3:
                    aa:58:ee:39:ac:e9:11:8c:98:26:c8:77:c6:f1:6f:
                    dc:20:e2:48:b7:0a:87:23:c6:31:fd:db:a5:c1:30:
                    92:84:bd:0e:57:e5:f1:89:09:7b:4b:30:cb:8b:dc:
                    db:88:00:b9:2b:44:4f:39:b1:76:59:4a:ee:98:61:
                    bd:3f:91:93:d9:e8:0d:25:fb:94:32:2d:03:c9:ac:
                    ee:aa:6c:15:06:28:d3:02:f6:37:54:83:d8:e6:07:
                    b2:31:57:05:78:81:20:09:11:80:ce:8f:46:f1:43:
                    d9:4f:6f:95:59:2d:d9:c2:03:9f:89:2d:6a:9d:ef:
                    42:62:03:9f:78:4e:6d:0f:0c:01:52:86:46:51:64:
                    be:14:e9:aa:c8:95:a8:a1:10:85:01:3f:45:71:44:
                    85:cd:16:da:e3:b2:6d:ab:fb:03:21:f5:5b:d2:de:
                    f6:57:4d:cb:31:26:81:dd:ec:3e:61:9a:f9:2b:0a:
                    68:8c:b0:3e:ca:0c:92:cc:b6:d4:2d:92:fa:cd:22:
                    ff:07:f4:92:b4:05:68:9f:4b:57:4c:8b:aa:a3:0d:
                    3c:b6:37:6d:50:7f:d2:d5:57:d2:eb:4d:5b:db:29:
                    5c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F2:CB:4D:66:C4:02:A9:9F:A3:9B:F9:95:44:8B:04:C8:0E:E1:B4
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvLLTWbEAqmfo5v5lUSLBMgO4bQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:88:f8:97:ed:55:df:05:67:27:41:a7:30:36:0a:17:4b:63:
         12:17:d3:01:fa:b3:3a:23:5e:04:9a:19:7a:6c:ba:bb:6d:d1:
         fb:52:c4:21:de:0b:2e:66:b2:42:f7:0e:b3:0b:d0:1b:78:44:
         c2:f7:2e:68:18:2a:6d:d9:23:ad:e1:86:98:21:42:6b:3a:54:
         0d:79:04:2d:3b:3f:6a:d8:37:b0:98:c4:c7:02:a1:2e:9a:5b:
         c5:72:ff:bd:6f:d7:26:7b:a5:f4:f7:55:e8:98:75:54:58:25:
         58:da:06:ab:cc:88:29:6a:9b:2f:88:cd:5d:c5:20:bf:b7:39:
         53:08:ba:02:7e:0b:25:47:0e:7a:09:b7:77:6d:b4:66:90:65:
         41:46:c5:d9:9b:4a:c4:01:4b:5f:86:7f:9c:c7:00:50:be:83:
         6f:f8:d0:7e:79:53:27:8c:ea:86:74:93:49:67:0c:31:22:82:
         8c:d3:22:af:bd:08:57:97:6d:18:d5:91:6f:66:55:64:b0:38:
         59:66:4b:79:c5:6f:d2:3e:9b:f1:f9:04:f6:af:6c:24:3f:50:
         98:69:65:72:d7:af:ef:5f:ee:f3:0e:04:e1:90:b1:f8:4c:41:
         15:58:53:bd:f3:b6:6b:1c:4e:20:79:87:b2:0b:89:27:df:ae:
         c6:d3:88:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfrLkrPp6QObaicPysc6/QAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA1MDkxMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWYyY2I0ZDY2YzQwMmE5OWZhMzliZjk5NTQ0OGIwNGM4MGVlMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCEFbQ37V5JJY6xvfiqRCC4xKxw7
0KMiODno4MOqWO45rOkRjJgmyHfG8W/cIOJItwqHI8Yx/dulwTCShL0OV+XxiQl7
SzDLi9zbiAC5K0RPObF2WUrumGG9P5GT2egNJfuUMi0DyazuqmwVBijTAvY3VIPY
5geyMVcFeIEgCRGAzo9G8UPZT2+VWS3ZwgOfiS1qne9CYgOfeE5tDwwBUoZGUWS+
FOmqyJWooRCFAT9FcUSFzRba47Jtq/sDIfVb0t72V03LMSaB3ew+YZr5KwpojLA+
ygySzLbULZL6zSL/B/SStAVon0tXTIuqow08tjdtUH/S1VfS601b2ylctwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLryy01mxAKpn6Ob+ZVEiwTIDuG0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdXZMTFRXYkVBcW1mbzV2NWxVU0xCTWdPNGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqI+JftVd8FZydBpzA2
ChdLYxIX0wH6szojXgSaGXpsurtt0ftSxCHeCy5mskL3DrML0Bt4RML3LmgYKm3Z
I63hhpghQms6VA15BC07P2rYN7CYxMcCoS6aW8Vy/71v1yZ7pfT3VeiYdVRYJVja
BqvMiClqmy+IzV3FIL+3OVMIugJ+CyVHDnoJt3dttGaQZUFGxdmbSsQBS1+Gf5zH
AFC+g2/40H55UyeM6oZ0k0lnDDEigozTIq+9CFeXbRjVkW9mVWSwOFlmS3nFb9I+
m/H5BPavbCQ/UJhpZXLXr+9f7vMOBOGQsfhMQRVYU73ztmscTiB5h7ILiSffrsbT
iNU=
-----END CERTIFICATE-----