Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uzWvT-wp9OYRVP_Db8_pnf7yHIs.roa
File:                     uzWvT-wp9OYRVP_Db8_pnf7yHIs.roa (raw, json)
Hash identifier:          A7gO+C5hkJZv3KhaEovc7bmY2DWUzEBqJ2em/Q+Opdc=
Subject key identifier:   BB:35:AF:4F:EC:29:F4:E6:11:54:FF:C3:6F:CF:E9:9D:FE:F2:1C:8B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187BEC2ABC5F5C9004D95D0049DAFB3C88A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uzWvT-wp9OYRVP_Db8_pnf7yHIs.roa
Signing time:             Wed 26 Apr 2023 18:10:41 +0000
ROA not before:           Wed 26 Apr 2023 18:10:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:be:c2:ab:c5:f5:c9:00:4d:95:d0:04:9d:af:b3:c8:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr 26 18:10:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb35af4fec29f4e61154ffc36fcfe99dfef21c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8d:67:36:46:c1:a1:d0:db:71:62:9f:22:d8:
                    6b:cc:90:79:d7:4e:c7:97:8c:a8:f8:a7:a7:d4:da:
                    fc:38:d6:03:35:16:a3:02:0a:c7:70:50:5b:6f:cd:
                    20:74:8d:6f:5a:c5:4d:c2:d3:0b:77:14:57:61:e5:
                    7d:6e:a5:40:16:d8:4d:e6:2f:e9:30:a4:7d:26:07:
                    4f:82:bd:70:bf:cd:09:5a:d9:3e:cd:8f:67:27:1c:
                    3f:da:95:86:b3:a7:57:02:4e:a2:66:a5:ab:34:b1:
                    d8:d3:c1:97:07:bb:27:88:7f:1a:1d:ce:7b:c1:08:
                    18:6f:69:d8:4e:84:bf:0b:4d:50:e8:bb:63:eb:dd:
                    6f:83:66:a5:92:85:fe:93:00:7f:30:7f:59:58:af:
                    32:32:86:4e:68:bd:1a:c1:4a:fd:e4:34:d3:c1:89:
                    bb:10:df:7c:8b:7f:01:66:9f:4d:4a:59:73:2d:d2:
                    12:69:44:00:c8:f4:d3:d1:49:a0:1d:41:a4:8b:cd:
                    88:73:f0:8a:9f:fa:b0:a3:43:6b:63:41:3a:f7:4c:
                    a0:08:60:9b:3b:d8:db:f9:ee:d3:69:e1:31:88:4d:
                    05:8f:75:3f:fd:27:39:44:8f:00:ac:22:82:74:78:
                    28:fe:da:e7:33:cc:61:aa:8f:9c:19:88:e6:d7:b3:
                    4d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:35:AF:4F:EC:29:F4:E6:11:54:FF:C3:6F:CF:E9:9D:FE:F2:1C:8B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uzWvT-wp9OYRVP_Db8_pnf7yHIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:a1:f2:0c:5b:7a:90:ec:6c:5a:36:96:99:3e:52:87:92:77:
         e7:1e:1e:55:cb:1c:8d:41:c2:8e:00:35:f5:d6:64:43:b8:f8:
         8a:28:a0:2b:37:75:53:65:66:38:0b:59:7b:d5:ad:53:bc:4f:
         60:ba:9e:72:98:d1:5f:a5:34:1f:f7:7a:bf:93:92:e0:e9:f0:
         97:59:58:14:7e:d9:d5:12:49:82:f9:46:de:15:9f:ef:62:36:
         3d:48:f3:64:78:63:f2:ad:a3:23:95:59:1c:1e:aa:bd:d2:88:
         a4:54:e0:87:97:bb:1f:99:29:28:6a:89:d6:f6:6b:6b:fa:b0:
         77:d5:34:f5:5a:ed:19:37:36:a2:98:26:09:f0:50:c3:5e:7b:
         28:f5:bc:52:60:0e:2f:cb:7a:74:92:39:14:6d:b6:5e:1f:ed:
         a0:40:d0:a6:fa:8b:62:7d:6d:2a:f9:ec:da:86:d9:91:a8:b0:
         46:b4:4e:9c:6f:79:d8:71:ed:d8:8d:04:02:51:bc:dd:12:d2:
         5e:4b:96:6f:6e:8b:b0:4c:bb:2e:58:e7:20:44:17:2c:8a:a6:
         84:bd:66:39:0d:ef:6e:50:1c:0c:f0:29:a6:50:c6:70:55:96:
         5a:b1:8e:c1:72:10:76:b3:e8:e3:47:ea:44:28:f7:ac:1b:88:
         0a:ba:59:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe+wqvF9ckATZXQBJ2vs8iKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI2MTgxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1YWY0ZmVjMjlmNGU2MTE1NGZmYzM2ZmNmZTk5ZGZlZjIxYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY1nNkbBodDbcWKfIthrzJB5107H
l4yo+Ken1Nr8ONYDNRajAgrHcFBbb80gdI1vWsVNwtMLdxRXYeV9bqVAFthN5i/p
MKR9JgdPgr1wv80JWtk+zY9nJxw/2pWGs6dXAk6iZqWrNLHY08GXB7sniH8aHc57
wQgYb2nYToS/C01Q6Ltj691vg2alkoX+kwB/MH9ZWK8yMoZOaL0awUr95DTTwYm7
EN98i38BZp9NSllzLdISaUQAyPTT0UmgHUGki82Ic/CKn/qwo0NrY0E690ygCGCb
O9jb+e7TaeExiE0Fj3U//Sc5RI8ArCKCdHgo/trnM8xhqo+cGYjm17NNPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLs1r0/sKfTmEVT/w2/P6Z3+8hyLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdXpXdlQtd3A5T1lSVlBfRGI4X3BuZjd5SElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHWh8gxbepDsbFo2lpk+
UoeSd+ceHlXLHI1Bwo4ANfXWZEO4+IoooCs3dVNlZjgLWXvVrVO8T2C6nnKY0V+l
NB/3er+TkuDp8JdZWBR+2dUSSYL5Rt4Vn+9iNj1I82R4Y/KtoyOVWRweqr3SiKRU
4IeXux+ZKShqidb2a2v6sHfVNPVa7Rk3NqKYJgnwUMNeeyj1vFJgDi/LenSSORRt
tl4f7aBA0Kb6i2J9bSr57NqG2ZGosEa0Tpxvedhx7diNBAJRvN0S0l5Llm9ui7BM
uy5Y5yBEFyyKpoS9ZjkN725QHAzwKaZQxnBVllqxjsFyEHaz6ONH6kQo96wbiAq6
WUw=
-----END CERTIFICATE-----