Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x5vrtLx1AELe1zZgbj1QXeD4SOM.roa
File:                     x5vrtLx1AELe1zZgbj1QXeD4SOM.roa (raw, json)
Hash identifier:          0EPUK94ykk7MGwWNKO8hXo9pnb7INPCEwpsVNqE5YDM=
Subject key identifier:   C7:9B:EB:B4:BC:75:00:42:DE:D7:36:60:6E:3D:50:5D:E0:F8:48:E3
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188B818A8274B9069A74A639E1CC3E04D6E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x5vrtLx1AELe1zZgbj1QXeD4SOM.roa
Signing time:             Wed 14 Jun 2023 04:10:03 +0000
ROA not before:           Wed 14 Jun 2023 04:10:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:18:a8:27:4b:90:69:a7:4a:63:9e:1c:c3:e0:4d:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 14 04:10:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c79bebb4bc750042ded736606e3d505de0f848e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:68:b5:c1:25:c7:29:5e:5b:42:e4:db:44:d8:
                    5a:2b:f7:46:3a:d3:56:78:29:7b:ff:07:d6:df:37:
                    f9:88:e6:15:aa:37:fb:e0:a6:ee:63:3f:1a:12:a2:
                    33:6a:fb:b6:17:a6:d3:a4:2c:05:a5:3c:86:ca:1a:
                    9d:22:e5:18:a8:b7:b2:13:23:21:66:3a:c3:0f:77:
                    71:a7:80:8e:d1:4c:c5:ef:ce:0e:fc:40:b7:c3:ba:
                    5b:1f:14:47:71:17:94:03:e4:73:59:86:92:3b:34:
                    f0:02:f3:a1:d8:eb:51:11:67:84:6c:82:f8:27:54:
                    99:ff:6c:7f:ba:79:ab:d5:d9:83:9f:32:f2:51:84:
                    a5:29:b5:0b:9a:85:d8:0b:b1:fa:c3:55:d5:3d:66:
                    26:7f:65:f2:58:c7:8c:e9:52:11:da:43:58:fa:08:
                    b3:34:7e:e9:5b:52:36:eb:fd:11:23:f0:58:be:f5:
                    52:f0:11:9e:32:8a:f1:2f:4f:29:5b:1d:13:74:12:
                    f0:b9:c2:e5:27:e3:32:e6:11:77:30:27:93:e1:0d:
                    52:2e:f1:4d:3f:3a:da:a8:bd:1d:4e:55:42:85:3d:
                    81:b5:dc:52:7f:8e:81:11:78:98:3d:84:1e:12:6c:
                    b6:53:f1:cd:d2:eb:59:b3:9a:e4:09:17:19:d2:67:
                    4d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:9B:EB:B4:BC:75:00:42:DE:D7:36:60:6E:3D:50:5D:E0:F8:48:E3
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x5vrtLx1AELe1zZgbj1QXeD4SOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:ef:3f:44:14:c4:11:c9:14:7e:40:a9:10:39:ef:9f:bd:72:
         57:ee:73:fd:e3:72:e7:88:16:bf:37:ce:df:89:ec:9d:14:18:
         27:64:81:36:b7:04:dc:af:e2:cd:20:6a:44:93:b8:e0:46:86:
         75:78:1e:0f:3c:cc:1f:8e:5b:8d:86:f8:db:6c:b9:2b:be:98:
         be:11:49:06:a2:59:b5:b5:2f:cf:79:06:92:27:ba:20:d6:83:
         c3:a2:c1:d8:0b:45:55:a3:58:bd:2d:44:6b:9f:9a:d4:f4:a7:
         e0:d3:ea:a6:0c:6b:34:f9:b4:11:83:cc:5d:97:d8:e7:cd:de:
         8b:53:3a:1d:f2:73:36:e9:a0:4d:bb:b4:72:79:39:2d:67:b6:
         03:24:0b:9b:53:bc:79:d8:54:b6:5b:0d:ad:2f:15:cb:4f:ea:
         2a:6a:3f:c9:f0:ca:2d:54:11:c8:84:0f:d1:f6:95:67:de:e0:
         cc:e8:d4:01:c4:1b:f3:ec:39:f9:9c:6f:07:b6:c1:92:b4:a2:
         4d:4b:7c:bc:0f:47:54:51:86:1d:55:38:ad:44:52:70:d9:66:
         75:8e:b6:63:bc:ea:0e:2b:b5:2a:d8:21:79:3c:a6:d6:bb:47:
         23:10:2c:c5:35:fd:cc:8e:b4:ea:c3:c9:b2:44:8c:39:71:b7:
         89:b2:0f:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi4GKgnS5Bpp0pjnhzD4E1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MDQxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzliZWJiNGJjNzUwMDQyZGVkNzM2NjA2ZTNkNTA1ZGUwZjg0OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGi1wSXHKV5bQuTbRNhaK/dGOtNW
eCl7/wfW3zf5iOYVqjf74KbuYz8aEqIzavu2F6bTpCwFpTyGyhqdIuUYqLeyEyMh
ZjrDD3dxp4CO0UzF784O/EC3w7pbHxRHcReUA+RzWYaSOzTwAvOh2OtREWeEbIL4
J1SZ/2x/unmr1dmDnzLyUYSlKbULmoXYC7H6w1XVPWYmf2XyWMeM6VIR2kNY+giz
NH7pW1I26/0RI/BYvvVS8BGeMorxL08pWx0TdBLwucLlJ+My5hF3MCeT4Q1SLvFN
PzraqL0dTlVChT2BtdxSf46BEXiYPYQeEmy2U/HN0utZs5rkCRcZ0mdNOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMeb67S8dQBC3tc2YG49UF3g+EjjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveDV2cnRMeDFBRUxlMXpaZ2JqMVFYZUQ0U09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7vP0QUxBHJFH5AqRA5
75+9clfuc/3jcueIFr83zt+J7J0UGCdkgTa3BNyv4s0gakSTuOBGhnV4Hg88zB+O
W42G+NtsuSu+mL4RSQaiWbW1L895BpInuiDWg8OiwdgLRVWjWL0tRGufmtT0p+DT
6qYMazT5tBGDzF2X2OfN3otTOh3yczbpoE27tHJ5OS1ntgMkC5tTvHnYVLZbDa0v
FctP6ipqP8nwyi1UEciED9H2lWfe4Mzo1AHEG/PsOfmcbwe2wZK0ok1LfLwPR1RR
hh1VOK1EUnDZZnWOtmO86g4rtSrYIXk8pta7RyMQLMU1/cyOtOrDybJEjDlxt4my
D1c=
-----END CERTIFICATE-----