Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xuhJgVJlKkRvPq-fsFj8j2JRWAE.roa
File:                     xuhJgVJlKkRvPq-fsFj8j2JRWAE.roa (raw, json)
Hash identifier:          SGGFtOg1XsWkQiXc4y6Es1Zvyby4iIpSh/li4CQ2EBc=
Subject key identifier:   C6:E8:49:81:52:65:2A:44:6F:3E:AF:9F:B0:58:FC:8F:62:51:58:01
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01881B767B510EAA44FD40FBE8E46B2E7C1F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xuhJgVJlKkRvPq-fsFj8j2JRWAE.roa
Signing time:             Sun 14 May 2023 18:12:09 +0000
ROA not before:           Sun 14 May 2023 18:12:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1b:76:7b:51:0e:aa:44:fd:40:fb:e8:e4:6b:2e:7c:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 14 18:12:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6e8498152652a446f3eaf9fb058fc8f62515801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:a9:60:11:7e:6c:6a:cb:27:68:65:bb:1b:65:
                    b8:4c:1a:5e:fd:07:a8:4a:a1:b8:2f:c6:3d:aa:0e:
                    4d:04:c9:21:6e:bf:9b:89:17:f5:41:eb:95:e9:bb:
                    4f:d8:3b:47:3d:62:a5:7a:42:d4:4b:27:ee:c0:92:
                    80:f6:04:94:c3:6b:3e:dd:03:14:21:9e:46:5b:82:
                    31:35:7e:b8:e7:17:c8:48:b6:88:a9:d5:a7:8d:72:
                    2f:10:61:1d:69:82:56:20:1f:08:13:5b:77:58:b3:
                    a5:bd:86:54:5b:95:81:19:58:c6:28:8a:fe:32:ea:
                    64:e2:41:1e:88:7c:9d:49:9d:55:11:aa:f3:38:e3:
                    55:fa:ac:bf:6b:5a:c1:5e:a8:ba:1a:3e:69:24:14:
                    9c:2d:86:9b:75:86:ba:28:90:fb:c2:bf:1b:51:d1:
                    29:43:28:cc:0c:e0:92:8e:31:92:5a:86:a3:af:f4:
                    9b:6b:f7:e7:f9:ea:ff:04:0a:62:07:71:c1:ea:f1:
                    44:2c:c2:c0:3c:25:20:9e:8a:75:2f:a4:94:b6:dc:
                    1a:7e:75:c4:37:3a:2a:c9:e9:b4:2b:6f:8b:25:07:
                    77:30:7f:c0:a4:65:9b:51:0b:66:e6:c8:3c:dc:4d:
                    b7:54:a7:b6:99:40:d8:82:59:62:af:ba:f2:a8:36:
                    f4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E8:49:81:52:65:2A:44:6F:3E:AF:9F:B0:58:FC:8F:62:51:58:01
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xuhJgVJlKkRvPq-fsFj8j2JRWAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:b5:a6:ac:be:6a:6d:8d:a2:cf:46:67:5d:b1:bd:05:a7:af:
         3f:07:b0:93:b0:2f:9f:aa:e3:c5:19:fe:75:4a:f8:05:3f:fc:
         8a:cc:58:79:b0:f4:c7:f6:34:02:ba:f9:83:b6:a7:5d:8c:ee:
         5a:e8:1d:1c:1e:ee:44:e2:99:67:f4:e9:3e:6e:49:83:36:0f:
         15:61:45:a1:ee:54:80:05:2e:93:8b:b4:38:52:87:79:a8:29:
         32:29:c8:51:24:2b:66:5a:3b:63:60:40:54:3c:1b:94:9f:8c:
         56:ff:df:46:14:a2:51:d6:02:4b:aa:85:fe:1c:4a:ac:95:13:
         43:69:bf:af:f8:aa:76:04:b8:7b:f3:86:c6:57:68:ed:5b:f6:
         86:dc:81:19:e6:7f:8a:86:6f:dd:5e:35:96:a6:ed:63:af:51:
         44:58:a2:3f:d3:74:95:31:74:81:14:11:4e:59:9e:48:dc:8a:
         3f:69:cc:27:ab:41:87:05:c2:ef:df:e9:d5:9a:8b:0c:d9:e8:
         db:6c:9e:71:9d:ec:5b:b7:b8:bb:46:c8:77:ec:69:48:a5:0d:
         5d:d3:ad:ec:6d:4e:39:86:50:b9:13:a2:db:a4:ff:68:4a:b3:
         52:13:f0:cd:bc:1f:86:bf:e3:95:60:f7:71:4a:1a:a1:e5:8b:
         d6:31:ba:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgbdntRDqpE/UD76ORrLnwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE0MTgxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU4NDk4MTUyNjUyYTQ0NmYzZWFmOWZiMDU4ZmM4ZjYyNTE1ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqlgEX5sassnaGW7G2W4TBpe/Qeo
SqG4L8Y9qg5NBMkhbr+biRf1QeuV6btP2DtHPWKlekLUSyfuwJKA9gSUw2s+3QMU
IZ5GW4IxNX645xfISLaIqdWnjXIvEGEdaYJWIB8IE1t3WLOlvYZUW5WBGVjGKIr+
Mupk4kEeiHydSZ1VEarzOONV+qy/a1rBXqi6Gj5pJBScLYabdYa6KJD7wr8bUdEp
QyjMDOCSjjGSWoajr/Sba/fn+er/BApiB3HB6vFELMLAPCUgnop1L6SUttwafnXE
Nzoqyem0K2+LJQd3MH/ApGWbUQtm5sg83E23VKe2mUDYgllir7ryqDb0rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMboSYFSZSpEbz6vn7BY/I9iUVgBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveHVoSmdWSmxLa1J2UHEtZnNGajhqMkpSV0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABq1pqy+am2Nos9GZ12x
vQWnrz8HsJOwL5+q48UZ/nVK+AU//IrMWHmw9Mf2NAK6+YO2p12M7lroHRwe7kTi
mWf06T5uSYM2DxVhRaHuVIAFLpOLtDhSh3moKTIpyFEkK2ZaO2NgQFQ8G5SfjFb/
30YUolHWAkuqhf4cSqyVE0Npv6/4qnYEuHvzhsZXaO1b9obcgRnmf4qGb91eNZam
7WOvUURYoj/TdJUxdIEUEU5Znkjcij9pzCerQYcFwu/f6dWaiwzZ6NtsnnGd7Fu3
uLtGyHfsaUilDV3TrextTjmGULkTotuk/2hKs1IT8M28H4a/45Vg93FKGqHli9Yx
uos=
-----END CERTIFICATE-----