Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zqKywfYq-asseC1U8hpx2d4d-Aw.roa
File:                     zqKywfYq-asseC1U8hpx2d4d-Aw.roa (raw, json)
Hash identifier:          OJNWiL2i2ajFNGFr9wqEP1r1q/namY/BgzRfpF6NbhE=
Subject key identifier:   CE:A2:B2:C1:F6:2A:F9:AB:2C:78:2D:54:F2:1A:71:D9:DE:1D:F8:0C
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188AE03EAFA0E536A5E24FA4FF5D27AE221
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zqKywfYq-asseC1U8hpx2d4d-Aw.roa
Signing time:             Mon 12 Jun 2023 05:11:12 +0000
ROA not before:           Mon 12 Jun 2023 05:11:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:03:ea:fa:0e:53:6a:5e:24:fa:4f:f5:d2:7a:e2:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 12 05:11:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cea2b2c1f62af9ab2c782d54f21a71d9de1df80c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:98:92:9e:0c:39:37:f0:52:2b:55:fa:15:5e:
                    7b:95:4d:5a:09:fa:b4:dc:46:b3:dc:11:50:af:61:
                    e0:1e:c4:f1:d9:56:0e:03:8e:d4:ab:da:5a:09:42:
                    ac:75:93:01:12:79:8d:ac:28:6c:7c:f1:70:bf:3f:
                    40:ea:d3:de:bd:ea:a1:23:a7:a7:3b:26:7d:04:f6:
                    c5:36:53:de:71:06:25:b2:4f:ce:c7:94:1e:a2:e5:
                    07:c2:da:90:a5:ca:5d:d5:8f:11:d7:f6:d6:0a:a4:
                    67:96:d6:91:d9:89:64:e9:c8:75:12:6f:f4:a8:53:
                    ef:e2:e6:0f:4a:27:ca:37:ab:1a:08:bc:fc:5d:81:
                    8c:3f:f3:b2:fc:5a:4a:59:15:e3:7f:03:cc:b5:6e:
                    86:74:44:a1:58:31:34:b7:a2:d4:9f:c1:8e:37:83:
                    7b:e6:93:96:64:ce:a5:42:b9:6d:f8:9b:43:f9:c9:
                    d6:9d:7c:94:1d:e5:7b:71:40:8f:5c:4a:b0:58:ab:
                    f1:bc:d3:1a:da:73:82:85:a7:6f:38:fb:a1:b2:1f:
                    d6:b3:6a:f7:0e:5f:12:20:73:31:5d:12:f0:2b:61:
                    9d:c8:3a:c2:49:66:f7:98:3c:de:d4:10:5e:a4:e4:
                    0d:3d:24:f6:79:1d:81:03:7b:d5:af:6e:41:ed:dd:
                    df:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A2:B2:C1:F6:2A:F9:AB:2C:78:2D:54:F2:1A:71:D9:DE:1D:F8:0C
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zqKywfYq-asseC1U8hpx2d4d-Aw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:7c:5a:2c:90:db:a1:58:da:29:77:23:8d:9c:ba:a6:21:6c:
         ab:13:a6:5d:69:25:4f:70:ea:d1:f4:aa:17:66:8d:83:23:26:
         c8:63:f1:4f:6d:eb:f8:ce:f9:3e:8a:53:68:46:3b:5d:83:fd:
         80:29:1f:09:a8:cf:ad:8a:92:7a:57:9a:a8:f8:74:94:1a:fb:
         47:5a:7f:ab:06:e2:29:3b:a6:9a:87:7d:49:5a:50:68:20:93:
         86:df:fb:ae:9f:67:73:71:a9:77:25:56:d9:7d:6b:a6:be:8f:
         ae:28:31:47:1b:75:d4:ab:91:b7:41:04:6c:b5:9a:7a:24:82:
         d5:ce:39:da:b0:61:6c:6d:c1:c3:52:ac:d6:35:4a:c8:61:5b:
         fd:80:e2:d6:ef:76:82:ac:7d:89:db:28:b8:0b:4f:bd:f5:6b:
         2c:40:0c:9b:ad:fa:f8:16:2f:4b:ea:9e:e6:7b:44:25:7f:11:
         ed:4e:59:df:63:02:32:6f:11:ed:63:49:66:49:0b:b9:26:c0:
         f4:45:bb:22:fb:42:ad:99:b7:b8:53:a0:f4:44:05:b9:90:92:
         1b:45:d4:63:f7:85:58:12:cc:86:03:70:79:b8:a4:5b:0a:51:
         77:ab:a8:38:b5:95:8d:8f:b9:fc:f3:b6:98:2a:74:90:33:8e:
         dd:46:00:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiuA+r6DlNqXiT6T/XSeuIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEyMDUxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWEyYjJjMWY2MmFmOWFiMmM3ODJkNTRmMjFhNzFkOWRlMWRmODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZiSngw5N/BSK1X6FV57lU1aCfq0
3Eaz3BFQr2HgHsTx2VYOA47Uq9paCUKsdZMBEnmNrChsfPFwvz9A6tPeveqhI6en
OyZ9BPbFNlPecQYlsk/Ox5QeouUHwtqQpcpd1Y8R1/bWCqRnltaR2Ylk6ch1Em/0
qFPv4uYPSifKN6saCLz8XYGMP/Oy/FpKWRXjfwPMtW6GdEShWDE0t6LUn8GON4N7
5pOWZM6lQrlt+JtD+cnWnXyUHeV7cUCPXEqwWKvxvNMa2nOChadvOPuhsh/Ws2r3
Dl8SIHMxXRLwK2GdyDrCSWb3mDze1BBepOQNPST2eR2BA3vVr25B7d3f3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM6issH2KvmrLHgtVPIacdneHfgMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvenFLeXdmWXEtYXNzZUMxVThocHgyZDRkLUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAl8WiyQ26FY2il3I42c
uqYhbKsTpl1pJU9w6tH0qhdmjYMjJshj8U9t6/jO+T6KU2hGO12D/YApHwmoz62K
knpXmqj4dJQa+0daf6sG4ik7ppqHfUlaUGggk4bf+66fZ3NxqXclVtl9a6a+j64o
MUcbddSrkbdBBGy1mnokgtXOOdqwYWxtwcNSrNY1SshhW/2A4tbvdoKsfYnbKLgL
T731ayxADJut+vgWL0vqnuZ7RCV/Ee1OWd9jAjJvEe1jSWZJC7kmwPRFuyL7Qq2Z
t7hToPREBbmQkhtF1GP3hVgSzIYDcHm4pFsKUXerqDi1lY2PufzztpgqdJAzjt1G
ALc=
-----END CERTIFICATE-----