Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7gFGEabc7ogbVdwvPx9WB1uVpm8.roa
File:                     7gFGEabc7ogbVdwvPx9WB1uVpm8.roa (raw, json)
Hash identifier:          zeRub88Rq9OhFqZLRHWyoJULlhwDq+5tO5GuN0xMaS4=
Subject key identifier:   EE:01:46:11:A6:DC:EE:88:1B:55:DC:2F:3F:1F:56:07:5B:95:A6:6F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01875F453076297D29AD9599B48B532703DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7gFGEabc7ogbVdwvPx9WB1uVpm8.roa
Signing time:             Sat 08 Apr 2023 05:09:42 +0000
ROA not before:           Sat 08 Apr 2023 05:09:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5f:45:30:76:29:7d:29:ad:95:99:b4:8b:53:27:03:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Apr  8 05:09:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee014611a6dcee881b55dc2f3f1f56075b95a66f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:70:f2:2e:ba:d9:5d:11:b9:85:92:f2:67:71:
                    da:63:38:5c:2c:41:48:45:7a:6e:ca:c3:75:37:7c:
                    72:0c:38:84:34:eb:5b:01:2d:1d:6b:13:47:47:a8:
                    af:4e:18:ed:92:12:06:61:48:16:8e:0c:91:0e:6b:
                    7b:c4:38:95:02:0d:64:bc:97:58:13:24:d3:3e:29:
                    a7:fc:d3:cb:96:f0:2d:25:c5:0f:75:e8:f3:cb:a1:
                    cc:7f:0d:47:56:86:95:76:fb:5a:c2:24:a8:a7:05:
                    64:ab:1b:bf:5d:47:dd:15:31:22:7f:66:a3:0e:d3:
                    e2:76:7a:7b:49:48:eb:7b:05:a6:c3:db:04:56:49:
                    e0:78:55:b5:43:45:c9:87:03:d7:b9:b9:11:0d:af:
                    0c:2a:9b:74:bc:96:f2:af:a9:d2:b6:94:04:7b:81:
                    ea:b5:b7:eb:0d:e6:02:5b:ef:f3:1a:2d:bd:32:68:
                    9e:65:73:73:2f:72:ef:35:df:58:73:67:6a:e2:ec:
                    76:a8:71:ca:fc:5f:b3:a0:ea:73:31:b4:a3:49:ee:
                    eb:7c:18:56:6e:e1:b5:13:55:a8:89:65:51:30:b5:
                    47:20:78:69:85:9c:85:13:cb:c6:96:fb:d3:8b:81:
                    de:94:42:ce:6c:71:2e:ca:b5:1f:00:80:77:b9:10:
                    88:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:01:46:11:A6:DC:EE:88:1B:55:DC:2F:3F:1F:56:07:5B:95:A6:6F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7gFGEabc7ogbVdwvPx9WB1uVpm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:29:78:3b:6d:63:c0:9e:b5:3d:c9:d3:1d:03:06:f4:50:89:
         e2:55:98:86:a5:a5:e5:d6:a5:39:e8:38:9b:17:1e:09:7e:57:
         ce:ba:41:49:ec:49:e2:00:25:78:bb:47:55:15:42:0e:4d:fc:
         3f:2e:e5:da:79:76:90:04:13:59:2b:48:53:4c:b3:6d:e9:af:
         8f:c6:2a:d3:b3:ce:a2:c6:04:6f:32:eb:c0:22:fe:8e:8d:6c:
         ca:69:63:7d:f8:17:48:7a:f8:bb:fd:83:3b:41:21:2c:36:ec:
         90:6c:20:dc:97:14:a5:73:12:e6:31:47:a4:80:84:84:2f:4d:
         c7:e6:f9:42:a5:9b:c8:bd:e5:e5:2f:e0:54:e6:28:f8:ca:69:
         74:f0:4a:07:8f:a3:d4:69:57:ae:63:71:5a:3b:d5:3f:84:e7:
         0b:86:93:4b:5a:5a:57:9d:3c:ab:6d:15:0a:29:f0:a5:fb:34:
         54:d5:dc:f0:97:06:2e:d9:46:61:9b:de:44:b3:7c:a4:85:1e:
         4d:ec:31:1b:9c:0d:d3:57:3a:f4:05:dd:61:48:00:a2:50:eb:
         d8:90:19:88:eb:1b:7b:19:ce:c6:09:dd:b5:43:b7:c7:d1:ed:
         19:30:98:25:c4:e3:eb:ef:fc:8a:f6:0d:6f:d5:58:e2:1c:0f:
         31:7b:d2:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdfRTB2KX0prZWZtItTJwPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA4MDUwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTAxNDYxMWE2ZGNlZTg4MWI1NWRjMmYzZjFmNTYwNzViOTVhNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3DyLrrZXRG5hZLyZ3HaYzhcLEFI
RXpuysN1N3xyDDiENOtbAS0daxNHR6ivThjtkhIGYUgWjgyRDmt7xDiVAg1kvJdY
EyTTPimn/NPLlvAtJcUPdejzy6HMfw1HVoaVdvtawiSopwVkqxu/XUfdFTEif2aj
DtPidnp7SUjrewWmw9sEVkngeFW1Q0XJhwPXubkRDa8MKpt0vJbyr6nStpQEe4Hq
tbfrDeYCW+/zGi29MmieZXNzL3LvNd9Yc2dq4ux2qHHK/F+zoOpzMbSjSe7rfBhW
buG1E1WoiWVRMLVHIHhphZyFE8vGlvvTi4HelELObHEuyrUfAIB3uRCIVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO4BRhGm3O6IG1XcLz8fVgdblaZvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN2dGR0VhYmM3b2diVmR3dlB4OVdCMXVWcG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADApeDttY8CetT3J0x0D
BvRQieJVmIalpeXWpTnoOJsXHgl+V866QUnsSeIAJXi7R1UVQg5N/D8u5dp5dpAE
E1krSFNMs23pr4/GKtOzzqLGBG8y68Ai/o6NbMppY334F0h6+Lv9gztBISw27JBs
INyXFKVzEuYxR6SAhIQvTcfm+UKlm8i95eUv4FTmKPjKaXTwSgePo9RpV65jcVo7
1T+E5wuGk0taWledPKttFQop8KX7NFTV3PCXBi7ZRmGb3kSzfKSFHk3sMRucDdNX
OvQF3WFIAKJQ69iQGYjrG3sZzsYJ3bVDt8fR7RkwmCXE4+vv/Ir2DW/VWOIcDzF7
0p8=
-----END CERTIFICATE-----