Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HnzsIOsDYuzXvC_ItvCAgvrJBI8.roa
File:                     HnzsIOsDYuzXvC_ItvCAgvrJBI8.roa (raw, json)
Hash identifier:          DlR0KC3qNH3p+iXj+dMrdXs2LcgaYnbhIurGb3szD6g=
Subject key identifier:   1E:7C:EC:20:EB:03:62:EC:D7:BC:2F:C8:B6:F0:80:82:FA:C9:04:8F
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01881EE4795A13D95E939A6BE166F63F065F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HnzsIOsDYuzXvC_ItvCAgvrJBI8.roa
Signing time:             Mon 15 May 2023 10:11:09 +0000
ROA not before:           Mon 15 May 2023 10:11:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:e4:79:5a:13:d9:5e:93:9a:6b:e1:66:f6:3f:06:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 15 10:11:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e7cec20eb0362ecd7bc2fc8b6f08082fac9048f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a0:7d:1f:82:60:e3:b3:0e:dd:40:58:71:7a:
                    24:18:ae:52:4c:5a:2f:78:47:69:31:8c:11:5c:09:
                    88:34:74:b1:96:26:4a:bf:99:eb:0f:52:91:0b:91:
                    98:8a:61:e5:3a:ee:72:cf:13:51:d8:16:47:f2:c4:
                    87:99:ce:fc:40:ac:b4:2b:6e:9e:4e:bc:00:dc:ee:
                    b3:2e:2a:6d:7e:24:61:95:e0:c1:0c:d1:32:df:70:
                    76:46:99:45:10:45:88:32:2a:fc:26:3c:dd:8a:ca:
                    01:d5:7a:0b:a7:06:d6:f2:49:14:e6:62:d0:0a:1b:
                    69:aa:bd:f7:c8:0a:57:87:aa:1c:a5:c8:ed:b0:4a:
                    96:94:31:1a:c0:79:c0:c9:c5:41:61:9f:09:9c:4f:
                    a9:62:b4:35:91:e4:d2:6b:80:b2:c8:d7:55:ab:15:
                    00:47:3e:c4:d6:af:e0:03:93:63:2e:92:9d:f8:6e:
                    75:05:ba:38:64:b9:df:ca:d0:a4:2a:84:7d:fe:4f:
                    9b:2e:89:64:9a:fc:59:5b:82:c5:9e:18:e5:c4:13:
                    3e:9a:be:72:c0:66:4b:84:98:8f:72:80:b4:de:03:
                    b5:4c:fb:00:9a:1f:63:7d:49:ad:d0:92:18:0a:4a:
                    13:f8:1d:29:32:be:5b:fe:1f:7f:08:91:fc:75:2d:
                    cb:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:7C:EC:20:EB:03:62:EC:D7:BC:2F:C8:B6:F0:80:82:FA:C9:04:8F
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HnzsIOsDYuzXvC_ItvCAgvrJBI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:6d:f2:87:fb:de:e7:97:5f:18:25:c0:4d:1a:d1:e8:44:e9:
         96:15:73:96:dd:56:94:26:2c:6a:bc:15:e8:5d:3c:5e:c1:44:
         93:f5:84:d5:b1:33:91:9c:5c:ff:bd:73:e2:71:1f:b6:a3:e8:
         ba:1f:d1:96:73:7b:01:9e:f1:06:6c:0e:44:dd:91:e9:71:04:
         47:78:4d:f9:56:d7:16:b4:f5:ab:52:76:a6:1e:54:47:fc:70:
         8a:39:b8:e1:98:30:ec:f0:0a:19:f2:9d:21:c1:6d:1c:03:66:
         11:9a:46:ce:c8:a0:de:c3:cb:5c:d3:16:a4:19:ed:6d:59:0b:
         d3:2a:8a:64:4e:87:e7:83:35:f7:8b:55:3f:c2:33:46:2d:f1:
         4c:d9:f7:33:95:e9:fa:b6:a5:f5:05:bc:7e:f5:05:40:e7:3f:
         65:d3:7a:e4:b4:3e:53:99:e5:9f:22:8b:e4:08:8d:b5:ef:fa:
         9e:a4:f3:23:d7:e9:76:7c:ba:af:96:21:2a:3f:5c:c2:e4:f2:
         01:c7:b3:d9:06:a6:94:83:a8:43:ba:1c:c8:4d:b9:77:06:ab:
         ca:c8:d7:7f:11:b9:34:1c:36:7d:30:25:a9:b9:91:85:df:fd:
         6e:ab:14:77:bb:26:9b:e8:53:cb:e3:05:4d:5c:de:6c:14:12:
         d4:29:b4:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYge5HlaE9lek5pr4Wb2PwZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE1MTAxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTdjZWMyMGViMDM2MmVjZDdiYzJmYzhiNmYwODA4MmZhYzkwNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqB9H4Jg47MO3UBYcXokGK5STFov
eEdpMYwRXAmINHSxliZKv5nrD1KRC5GYimHlOu5yzxNR2BZH8sSHmc78QKy0K26e
TrwA3O6zLiptfiRhleDBDNEy33B2RplFEEWIMir8JjzdisoB1XoLpwbW8kkU5mLQ
Chtpqr33yApXh6ocpcjtsEqWlDEawHnAycVBYZ8JnE+pYrQ1keTSa4CyyNdVqxUA
Rz7E1q/gA5NjLpKd+G51Bbo4ZLnfytCkKoR9/k+bLolkmvxZW4LFnhjlxBM+mr5y
wGZLhJiPcoC03gO1TPsAmh9jfUmt0JIYCkoT+B0pMr5b/h9/CJH8dS3LlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB587CDrA2Ls17wvyLbwgIL6yQSPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSG56c0lPc0RZdXpYdkNfSXR2Q0FndnJKQkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAZt8of73ueXXxglwE0a
0ehE6ZYVc5bdVpQmLGq8FehdPF7BRJP1hNWxM5GcXP+9c+JxH7aj6Lof0ZZzewGe
8QZsDkTdkelxBEd4TflW1xa09atSdqYeVEf8cIo5uOGYMOzwChnynSHBbRwDZhGa
Rs7IoN7Dy1zTFqQZ7W1ZC9MqimROh+eDNfeLVT/CM0Yt8UzZ9zOV6fq2pfUFvH71
BUDnP2XTeuS0PlOZ5Z8ii+QIjbXv+p6k8yPX6XZ8uq+WISo/XMLk8gHHs9kGppSD
qEO6HMhNuXcGq8rI138RuTQcNn0wJam5kYXf/W6rFHe7JpvoU8vjBU1c3mwUEtQp
tCE=
-----END CERTIFICATE-----