Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5jUGXbQUmWpwN0_qYwW8PJqOPs.roa
File:                     I5jUGXbQUmWpwN0_qYwW8PJqOPs.roa (raw, json)
Hash identifier:          Ulx7gLs+AxJsdcCj1tTf9YVi1sk7LhkPB1lGqjWzYRs=
Subject key identifier:   23:98:D4:19:76:D0:52:65:A9:C0:DD:3F:A9:8C:16:F0:F2:6A:38:FB
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E60D78788AE034DE93DCB54291374B39
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5jUGXbQUmWpwN0_qYwW8PJqOPs.roa
Signing time:             Wed 15 Mar 2023 16:14:47 +0000
ROA not before:           Wed 15 Mar 2023 16:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e6:0d:78:78:8a:e0:34:de:93:dc:b5:42:91:37:4b:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 15 16:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2398d41976d05265a9c0dd3fa98c16f0f26a38fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0e:f4:74:5a:12:3e:52:67:07:6c:9a:b1:87:
                    32:64:25:0f:00:e7:3a:83:66:f1:61:83:ec:31:ad:
                    bd:6a:01:af:be:02:b6:38:3e:b2:3a:42:e9:a3:a1:
                    99:cd:65:03:5d:f4:5f:ad:25:d3:57:a7:90:a6:2d:
                    24:c4:67:26:1a:11:9a:61:a5:98:44:79:3b:b2:73:
                    22:85:60:46:37:6c:6c:c3:82:dc:01:57:66:96:ee:
                    24:1c:74:a3:39:25:a9:d3:ff:2b:be:9d:aa:7f:11:
                    b3:94:3a:6b:05:78:04:2b:dc:89:8c:4e:40:15:1b:
                    79:4d:1f:30:f4:a7:5e:bd:d4:e2:c2:6c:2a:af:97:
                    33:d7:90:4d:1b:cd:2e:f5:26:ed:21:15:0a:37:cb:
                    9a:c1:68:83:56:4c:cb:83:e1:84:a4:9b:74:88:11:
                    0f:39:91:2a:79:73:b7:e7:2f:25:68:38:e2:02:1e:
                    2c:c8:0d:b2:1d:af:1f:f4:16:18:ea:7d:06:95:04:
                    46:ec:03:ce:8a:4a:88:f6:24:03:70:c7:54:dc:f9:
                    71:f7:16:8c:50:33:89:e9:9c:12:a9:13:40:62:f4:
                    9d:7b:b7:74:39:f8:74:3d:89:35:d0:ee:76:6f:fc:
                    ca:33:d4:6e:39:d2:ad:1f:c1:8e:13:56:d2:6a:3c:
                    d6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:98:D4:19:76:D0:52:65:A9:C0:DD:3F:A9:8C:16:F0:F2:6A:38:FB
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5jUGXbQUmWpwN0_qYwW8PJqOPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:12:49:9c:5e:00:90:9f:58:01:41:25:91:5c:20:19:4d:ed:
         a8:c4:2c:a4:2e:d5:13:ce:fe:25:79:dc:c6:27:89:bb:b9:55:
         5b:74:8d:3b:8c:9c:bc:14:d8:82:53:89:d5:33:cf:35:0d:ed:
         12:b8:ed:38:e0:d4:4b:5d:0b:08:9b:a0:05:6f:55:59:eb:e4:
         bc:6c:fb:88:0b:47:d7:3f:55:79:c2:d7:59:d5:b5:d8:5e:5d:
         98:31:e1:6b:ce:14:50:58:57:61:53:f6:b7:16:fb:46:3e:0b:
         f0:6d:e9:d0:0c:d3:44:86:8c:64:e5:a6:49:40:f9:85:a4:ea:
         c9:4e:70:b1:87:02:51:f1:ae:b2:9c:45:8e:d9:2d:96:fb:58:
         f4:a6:96:8a:48:4e:f3:fb:f3:97:be:10:4d:6b:15:e3:96:c1:
         6c:2f:d0:65:e5:69:3a:e3:9f:c3:d7:84:64:02:bd:b0:35:fb:
         27:86:13:3a:34:2c:8b:f4:e9:73:f3:19:8f:e8:8b:b9:07:58:
         68:c5:16:82:37:69:79:16:d9:97:c5:fd:49:62:08:61:7a:ef:
         2b:c7:b3:46:bd:bb:8e:d6:07:a6:a4:f8:74:e7:d4:e2:30:ad:
         9b:e2:6d:41:4c:13:ca:df:ae:77:47:df:90:8b:91:25:f8:8f:
         ce:1f:f2:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbmDXh4iuA03pPctUKRN0s5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE1MTYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk4ZDQxOTc2ZDA1MjY1YTljMGRkM2ZhOThjMTZmMGYyNmEzOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw70dFoSPlJnB2yasYcyZCUPAOc6
g2bxYYPsMa29agGvvgK2OD6yOkLpo6GZzWUDXfRfrSXTV6eQpi0kxGcmGhGaYaWY
RHk7snMihWBGN2xsw4LcAVdmlu4kHHSjOSWp0/8rvp2qfxGzlDprBXgEK9yJjE5A
FRt5TR8w9KdevdTiwmwqr5cz15BNG80u9SbtIRUKN8uawWiDVkzLg+GEpJt0iBEP
OZEqeXO35y8laDjiAh4syA2yHa8f9BYY6n0GlQRG7APOikqI9iQDcMdU3Plx9xaM
UDOJ6ZwSqRNAYvSde7d0Ofh0PYk10O52b/zKM9RuOdKtH8GOE1bSajzWMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCOY1Bl20FJlqcDdP6mMFvDyajj7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSTVqVUdYYlFVbVdwd04wX3FZd1c4UEpxT1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACUSSZxeAJCfWAFBJZFc
IBlN7ajELKQu1RPO/iV53MYnibu5VVt0jTuMnLwU2IJTidUzzzUN7RK47Tjg1Etd
CwiboAVvVVnr5Lxs+4gLR9c/VXnC11nVtdheXZgx4WvOFFBYV2FT9rcW+0Y+C/Bt
6dAM00SGjGTlpklA+YWk6slOcLGHAlHxrrKcRY7ZLZb7WPSmlopITvP785e+EE1r
FeOWwWwv0GXlaTrjn8PXhGQCvbA1+yeGEzo0LIv06XPzGY/oi7kHWGjFFoI3aXkW
2ZfF/UliCGF67yvHs0a9u47WB6ak+HTn1OIwrZvibUFME8rfrndH35CLkSX4j84f
8lM=
-----END CERTIFICATE-----