Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JhDkNCe1ar4ZZx7t3HgPqhcDvvo.roa
File:                     JhDkNCe1ar4ZZx7t3HgPqhcDvvo.roa (raw, json)
Hash identifier:          aTpyJAv7jnpu+BEBem0LgVclPsMIRGnmmuBrS9FVjzY=
Subject key identifier:   26:10:E4:34:27:B5:6A:BE:19:67:1E:ED:DC:78:0F:AA:17:03:BE:FA
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01883EA69694386D0C174F9FB9F942159A34
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JhDkNCe1ar4ZZx7t3HgPqhcDvvo.roa
Signing time:             Sun 21 May 2023 14:11:24 +0000
ROA not before:           Sun 21 May 2023 14:11:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:3e:a6:96:94:38:6d:0c:17:4f:9f:b9:f9:42:15:9a:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 21 14:11:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2610e43427b56abe19671eeddc780faa1703befa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:16:bc:7b:c9:73:6c:c3:9c:cf:08:35:29:b5:
                    2f:16:72:7a:a7:00:95:37:dd:23:d1:88:60:3a:5f:
                    cf:1e:54:8a:81:c9:68:21:99:7e:1f:11:f6:d9:2c:
                    82:9d:22:49:e7:2d:f0:f0:84:4b:c8:7b:c9:b7:4e:
                    c5:48:95:82:55:47:1a:15:b6:ca:b6:56:66:fc:72:
                    c1:6a:c6:bd:5a:fd:dc:50:4c:4e:75:a0:0c:3e:3d:
                    c2:01:09:20:36:03:93:21:01:07:ad:43:56:71:83:
                    99:d5:b8:a2:59:d7:13:51:3d:e5:c2:9a:18:23:ce:
                    6a:21:9a:3a:99:ff:8f:30:d7:ec:5c:2d:c8:a2:ad:
                    d6:a1:b6:a7:ec:2e:d8:bb:fa:bc:16:6e:2d:ac:6e:
                    d2:2e:bd:d4:69:a3:02:82:30:b3:fb:ee:2c:a0:80:
                    00:66:6c:c5:2a:11:83:39:61:14:8c:af:70:b5:41:
                    f2:83:85:64:04:a5:28:9b:ae:c4:ec:71:12:67:d1:
                    c4:b8:34:83:39:e9:24:f5:0f:9a:2f:af:20:22:b1:
                    73:e4:4b:61:11:9b:2a:ab:66:74:ef:bb:53:77:f5:
                    3f:84:5f:06:32:43:bb:14:2c:54:a5:d5:fd:a3:69:
                    21:7a:e1:32:83:76:97:8a:c3:d4:8f:50:fc:5c:57:
                    2a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:10:E4:34:27:B5:6A:BE:19:67:1E:ED:DC:78:0F:AA:17:03:BE:FA
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JhDkNCe1ar4ZZx7t3HgPqhcDvvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:c1:6b:7d:97:37:26:f4:f4:67:87:06:28:3c:e3:36:d1:3a:
         3b:03:bb:99:ec:89:df:0b:54:f7:f7:4d:f2:67:06:b0:b4:dc:
         8f:ef:31:90:80:6e:e2:80:ed:ea:c9:65:2c:4a:88:00:1d:05:
         bf:75:e6:75:b3:71:4a:13:05:de:af:65:e8:45:31:f1:bd:83:
         3b:d6:3e:39:88:2f:0c:49:fd:08:98:fc:41:6a:1e:5e:16:50:
         aa:f9:d2:38:4e:8e:d6:63:63:13:7e:fe:1e:d6:3b:41:41:aa:
         fc:4e:cb:a7:7f:c0:d1:c8:8d:7b:d2:b1:24:96:4a:0e:46:dd:
         50:f3:a0:27:83:a6:fd:39:68:d2:4d:d7:3d:95:25:2f:06:01:
         07:af:29:64:58:5a:84:87:6a:d9:58:bd:9e:63:d2:98:d3:8a:
         18:50:65:a1:02:3f:47:93:1a:6c:31:3c:e6:27:79:19:b9:fd:
         83:76:0d:0e:67:29:45:5a:55:36:46:8a:bb:2c:5f:1d:74:81:
         e5:a9:1d:b2:e1:e4:63:0b:e2:7a:05:02:d7:49:1c:cc:06:2c:
         4d:7a:84:d6:de:93:44:65:42:73:13:03:0f:dd:f8:8a:21:ed:
         12:11:81:e0:2d:bd:e2:1d:c6:80:5d:a0:e6:9d:1c:52:a6:76:
         05:f0:44:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYg+ppaUOG0MF0+fuflCFZo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIxMTQxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEwZTQzNDI3YjU2YWJlMTk2NzFlZWRkYzc4MGZhYTE3MDNiZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixa8e8lzbMOczwg1KbUvFnJ6pwCV
N90j0YhgOl/PHlSKgcloIZl+HxH22SyCnSJJ5y3w8IRLyHvJt07FSJWCVUcaFbbK
tlZm/HLBasa9Wv3cUExOdaAMPj3CAQkgNgOTIQEHrUNWcYOZ1biiWdcTUT3lwpoY
I85qIZo6mf+PMNfsXC3Ioq3Woban7C7Yu/q8Fm4trG7SLr3UaaMCgjCz++4soIAA
ZmzFKhGDOWEUjK9wtUHyg4VkBKUom67E7HESZ9HEuDSDOekk9Q+aL68gIrFz5Eth
EZsqq2Z077tTd/U/hF8GMkO7FCxUpdX9o2kheuEyg3aXisPUj1D8XFcq9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCYQ5DQntWq+GWce7dx4D6oXA776MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSmhEa05DZTFhcjRaWng3dDNIZ1BxaGNEdnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJLBa32XNyb09GeHBig8
4zbROjsDu5nsid8LVPf3TfJnBrC03I/vMZCAbuKA7erJZSxKiAAdBb915nWzcUoT
Bd6vZehFMfG9gzvWPjmILwxJ/QiY/EFqHl4WUKr50jhOjtZjYxN+/h7WO0FBqvxO
y6d/wNHIjXvSsSSWSg5G3VDzoCeDpv05aNJN1z2VJS8GAQevKWRYWoSHatlYvZ5j
0pjTihhQZaECP0eTGmwxPOYneRm5/YN2DQ5nKUVaVTZGirssXx10geWpHbLh5GML
4noFAtdJHMwGLE16hNbek0RlQnMTAw/d+Ioh7RIRgeAtveIdxoBdoOadHFKmdgXw
RNQ=
-----END CERTIFICATE-----