Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Jyd6tTIvpizs0yNwZupu03TKNjg.roa
File:                     Jyd6tTIvpizs0yNwZupu03TKNjg.roa (raw, json)
Hash identifier:          3xrkCvmDvEibcEhgB/ye4R8jSKZlySOcfarRBWyXfjI=
Subject key identifier:   27:27:7A:B5:32:2F:A6:2C:EC:D3:23:70:66:EA:6E:D3:74:CA:36:38
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188B7E1B9A5A127779F88AA27A10B4570BC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Jyd6tTIvpizs0yNwZupu03TKNjg.roa
Signing time:             Wed 14 Jun 2023 03:10:03 +0000
ROA not before:           Wed 14 Jun 2023 03:10:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b7:e1:b9:a5:a1:27:77:9f:88:aa:27:a1:0b:45:70:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 14 03:10:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27277ab5322fa62cecd3237066ea6ed374ca3638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a4:68:42:80:40:e0:ae:93:c4:60:19:0f:91:
                    71:93:e1:7c:24:67:50:25:47:3b:b9:8b:ad:b5:b1:
                    94:a5:86:ad:a2:ec:d5:55:9c:c7:a8:1a:e7:c6:24:
                    eb:f8:d6:a8:83:c3:e2:d7:ff:45:f0:4f:ed:c2:eb:
                    c1:b9:f6:1e:66:6f:ca:dd:d2:55:50:d1:17:0b:b5:
                    06:33:0d:fd:68:d7:4b:b1:1e:57:fc:0e:56:d8:ba:
                    60:94:02:3c:cd:f4:1d:0b:dc:86:ee:8b:ba:ba:81:
                    63:be:63:7d:b4:fa:77:b5:cb:e3:9a:d9:c5:97:7c:
                    b3:fb:f5:61:42:78:52:5c:f4:7d:c2:8e:e7:96:6d:
                    11:3e:4d:1d:ac:9f:56:d6:f8:af:c3:ef:95:ac:61:
                    ef:5c:33:74:78:82:73:fe:71:0d:8b:39:dc:46:37:
                    96:22:e9:a1:83:f4:cc:5d:20:1b:ce:ba:ff:c6:07:
                    15:a7:70:05:27:53:b6:07:8e:a8:61:58:25:57:2d:
                    31:45:ea:6c:0a:67:d5:6a:2e:64:94:f8:44:f7:bc:
                    0a:77:87:76:70:46:c3:5e:4c:8b:3c:98:3f:1d:0b:
                    99:b4:f8:a2:40:49:9b:01:16:39:e8:b9:46:87:2c:
                    bd:5a:aa:81:f2:9b:38:83:70:bf:86:9c:e5:ad:d4:
                    95:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:27:7A:B5:32:2F:A6:2C:EC:D3:23:70:66:EA:6E:D3:74:CA:36:38
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Jyd6tTIvpizs0yNwZupu03TKNjg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:63:be:f2:03:af:eb:b5:db:4b:15:69:9c:b5:d6:72:20:b4:
         7c:38:e7:27:6b:04:6e:04:cc:cd:65:1d:e1:ea:33:c8:b6:13:
         b0:43:36:38:94:d8:f7:cd:47:21:3a:65:f1:22:fb:05:c5:a4:
         1d:dc:a3:3d:fa:94:a5:71:0f:7b:1e:8d:79:02:00:5d:37:75:
         8b:aa:3f:6c:9d:87:d6:d1:5e:37:34:cd:2d:75:65:7e:ad:68:
         e4:b5:92:6b:6f:76:0b:6e:47:dd:bf:a5:5d:e3:64:8f:b5:19:
         2c:74:4f:a1:29:4a:be:2d:bc:e1:26:1c:be:d3:67:c8:a4:ad:
         8c:d2:78:aa:52:7f:75:8e:9c:db:8b:db:72:00:48:8c:b5:cb:
         a9:6a:c6:e7:43:5a:a7:15:a9:ee:73:78:0e:8a:b0:60:a2:04:
         ff:53:d2:2a:fb:53:c3:4d:a2:72:36:66:58:b2:26:62:46:a5:
         c5:b5:ef:03:7d:93:e7:b0:90:43:fd:5f:71:1a:5e:c5:61:9e:
         3b:e7:c5:40:bf:7e:e1:eb:91:e8:9f:33:95:58:b4:50:9c:d1:
         60:69:16:4b:44:f6:fb:e3:b5:47:c5:b4:e3:c8:8b:47:5e:1f:
         5d:9e:3f:31:c5:01:94:ef:1b:21:4c:dd:8f:71:27:27:ec:f3:
         7c:f5:3c:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi34bmloSd3n4iqJ6ELRXC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MDMxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzI3N2FiNTMyMmZhNjJjZWNkMzIzNzA2NmVhNmVkMzc0Y2EzNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6RoQoBA4K6TxGAZD5Fxk+F8JGdQ
JUc7uYuttbGUpYatouzVVZzHqBrnxiTr+Naog8Pi1/9F8E/twuvBufYeZm/K3dJV
UNEXC7UGMw39aNdLsR5X/A5W2LpglAI8zfQdC9yG7ou6uoFjvmN9tPp3tcvjmtnF
l3yz+/VhQnhSXPR9wo7nlm0RPk0drJ9W1vivw++VrGHvXDN0eIJz/nENizncRjeW
Iumhg/TMXSAbzrr/xgcVp3AFJ1O2B46oYVglVy0xRepsCmfVai5klPhE97wKd4d2
cEbDXkyLPJg/HQuZtPiiQEmbARY56LlGhyy9WqqB8ps4g3C/hpzlrdSVEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCcnerUyL6Ys7NMjcGbqbtN0yjY4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSnlkNnRUSXZwaXpzMHlOd1p1cHUwM1RLTmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBjvvIDr+u120sVaZy1
1nIgtHw45ydrBG4EzM1lHeHqM8i2E7BDNjiU2PfNRyE6ZfEi+wXFpB3coz36lKVx
D3sejXkCAF03dYuqP2ydh9bRXjc0zS11ZX6taOS1kmtvdgtuR92/pV3jZI+1GSx0
T6EpSr4tvOEmHL7TZ8ikrYzSeKpSf3WOnNuL23IASIy1y6lqxudDWqcVqe5zeA6K
sGCiBP9T0ir7U8NNonI2ZliyJmJGpcW17wN9k+ewkEP9X3EaXsVhnjvnxUC/fuHr
keifM5VYtFCc0WBpFktE9vvjtUfFtOPIi0deH12ePzHFAZTvGyFM3Y9xJyfs83z1
PGg=
-----END CERTIFICATE-----