Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RGO-Y29GpaDlMYfAtVQZ3zXyJwQ.roa
File:                     RGO-Y29GpaDlMYfAtVQZ3zXyJwQ.roa (raw, json)
Hash identifier:          ctgn7FDy1O0tjcVDGMihCbiZ1uZaDSC6Ns/uGrp0YYQ=
Subject key identifier:   44:63:BE:63:6F:46:A5:A0:E5:31:87:C0:B5:54:19:DF:35:F2:27:04
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188356B9BD291A157C360E64CC902033411
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RGO-Y29GpaDlMYfAtVQZ3zXyJwQ.roa
Signing time:             Fri 19 May 2023 19:10:24 +0000
ROA not before:           Fri 19 May 2023 19:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:35:6b:9b:d2:91:a1:57:c3:60:e6:4c:c9:02:03:34:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 19 19:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4463be636f46a5a0e53187c0b55419df35f22704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:e2:36:85:d5:5e:87:83:d8:31:f3:32:38:95:
                    ca:ad:da:33:b4:5b:b3:50:28:4e:28:b5:67:1f:9c:
                    a1:4f:cd:8a:0d:61:ac:30:1e:00:af:88:6b:a0:90:
                    31:c9:c6:d4:05:b9:0c:25:71:21:18:8a:21:f2:25:
                    09:9c:e4:2e:cd:d3:0b:d7:5f:66:02:a8:bb:dd:fd:
                    00:ca:2a:ee:00:3f:39:6c:4a:28:65:16:36:1b:e0:
                    c1:0b:6d:7b:6a:cc:f6:14:d6:96:19:81:0e:b1:8c:
                    e5:b1:df:b6:7c:a5:5b:b9:04:66:83:1a:06:8f:9b:
                    75:35:73:85:77:e8:d7:4f:82:82:f7:f3:7d:7e:29:
                    54:f8:4e:df:09:91:4c:34:50:e7:ea:4f:59:c0:7e:
                    a5:0e:d8:bf:fd:72:fa:0e:db:5d:88:38:ab:58:a9:
                    71:39:b8:d5:0e:67:85:48:30:9e:3b:fa:b5:51:ae:
                    a9:8f:c0:35:86:d4:63:32:56:ac:56:8e:ea:ef:57:
                    01:ab:be:db:04:8e:5d:2f:36:0e:ea:f3:96:d2:5b:
                    08:a8:7c:8e:f7:5c:9b:8a:bc:e2:20:3b:3e:64:ea:
                    59:1d:34:90:f2:06:d5:f2:91:3c:64:9e:58:7f:c8:
                    5f:de:10:32:1f:13:5d:1d:cf:26:be:5f:5d:b9:c6:
                    3f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:63:BE:63:6F:46:A5:A0:E5:31:87:C0:B5:54:19:DF:35:F2:27:04
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RGO-Y29GpaDlMYfAtVQZ3zXyJwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:ad:21:8a:84:81:2e:aa:d0:33:ba:59:22:6c:de:e8:2b:b4:
         9a:62:bd:49:f3:2c:a2:b2:11:3f:8b:37:24:ce:53:c3:20:8c:
         04:f8:ee:b7:9e:06:30:0e:e3:ea:9f:40:8d:5e:ba:0c:d9:89:
         99:b3:3e:8d:7e:cc:e1:0a:89:a4:9e:6e:85:ef:f3:05:f4:7d:
         e3:41:3e:03:a6:d1:9e:10:38:18:37:77:74:43:c5:6f:6a:cd:
         a6:24:ea:a7:1f:2b:86:cc:e4:4b:50:a2:55:c2:7f:50:42:d8:
         db:42:d8:c3:af:e1:7b:60:f3:50:3a:29:d2:31:d5:1b:ff:72:
         d5:3d:58:71:e3:e6:93:61:88:09:0b:27:79:c9:9c:61:c5:85:
         d3:3d:e7:bd:c1:19:09:de:01:4a:15:71:27:a2:d1:c6:1d:4d:
         26:f0:6b:db:8d:48:1f:04:11:8f:d0:a7:e9:85:9a:6f:38:d5:
         4c:60:6d:22:fc:38:a2:a9:45:5e:6a:b1:c4:b4:53:13:3b:8f:
         e3:f6:67:3d:f0:a8:13:a3:94:b3:61:7d:8a:b2:aa:56:5e:59:
         70:2e:ca:68:d7:9d:85:3f:19:fc:a0:19:05:84:b7:fb:ed:b0:
         8c:63:f2:6a:66:50:59:46:7d:59:6d:fd:dc:d6:35:63:2a:60:
         e4:fb:ee:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYg1a5vSkaFXw2DmTMkCAzQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE5MTkxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDYzYmU2MzZmNDZhNWEwZTUzMTg3YzBiNTU0MTlkZjM1ZjIyNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheI2hdVeh4PYMfMyOJXKrdoztFuz
UChOKLVnH5yhT82KDWGsMB4Ar4hroJAxycbUBbkMJXEhGIoh8iUJnOQuzdML119m
Aqi73f0AyiruAD85bEooZRY2G+DBC217asz2FNaWGYEOsYzlsd+2fKVbuQRmgxoG
j5t1NXOFd+jXT4KC9/N9filU+E7fCZFMNFDn6k9ZwH6lDti//XL6DttdiDirWKlx
ObjVDmeFSDCeO/q1Ua6pj8A1htRjMlasVo7q71cBq77bBI5dLzYO6vOW0lsIqHyO
91ybirziIDs+ZOpZHTSQ8gbV8pE8ZJ5Yf8hf3hAyHxNdHc8mvl9ducY/ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFERjvmNvRqWg5TGHwLVUGd818icEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUkdPLVkyOUdwYURsTVlmQXRWUVozelh5SndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqtIYqEgS6q0DO6WSJs
3ugrtJpivUnzLKKyET+LNyTOU8MgjAT47reeBjAO4+qfQI1eugzZiZmzPo1+zOEK
iaSeboXv8wX0feNBPgOm0Z4QOBg3d3RDxW9qzaYk6qcfK4bM5EtQolXCf1BC2NtC
2MOv4Xtg81A6KdIx1Rv/ctU9WHHj5pNhiAkLJ3nJnGHFhdM9573BGQneAUoVcSei
0cYdTSbwa9uNSB8EEY/Qp+mFmm841UxgbSL8OKKpRV5qscS0UxM7j+P2Zz3wqBOj
lLNhfYqyqlZeWXAuymjXnYU/GfygGQWEt/vtsIxj8mpmUFlGfVlt/dzWNWMqYOT7
7nA=
-----END CERTIFICATE-----