Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xg1DHUwe1iQsuhY0DxOR9sAC2OA.roa
File:                     Xg1DHUwe1iQsuhY0DxOR9sAC2OA.roa (raw, json)
Hash identifier:          /HWB/yW2SkXsf8w/Sv6WgpyImgKuyPyMt6EA39rVFEM=
Subject key identifier:   5E:0D:43:1D:4C:1E:D6:24:2C:BA:16:34:0F:13:91:F6:C0:02:D8:E0
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01896A341DCA8DC67A2F3B33AB1DF8B75B89
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xg1DHUwe1iQsuhY0DxOR9sAC2OA.roa
Signing time:             Tue 18 Jul 2023 18:12:27 +0000
ROA not before:           Tue 18 Jul 2023 18:12:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6a:34:1d:ca:8d:c6:7a:2f:3b:33:ab:1d:f8:b7:5b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 18 18:12:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e0d431d4c1ed6242cba16340f1391f6c002d8e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:74:47:28:5d:eb:59:4e:d5:45:35:20:37:1f:
                    4e:ba:b2:20:56:40:c8:ef:8f:11:42:c0:08:7f:8e:
                    21:69:7d:50:5a:4b:8a:04:c1:f3:0d:d4:35:bb:1d:
                    14:6b:79:e5:12:c8:24:80:3b:d7:e9:b0:9f:5a:56:
                    47:ab:31:b4:e6:d3:3e:55:4d:39:1d:0d:0b:15:f6:
                    1e:38:75:cf:e6:b2:d2:0f:02:6b:5e:f4:50:7d:d1:
                    23:98:a4:a3:9a:29:64:5d:db:e2:10:91:33:b1:92:
                    0b:ca:f0:c3:49:7e:5e:8f:71:32:56:3b:79:b2:02:
                    a6:4a:f4:d2:1c:4c:67:cf:70:4e:f4:64:47:06:fd:
                    e4:89:b0:80:01:3f:53:7a:41:6b:93:f4:4d:b2:07:
                    73:6e:a1:cd:a8:be:51:65:83:64:88:1f:26:03:71:
                    e4:64:b2:86:62:b5:2e:98:ce:48:26:d0:c7:6b:66:
                    59:03:b1:bd:d1:28:eb:84:ea:63:3f:ec:11:01:16:
                    d0:ac:44:bc:5d:65:f1:39:b3:7b:7b:b3:ae:77:ff:
                    4d:12:81:7e:d9:9d:e1:52:da:90:80:8c:00:97:f9:
                    0b:b8:b1:e6:e1:f5:ba:17:1e:29:a7:51:2d:53:e2:
                    28:94:47:16:a7:e8:50:90:f2:9e:2a:1e:33:2e:ae:
                    73:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:0D:43:1D:4C:1E:D6:24:2C:BA:16:34:0F:13:91:F6:C0:02:D8:E0
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xg1DHUwe1iQsuhY0DxOR9sAC2OA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:15:e4:1a:ed:7a:30:79:3f:c3:60:06:fc:01:ff:0e:ca:c6:
         46:d3:72:4c:ff:53:5c:97:ff:27:d4:a0:8f:b0:1c:2c:c8:c4:
         fe:e1:74:9d:25:16:d5:33:de:ea:fa:44:b7:6f:28:42:85:17:
         7f:ed:2a:43:a4:e1:2f:83:ca:6f:e4:46:1d:59:be:7f:98:ea:
         93:80:66:90:c1:b5:66:31:9b:c0:25:2d:75:d5:22:f3:ce:76:
         8b:2b:c4:75:b6:24:60:14:89:0c:38:0d:4a:8c:49:5f:f2:b1:
         69:a4:84:3b:c8:73:2d:3e:67:92:17:b5:3d:f8:73:dc:c4:76:
         cf:4d:a7:1d:33:46:b4:66:80:8d:f0:a8:55:a5:78:5c:44:d5:
         56:ad:fd:70:a5:f3:3f:2e:b2:33:09:b2:3a:60:7f:d6:7f:70:
         f7:b7:da:89:06:90:02:d7:3a:e5:8d:a0:f3:15:4b:d6:71:27:
         70:b6:ca:20:f0:c2:5a:d4:7e:69:23:e1:3d:ca:6c:f5:d6:14:
         cb:68:0d:85:a0:77:b3:9f:70:2a:d9:a9:42:4f:52:74:49:27:
         73:1b:c9:71:45:ac:24:03:90:2b:b7:ad:74:9d:72:a0:39:4a:
         2d:1e:8a:36:ea:1e:f8:36:aa:55:28:57:de:b3:eb:fc:3a:3c:
         47:29:a9:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlqNB3KjcZ6Lzszqx34t1uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE4MTgxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBkNDMxZDRjMWVkNjI0MmNiYTE2MzQwZjEzOTFmNmMwMDJkOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3RHKF3rWU7VRTUgNx9OurIgVkDI
748RQsAIf44haX1QWkuKBMHzDdQ1ux0Ua3nlEsgkgDvX6bCfWlZHqzG05tM+VU05
HQ0LFfYeOHXP5rLSDwJrXvRQfdEjmKSjmilkXdviEJEzsZILyvDDSX5ej3EyVjt5
sgKmSvTSHExnz3BO9GRHBv3kibCAAT9TekFrk/RNsgdzbqHNqL5RZYNkiB8mA3Hk
ZLKGYrUumM5IJtDHa2ZZA7G90SjrhOpjP+wRARbQrES8XWXxObN7e7Oud/9NEoF+
2Z3hUtqQgIwAl/kLuLHm4fW6Fx4pp1EtU+IolEcWp+hQkPKeKh4zLq5z4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF4NQx1MHtYkLLoWNA8TkfbAAtjgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWGcxREhVd2UxaVFzdWhZMER4T1I5c0FDMk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQV5BrtejB5P8NgBvwB
/w7KxkbTckz/U1yX/yfUoI+wHCzIxP7hdJ0lFtUz3ur6RLdvKEKFF3/tKkOk4S+D
ym/kRh1Zvn+Y6pOAZpDBtWYxm8AlLXXVIvPOdosrxHW2JGAUiQw4DUqMSV/ysWmk
hDvIcy0+Z5IXtT34c9zEds9Npx0zRrRmgI3wqFWleFxE1Vat/XCl8z8usjMJsjpg
f9Z/cPe32okGkALXOuWNoPMVS9ZxJ3C2yiDwwlrUfmkj4T3KbPXWFMtoDYWgd7Of
cCrZqUJPUnRJJ3MbyXFFrCQDkCu3rXSdcqA5Si0eijbqHvg2qlUoV96z6/w6PEcp
qQ0=
-----END CERTIFICATE-----