Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/e315mCRpK9Wp44Scor-oZHRyxa0.roa
File:                     e315mCRpK9Wp44Scor-oZHRyxa0.roa (raw, json)
Hash identifier:          2BmE3PLSvhR1/4ZDx7kkrxH383Ss75o1LAICv/gBBxM=
Subject key identifier:   7B:7D:79:98:24:69:2B:D5:A9:E3:84:9C:A2:BF:A8:64:74:72:C5:AD
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0186E89F6B2ECF6E4C736CC8E047F807191C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/e315mCRpK9Wp44Scor-oZHRyxa0.roa
Signing time:             Thu 16 Mar 2023 04:13:27 +0000
ROA not before:           Thu 16 Mar 2023 04:13:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e8:9f:6b:2e:cf:6e:4c:73:6c:c8:e0:47:f8:07:19:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 16 04:13:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b7d799824692bd5a9e3849ca2bfa8647472c5ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:32:6c:55:ff:ab:f1:1b:c7:e0:23:b0:05:0e:
                    92:34:41:96:fb:7a:c7:52:2f:c0:a0:51:2b:9c:b4:
                    18:95:9a:c6:80:3c:ac:c6:23:7a:69:a4:20:8d:52:
                    b0:db:bb:db:26:6f:7a:b9:23:3c:a4:e9:35:39:cb:
                    34:79:5e:64:bd:e2:51:1b:23:b9:73:76:d6:bb:5f:
                    f6:01:50:31:c4:c0:f5:48:9e:4d:34:fc:8f:c5:a1:
                    6f:c5:6f:bb:97:a7:57:cc:a5:a2:31:bb:39:7c:10:
                    a4:13:e1:de:63:95:5c:b1:c7:85:d6:d1:1a:98:cc:
                    ad:18:ae:31:48:a9:a8:28:43:d0:31:aa:a9:7d:73:
                    d0:6b:32:52:7d:6b:dd:d3:53:e6:66:1c:2d:09:cd:
                    26:58:63:2b:ac:61:b2:52:8f:66:c4:d7:0c:9e:73:
                    0a:21:67:cf:f7:3e:00:5f:ed:1a:c8:2c:13:b5:e4:
                    05:06:73:65:02:fa:56:b9:a5:f2:e3:73:64:1b:03:
                    ff:5f:81:55:9b:0e:8b:fc:08:16:d2:c9:02:40:cd:
                    b9:2d:1b:f3:5c:9d:20:91:cf:23:b5:47:ef:fc:a1:
                    67:27:11:47:92:c9:7a:91:95:78:fe:ee:a6:25:42:
                    90:c1:6d:75:b7:6e:b9:30:ff:50:08:a8:29:65:c1:
                    3e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:7D:79:98:24:69:2B:D5:A9:E3:84:9C:A2:BF:A8:64:74:72:C5:AD
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/e315mCRpK9Wp44Scor-oZHRyxa0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:55:a1:c4:1e:28:25:46:2d:1a:46:1e:58:5c:9b:70:a4:0b:
         59:d7:d2:21:60:2a:21:09:de:a1:6f:1f:18:3a:91:e5:38:26:
         63:60:02:8d:7d:54:a7:2e:03:d8:1e:00:d8:56:97:0a:d5:c5:
         1b:27:3c:ea:18:4d:7c:37:a3:f1:fa:b3:59:ed:e7:e8:68:14:
         13:ec:da:23:7e:f9:67:9d:94:5d:bd:5c:ff:e0:83:47:88:2f:
         44:c0:69:a2:f6:45:bf:36:91:e0:78:3a:b4:da:16:0c:f3:b8:
         fb:22:02:06:9b:08:c6:e7:8f:16:2e:3a:f7:df:e0:32:b2:27:
         34:35:82:ae:1f:30:57:91:c6:61:18:fa:ff:31:8c:42:82:d3:
         c4:4d:d8:6e:a3:94:5c:a1:cb:e2:14:51:a4:a4:a6:1a:05:d0:
         b1:18:2d:9c:87:d8:9f:39:93:52:3a:2d:1c:cd:0d:e6:41:03:
         ed:b0:12:77:0e:17:de:4c:03:ac:6b:85:f6:51:d7:7d:d9:45:
         8a:58:fa:f3:a8:b4:7d:43:72:39:e6:c5:e0:d0:74:0f:32:0e:
         30:c1:ed:22:62:2b:9c:f9:da:43:a0:b6:db:27:8b:68:4f:73:
         5b:6a:f2:4e:93:44:4a:e1:89:94:b5:77:60:e5:86:5c:6b:6b:
         de:86:b8:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbon2suz25Mc2zI4Ef4BxkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE2MDQxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjdkNzk5ODI0NjkyYmQ1YTllMzg0OWNhMmJmYTg2NDc0NzJjNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjJsVf+r8RvH4COwBQ6SNEGW+3rH
Ui/AoFErnLQYlZrGgDysxiN6aaQgjVKw27vbJm96uSM8pOk1Ocs0eV5kveJRGyO5
c3bWu1/2AVAxxMD1SJ5NNPyPxaFvxW+7l6dXzKWiMbs5fBCkE+HeY5VcsceF1tEa
mMytGK4xSKmoKEPQMaqpfXPQazJSfWvd01PmZhwtCc0mWGMrrGGyUo9mxNcMnnMK
IWfP9z4AX+0ayCwTteQFBnNlAvpWuaXy43NkGwP/X4FVmw6L/AgW0skCQM25LRvz
XJ0gkc8jtUfv/KFnJxFHksl6kZV4/u6mJUKQwW11t265MP9QCKgpZcE+mwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHt9eZgkaSvVqeOEnKK/qGR0csWtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZTMxNW1DUnBLOVdwNDRTY29yLW9aSFJ5eGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHpVocQeKCVGLRpGHlhc
m3CkC1nX0iFgKiEJ3qFvHxg6keU4JmNgAo19VKcuA9geANhWlwrVxRsnPOoYTXw3
o/H6s1nt5+hoFBPs2iN++WedlF29XP/gg0eIL0TAaaL2Rb82keB4OrTaFgzzuPsi
AgabCMbnjxYuOvff4DKyJzQ1gq4fMFeRxmEY+v8xjEKC08RN2G6jlFyhy+IUUaSk
phoF0LEYLZyH2J85k1I6LRzNDeZBA+2wEncOF95MA6xrhfZR133ZRYpY+vOotH1D
cjnmxeDQdA8yDjDB7SJiK5z52kOgttsni2hPc1tq8k6TRErhiZS1d2Dlhlxra96G
uDo=
-----END CERTIFICATE-----