Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gFLQJ0KSg3UHNwN2B9vV4gLVInk.roa
File:                     gFLQJ0KSg3UHNwN2B9vV4gLVInk.roa (raw, json)
Hash identifier:          RpS/tnask5Vv1VJql0sbtqeh0YJ5bnk3yd8UvpX3zp8=
Subject key identifier:   80:52:D0:27:42:92:83:75:07:37:03:76:07:DB:D5:E2:02:D5:22:79
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188E1825A8112BE6EFD5B9EB120B62F87E8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gFLQJ0KSg3UHNwN2B9vV4gLVInk.roa
Signing time:             Thu 22 Jun 2023 05:09:56 +0000
ROA not before:           Thu 22 Jun 2023 05:09:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e1:82:5a:81:12:be:6e:fd:5b:9e:b1:20:b6:2f:87:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 22 05:09:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8052d027429283750737037607dbd5e202d52279
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:2d:0e:7c:cc:8c:a6:ce:a9:42:9e:56:e3:8a:
                    e4:cb:fa:05:2b:6b:c6:fa:3d:ef:14:03:6f:b1:98:
                    96:d5:3b:c9:fb:18:cc:57:28:f9:9d:5e:9a:83:15:
                    f3:7e:df:e3:1e:2a:90:0e:a0:38:6b:76:9e:70:f1:
                    8a:97:30:e9:17:fc:4d:cb:18:7b:40:44:bc:43:c9:
                    36:32:bb:2c:87:6a:fe:8e:b7:2f:a7:b6:9d:80:9b:
                    1b:16:01:86:e8:67:cb:6d:15:e9:b2:db:ec:b8:72:
                    c4:ee:77:76:f5:4e:c2:7a:76:dd:b7:37:35:f2:2f:
                    e1:ae:72:57:4b:f4:66:f2:18:d9:ae:07:4b:a4:d2:
                    07:2b:84:e1:07:5b:23:34:1e:b2:c8:70:07:c7:b8:
                    f7:0b:b9:31:c9:91:b7:9d:1c:60:04:97:94:16:dc:
                    1e:8b:16:9d:7e:2b:3e:de:41:9a:3d:84:c4:5f:52:
                    49:5d:f3:9a:b7:1f:d0:83:a2:71:31:5c:59:e4:42:
                    7b:c1:82:22:86:c6:63:e2:e7:52:39:20:de:0f:e5:
                    a1:b0:f9:f0:38:8f:52:d7:8d:5c:f3:88:88:a6:d2:
                    dc:a2:cf:f1:82:78:41:51:a3:8d:86:e7:10:dd:f3:
                    5f:4e:1d:46:f2:ed:3b:83:9b:c2:19:c5:90:27:8a:
                    a6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:52:D0:27:42:92:83:75:07:37:03:76:07:DB:D5:E2:02:D5:22:79
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gFLQJ0KSg3UHNwN2B9vV4gLVInk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:27:7f:3a:72:78:46:96:7e:73:fc:a0:2b:ac:ea:22:68:6a:
         e6:26:2f:ef:b5:b2:e5:9b:16:6b:29:32:ef:55:5d:bd:8e:e6:
         ab:cd:a0:34:2c:60:f3:33:11:53:fc:b5:86:50:16:b4:2f:d1:
         a1:15:55:aa:6f:d8:0b:81:b7:cf:b1:f4:f5:d6:bc:1e:f3:c0:
         41:b4:73:29:82:e5:57:11:7c:e7:84:17:7e:f2:3b:26:28:61:
         4b:aa:2e:27:e4:c7:6c:c4:e0:84:3e:3f:86:05:33:92:f6:ca:
         09:1d:31:29:f7:c9:b8:b6:2a:cf:ec:08:bd:7c:53:d2:7d:cf:
         3a:cd:73:86:1c:f8:75:05:de:60:4d:7d:88:12:72:d9:07:61:
         ae:73:d2:7e:79:b1:c6:8a:26:ab:92:b2:17:70:47:ae:58:ca:
         ae:65:11:ba:b7:7c:0c:1a:f1:9e:8e:20:9b:00:a6:3a:33:58:
         0e:fc:42:4e:c3:19:bc:cf:0f:b0:5c:ed:db:11:62:98:6e:6b:
         63:ad:73:88:d5:8a:68:95:4a:b0:20:17:31:b3:37:7c:5f:db:
         de:c0:ef:86:1b:e8:61:c4:9d:bf:42:05:b3:6c:9f:e7:e4:0d:
         9b:94:33:37:96:94:15:05:d7:e0:74:b4:8c:42:01:45:70:f3:
         75:fe:e6:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjhglqBEr5u/VuesSC2L4foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjIyMDUwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUyZDAyNzQyOTI4Mzc1MDczNzAzNzYwN2RiZDVlMjAyZDUyMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS0OfMyMps6pQp5W44rky/oFK2vG
+j3vFANvsZiW1TvJ+xjMVyj5nV6agxXzft/jHiqQDqA4a3aecPGKlzDpF/xNyxh7
QES8Q8k2Mrssh2r+jrcvp7adgJsbFgGG6GfLbRXpstvsuHLE7nd29U7Cenbdtzc1
8i/hrnJXS/Rm8hjZrgdLpNIHK4ThB1sjNB6yyHAHx7j3C7kxyZG3nRxgBJeUFtwe
ixadfis+3kGaPYTEX1JJXfOatx/Qg6JxMVxZ5EJ7wYIihsZj4udSOSDeD+WhsPnw
OI9S141c84iIptLcos/xgnhBUaONhucQ3fNfTh1G8u07g5vCGcWQJ4qm6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBS0CdCkoN1BzcDdgfb1eIC1SJ5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ0ZMUUowS1NnM1VITndOMkI5dlY0Z0xWSW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACEnfzpyeEaWfnP8oCus
6iJoauYmL++1suWbFmspMu9VXb2O5qvNoDQsYPMzEVP8tYZQFrQv0aEVVapv2AuB
t8+x9PXWvB7zwEG0cymC5VcRfOeEF37yOyYoYUuqLifkx2zE4IQ+P4YFM5L2ygkd
MSn3ybi2Ks/sCL18U9J9zzrNc4Yc+HUF3mBNfYgSctkHYa5z0n55scaKJquSshdw
R65Yyq5lEbq3fAwa8Z6OIJsApjozWA78Qk7DGbzPD7Bc7dsRYphua2Otc4jVimiV
SrAgFzGzN3xf297A74Yb6GHEnb9CBbNsn+fkDZuUMzeWlBUF1+B0tIxCAUVw83X+
5ik=
-----END CERTIFICATE-----