Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jyB6JgD1w2n53YpGV6uUzwGPaks.roa
File:                     jyB6JgD1w2n53YpGV6uUzwGPaks.roa (raw, json)
Hash identifier:          yfjSlIMXpc5bgk9RO3D4yW1H/LI1f8e117Z/bYmoOX8=
Subject key identifier:   8F:20:7A:26:00:F5:C3:69:F9:DD:8A:46:57:AB:94:CF:01:8F:6A:4B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188108237A5BFE658345B1914F3E515647A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jyB6JgD1w2n53YpGV6uUzwGPaks.roa
Signing time:             Fri 12 May 2023 15:09:09 +0000
ROA not before:           Fri 12 May 2023 15:09:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:10:82:37:a5:bf:e6:58:34:5b:19:14:f3:e5:15:64:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 12 15:09:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f207a2600f5c369f9dd8a4657ab94cf018f6a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:82:c4:1d:ea:ab:f2:cd:1b:ca:77:3b:be:f7:
                    67:29:8d:70:6c:3d:cd:9f:f0:df:92:93:a6:92:14:
                    2f:87:22:02:42:87:b2:ba:d1:4b:29:f4:b7:0e:53:
                    17:69:f2:c3:f3:95:95:7f:db:0d:9f:16:d8:46:d5:
                    83:06:85:82:b6:91:a7:61:87:94:b2:78:9a:91:a0:
                    7d:aa:10:b3:8c:3f:ea:4c:c0:81:9b:4d:f9:4a:1d:
                    8e:d7:a9:81:71:2a:cd:79:da:13:26:b6:26:4b:dd:
                    c7:cb:e3:9d:ea:c4:f6:e8:80:a3:44:82:e3:e9:b3:
                    81:51:2f:21:66:f1:2a:8b:f6:12:14:80:e0:82:2a:
                    a9:a2:b0:25:12:44:8a:7b:70:5e:cf:c9:01:23:0d:
                    57:26:af:b8:a0:b0:d8:35:71:60:76:8c:6f:55:14:
                    51:ae:de:1d:f3:5d:86:1f:07:bd:10:72:dc:de:8c:
                    81:a2:58:b4:df:72:b6:ea:b0:92:7a:67:67:08:cd:
                    a8:7a:84:bd:d5:e7:5a:81:9d:b0:34:f7:ba:2e:5b:
                    2a:d9:59:64:bd:0b:18:c4:7d:92:6f:8c:b7:f9:43:
                    eb:0d:e9:da:0e:c6:10:f3:d3:34:cd:4f:ef:1f:dc:
                    7e:a3:a6:34:f5:dd:ce:54:b4:7c:af:9f:0f:ad:24:
                    10:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:20:7A:26:00:F5:C3:69:F9:DD:8A:46:57:AB:94:CF:01:8F:6A:4B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jyB6JgD1w2n53YpGV6uUzwGPaks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:71:00:02:45:4e:ac:6c:d8:4b:73:f8:57:2a:97:be:bd:30:
         0a:a6:76:9d:15:2a:32:ec:32:a3:70:50:e5:b8:dc:cc:69:f6:
         76:99:8f:81:5d:ce:c3:18:38:f0:60:f6:95:fd:e8:b6:ec:db:
         70:8d:e6:a8:f0:b0:0b:ed:32:dd:24:f2:44:ab:27:f7:45:15:
         2b:b6:50:02:53:c1:ce:c1:42:87:82:52:ff:bf:bd:9a:44:9f:
         49:ef:c1:38:19:ae:c5:c4:ec:37:42:63:1e:44:1b:5f:4d:e5:
         6f:1d:f8:b5:0b:61:9f:a6:94:96:3a:f7:ff:5f:66:43:9d:53:
         8b:78:00:e1:bd:e2:28:48:11:c7:16:7d:2f:ae:98:ff:d7:cd:
         99:a5:d3:9f:70:82:0e:5d:37:80:33:65:2e:db:14:6b:41:06:
         aa:cc:9f:c5:ff:d2:fa:1d:32:1c:83:58:8a:cd:76:84:85:79:
         bc:c5:76:ea:d3:10:13:cf:cd:9a:68:a9:8a:ec:49:f5:1e:69:
         65:e9:d8:0e:60:81:90:76:33:ee:f9:8a:00:c4:eb:61:0a:90:
         21:4d:5e:5b:77:d9:c9:d5:94:44:59:f2:61:28:d5:fc:1a:9f:
         c0:3e:23:9d:e2:80:3d:9a:0d:1f:46:f6:53:c1:18:1e:44:d5:
         70:02:0a:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgQgjelv+ZYNFsZFPPlFWR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTEyMTUwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjIwN2EyNjAwZjVjMzY5ZjlkZDhhNDY1N2FiOTRjZjAxOGY2YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsILEHeqr8s0bync7vvdnKY1wbD3N
n/DfkpOmkhQvhyICQoeyutFLKfS3DlMXafLD85WVf9sNnxbYRtWDBoWCtpGnYYeU
sniakaB9qhCzjD/qTMCBm035Sh2O16mBcSrNedoTJrYmS93Hy+Od6sT26ICjRILj
6bOBUS8hZvEqi/YSFIDggiqporAlEkSKe3Bez8kBIw1XJq+4oLDYNXFgdoxvVRRR
rt4d812GHwe9EHLc3oyBoli033K26rCSemdnCM2oeoS91edagZ2wNPe6Llsq2Vlk
vQsYxH2Sb4y3+UPrDenaDsYQ89M0zU/vH9x+o6Y09d3OVLR8r58PrSQQpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI8geiYA9cNp+d2KRlerlM8Bj2pLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvanlCNkpnRDF3Mm41M1lwR1Y2dVV6d0dQYWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB1xAAJFTqxs2Etz+Fcq
l769MAqmdp0VKjLsMqNwUOW43Mxp9naZj4FdzsMYOPBg9pX96Lbs23CN5qjwsAvt
Mt0k8kSrJ/dFFSu2UAJTwc7BQoeCUv+/vZpEn0nvwTgZrsXE7DdCYx5EG19N5W8d
+LULYZ+mlJY69/9fZkOdU4t4AOG94ihIEccWfS+umP/XzZml059wgg5dN4AzZS7b
FGtBBqrMn8X/0vodMhyDWIrNdoSFebzFdurTEBPPzZpoqYrsSfUeaWXp2A5ggZB2
M+75igDE62EKkCFNXlt32cnVlERZ8mEo1fwan8A+I53igD2aDR9G9lPBGB5E1XAC
Cs8=
-----END CERTIFICATE-----