Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nIUSeyPs6PemIljNFRIVXILIBEs.roa
File:                     nIUSeyPs6PemIljNFRIVXILIBEs.roa (raw, json)
Hash identifier:          fVH5H9TVgjRIEGqRnMTuDLyULPXtNT5gxrGlwPmiZGA=
Subject key identifier:   9C:85:12:7B:23:EC:E8:F7:A6:22:58:CD:15:12:15:5C:82:C8:04:4B
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187180A0BAAB7982BF2162AAEC162C54856
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nIUSeyPs6PemIljNFRIVXILIBEs.roa
Signing time:             Sat 25 Mar 2023 09:12:04 +0000
ROA not before:           Sat 25 Mar 2023 09:12:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:18:0a:0b:aa:b7:98:2b:f2:16:2a:ae:c1:62:c5:48:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Mar 25 09:12:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c85127b23ece8f7a62258cd1512155c82c8044b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e4:17:9d:90:8f:f7:b6:64:24:10:44:39:96:
                    25:52:a4:32:45:47:f9:46:8c:04:9a:ee:fe:60:1b:
                    12:77:e3:d3:b1:2d:17:3c:6f:9e:3a:1e:e8:2b:3f:
                    d3:30:82:77:dc:31:38:b6:07:f9:0e:0e:40:93:bb:
                    10:bd:e0:30:e7:56:66:44:14:7e:1a:a6:1d:98:b7:
                    3c:9e:79:4e:69:b8:ee:dd:34:6c:d6:44:03:f9:e9:
                    f5:0a:35:5d:9d:63:e9:fc:b3:b8:dd:a1:09:a0:fb:
                    50:a9:77:40:94:01:59:82:ff:f0:95:f8:d9:1b:cd:
                    64:12:17:ed:cc:da:da:c5:83:37:31:30:de:6f:cc:
                    82:5f:a7:f2:ac:31:20:d7:90:9e:92:5d:30:0b:86:
                    0c:d5:84:d7:1b:cc:08:a6:db:4c:21:d7:eb:08:c5:
                    b8:ad:cf:2c:16:0f:c0:5f:fc:e0:e8:8a:cf:f1:20:
                    53:7a:59:54:db:24:dd:3c:8b:5c:6c:96:85:bf:b0:
                    e7:fe:d2:6e:01:13:16:bb:be:87:14:05:49:10:a8:
                    c5:f6:63:a8:ce:4c:f3:7c:ed:4e:6e:26:b0:2d:f6:
                    81:80:48:36:eb:9e:84:f6:16:38:07:96:b4:76:4c:
                    5a:c5:ba:e8:70:65:5e:af:5f:60:d2:15:b6:9a:3c:
                    1e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:85:12:7B:23:EC:E8:F7:A6:22:58:CD:15:12:15:5C:82:C8:04:4B
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nIUSeyPs6PemIljNFRIVXILIBEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:38:04:96:5d:98:e3:05:27:c9:35:6f:99:fa:f5:de:03:78:
         a0:02:85:46:a6:15:a0:0b:60:f9:cd:09:12:fc:be:8f:74:cb:
         a0:07:71:1d:f2:28:1e:73:f6:dc:44:86:56:4b:02:d8:a2:7c:
         cc:43:b9:87:c3:1a:cd:b4:8c:ee:ea:84:dd:f9:97:f5:ae:11:
         0e:99:3d:df:aa:4d:31:d9:94:d0:2f:ca:d6:8d:51:d6:55:d4:
         78:9d:95:e0:1e:a2:ce:f2:05:d0:83:fd:e9:8b:11:ec:1d:a3:
         b4:59:74:20:42:54:69:40:dc:e8:bd:36:80:38:1d:06:18:7d:
         62:1d:88:2c:88:2c:62:42:eb:1e:87:63:a8:56:27:a7:3e:3f:
         b1:97:1b:66:c5:f3:86:4b:68:f3:46:e2:32:b5:e4:43:4d:c3:
         4a:4c:e2:e7:d8:99:03:f1:72:3d:59:0f:6d:8d:aa:4d:b5:f6:
         7b:21:d0:df:dd:fd:af:9c:e8:d7:65:de:79:b6:3a:b0:83:81:
         64:94:dc:3d:6d:19:3d:35:1d:c3:3d:47:8b:2e:f3:f2:b0:05:
         47:e2:b2:04:c8:b1:66:85:03:d6:c4:64:04:ec:3b:55:3a:52:
         4d:62:6b:e2:59:e2:00:3f:7f:30:3c:0c:c1:b7:95:01:51:78:
         ac:c2:bc:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcYCguqt5gr8hYqrsFixUhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI1MDkxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg1MTI3YjIzZWNlOGY3YTYyMjU4Y2QxNTEyMTU1YzgyYzgwNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+QXnZCP97ZkJBBEOZYlUqQyRUf5
RowEmu7+YBsSd+PTsS0XPG+eOh7oKz/TMIJ33DE4tgf5Dg5Ak7sQveAw51ZmRBR+
GqYdmLc8nnlOabju3TRs1kQD+en1CjVdnWPp/LO43aEJoPtQqXdAlAFZgv/wlfjZ
G81kEhftzNraxYM3MTDeb8yCX6fyrDEg15Cekl0wC4YM1YTXG8wIpttMIdfrCMW4
rc8sFg/AX/zg6IrP8SBTellU2yTdPItcbJaFv7Dn/tJuARMWu76HFAVJEKjF9mOo
zkzzfO1ObiawLfaBgEg2656E9hY4B5a0dkxaxbrocGVer19g0hW2mjweEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJyFEnsj7Oj3piJYzRUSFVyCyARLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbklVU2V5UHM2UGVtSWxqTkZSSVZYSUxJQkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAU4BJZdmOMFJ8k1b5n6
9d4DeKAChUamFaALYPnNCRL8vo90y6AHcR3yKB5z9txEhlZLAtiifMxDuYfDGs20
jO7qhN35l/WuEQ6ZPd+qTTHZlNAvytaNUdZV1HidleAeos7yBdCD/emLEewdo7RZ
dCBCVGlA3Oi9NoA4HQYYfWIdiCyILGJC6x6HY6hWJ6c+P7GXG2bF84ZLaPNG4jK1
5ENNw0pM4ufYmQPxcj1ZD22Nqk219nsh0N/d/a+c6Ndl3nm2OrCDgWSU3D1tGT01
HcM9R4su8/KwBUfisgTIsWaFA9bEZATsO1U6Uk1ia+JZ4gA/fzA8DMG3lQFReKzC
vEc=
-----END CERTIFICATE-----