Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oKXYZZGQUFxU-IJUhRluaM-RUTA.roa
File:                     oKXYZZGQUFxU-IJUhRluaM-RUTA.roa (raw, json)
Hash identifier:          c4AtOi+OUHzSuzbczR+hfg7B31u74PAH0/TUP8dKtIA=
Subject key identifier:   A0:A5:D8:65:91:90:50:5C:54:F8:82:54:85:19:6E:68:CF:91:51:30
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187E6E1D3C9E2597C5239B54BEBCB178078
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oKXYZZGQUFxU-IJUhRluaM-RUTA.roa
Signing time:             Thu 04 May 2023 13:09:32 +0000
ROA not before:           Thu 04 May 2023 13:09:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e6:e1:d3:c9:e2:59:7c:52:39:b5:4b:eb:cb:17:80:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  4 13:09:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0a5d8659190505c54f8825485196e68cf915130
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:e9:fc:e7:a7:b4:a0:0b:03:d9:f1:e7:dd:8a:
                    d1:dd:b6:79:b3:1d:43:bb:b6:5b:89:d3:0f:bb:ad:
                    42:49:3a:98:10:4e:d9:fe:51:93:9b:f1:7d:20:9c:
                    32:72:e8:35:71:7e:a5:34:27:8a:a5:ea:ca:33:12:
                    0f:46:73:f7:bc:00:e3:f2:37:b5:29:4b:6b:0b:d7:
                    10:6e:21:a0:e6:e5:ce:61:16:f9:22:a2:e4:0f:3c:
                    08:25:76:1f:7e:05:54:91:24:98:94:32:b2:be:4a:
                    c0:bc:1f:23:77:99:f1:58:68:45:f6:bb:db:a2:ad:
                    71:eb:02:a8:fd:58:35:70:49:1f:06:db:ad:02:2b:
                    18:a9:dd:e0:50:54:7b:9b:47:10:3d:26:02:96:6f:
                    6a:b5:ce:74:da:a6:8b:90:35:3d:e8:81:d5:48:23:
                    87:9d:b5:1e:4e:b8:c7:ad:99:b7:1f:0b:48:21:64:
                    dd:fe:e6:03:42:8a:62:7f:f1:c8:53:b6:cb:22:e7:
                    39:5e:94:1e:f0:27:b6:1c:e7:d6:c1:a5:ec:f2:a4:
                    93:bc:b6:b0:c6:bb:18:86:8b:24:af:b0:12:eb:fe:
                    0b:73:4e:0d:61:5a:e3:48:10:c2:dd:66:89:96:d2:
                    46:90:0c:1c:63:d9:c3:4c:ef:8d:e9:d7:28:8e:3b:
                    82:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A5:D8:65:91:90:50:5C:54:F8:82:54:85:19:6E:68:CF:91:51:30
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oKXYZZGQUFxU-IJUhRluaM-RUTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:1b:50:13:a1:73:35:0b:b0:91:3e:c9:4b:3e:89:19:c2:37:
         db:96:4e:6e:d6:62:9d:24:2c:87:ba:13:ea:f6:1a:97:b8:2a:
         7b:7c:96:a1:62:cf:69:fd:62:40:59:ca:cc:cd:1a:32:54:ff:
         fd:97:19:c6:bc:85:52:3c:5b:da:7c:30:7f:3a:8e:6d:a8:84:
         c2:cb:67:8b:70:2b:f8:21:be:a7:46:40:51:db:d5:b7:8b:61:
         5a:11:9f:15:a2:a7:d7:f1:22:bc:53:4b:cb:93:15:18:88:43:
         5e:b4:b2:b5:80:cb:2c:2c:96:f1:e9:7d:49:55:ce:39:b2:5d:
         25:20:31:08:de:45:dd:9c:47:b3:43:e4:66:39:23:04:b6:6c:
         7f:be:13:75:5e:20:24:48:7c:68:ac:84:1a:85:25:80:1e:ee:
         21:5b:de:fe:97:d6:22:68:df:7e:df:a2:7b:6b:e3:82:71:86:
         de:f5:29:59:93:68:8f:6a:a0:62:d4:4b:5d:a7:f0:13:f0:80:
         27:57:92:e7:fd:e6:9a:c0:59:49:ee:4a:14:1f:c8:93:9c:4e:
         86:27:da:31:39:17:60:9c:88:88:52:a1:71:87:40:dc:d0:2d:
         d1:e7:1a:3f:8e:b7:cf:1e:a3:2c:0c:26:3b:81:1f:eb:fb:aa:
         ce:e2:1c:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfm4dPJ4ll8Ujm1S+vLF4B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA0MTMwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE1ZDg2NTkxOTA1MDVjNTRmODgyNTQ4NTE5NmU2OGNmOTE1MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+en856e0oAsD2fHn3YrR3bZ5sx1D
u7ZbidMPu61CSTqYEE7Z/lGTm/F9IJwycug1cX6lNCeKperKMxIPRnP3vADj8je1
KUtrC9cQbiGg5uXOYRb5IqLkDzwIJXYffgVUkSSYlDKyvkrAvB8jd5nxWGhF9rvb
oq1x6wKo/Vg1cEkfBtutAisYqd3gUFR7m0cQPSYClm9qtc502qaLkDU96IHVSCOH
nbUeTrjHrZm3HwtIIWTd/uYDQopif/HIU7bLIuc5XpQe8Ce2HOfWwaXs8qSTvLaw
xrsYhoskr7AS6/4Lc04NYVrjSBDC3WaJltJGkAwcY9nDTO+N6dcojjuC2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKCl2GWRkFBcVPiCVIUZbmjPkVEwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb0tYWVpaR1FVRnhVLUlKVWhSbHVhTS1SVVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFsbUBOhczULsJE+yUs+
iRnCN9uWTm7WYp0kLIe6E+r2Gpe4Knt8lqFiz2n9YkBZyszNGjJU//2XGca8hVI8
W9p8MH86jm2ohMLLZ4twK/ghvqdGQFHb1beLYVoRnxWip9fxIrxTS8uTFRiIQ160
srWAyywslvHpfUlVzjmyXSUgMQjeRd2cR7ND5GY5IwS2bH++E3VeICRIfGishBqF
JYAe7iFb3v6X1iJo337fontr44Jxht71KVmTaI9qoGLUS12n8BPwgCdXkuf95prA
WUnuShQfyJOcToYn2jE5F2CciIhSoXGHQNzQLdHnGj+Ot88eoywMJjuBH+v7qs7i
HH8=
-----END CERTIFICATE-----