Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pIOWBWAoozfoYH4Kd2pf8an5zYg.roa
File:                     pIOWBWAoozfoYH4Kd2pf8an5zYg.roa (raw, json)
Hash identifier:          OyrDeyYMK6mKpekekxuhmYXAP1RsDoYcOCKApyh7PEI=
Subject key identifier:   A4:83:96:05:60:28:A3:37:E8:60:7E:0A:77:6A:5F:F1:A9:F9:CD:88
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0189578219ABF066E7D7E1B0882563F61FB7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pIOWBWAoozfoYH4Kd2pf8an5zYg.roa
Signing time:             Sat 15 Jul 2023 03:04:51 +0000
ROA not before:           Sat 15 Jul 2023 03:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:189:5781:ff43/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:57:82:19:ab:f0:66:e7:d7:e1:b0:88:25:63:f6:1f:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jul 15 03:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a48396056028a337e8607e0a776a5ff1a9f9cd88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a2:7e:c3:e9:08:d8:e2:b4:69:77:aa:06:4b:
                    55:4b:8d:21:2c:df:fe:e2:a4:d8:f1:b8:41:32:51:
                    45:7a:0b:c6:1f:d8:6f:6d:12:8e:96:33:b2:ff:80:
                    3a:ce:80:95:66:61:58:16:b0:73:bb:2f:58:52:e0:
                    79:fb:5c:54:0b:7d:cf:09:d8:d5:1e:ff:37:84:e5:
                    4c:07:6c:7b:a3:25:0a:b3:6e:36:63:d9:b5:1a:0f:
                    77:f2:36:8b:bf:54:2c:7c:7b:fd:2b:bc:41:42:55:
                    30:f3:32:d6:60:05:b7:2b:b8:41:87:6d:c6:8a:9f:
                    aa:ce:45:d1:30:8a:16:bf:49:55:8a:5a:45:07:d4:
                    ef:94:cb:e1:82:24:12:c6:a2:ef:ed:5e:4a:47:fc:
                    f0:b5:eb:12:09:c3:db:81:b7:f6:1d:bc:4d:f2:3a:
                    24:1f:dd:c7:ce:e9:8e:ad:fe:85:af:2b:d7:44:ce:
                    b4:22:a6:22:60:fa:94:f8:29:6c:fe:77:32:20:0c:
                    59:a6:69:89:f1:fd:c4:cd:60:42:23:57:76:0a:05:
                    94:3f:22:1b:d4:13:71:85:aa:a1:41:f4:5e:2f:51:
                    85:9d:b8:77:5f:1c:42:54:bc:b9:02:40:27:8c:c4:
                    f4:62:06:d7:9e:48:d7:7e:42:0a:51:9d:bf:92:9d:
                    cc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:83:96:05:60:28:A3:37:E8:60:7E:0A:77:6A:5F:F1:A9:F9:CD:88
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pIOWBWAoozfoYH4Kd2pf8an5zYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:69:fc:34:df:fb:1a:04:0f:fb:0a:e5:94:9f:bb:a5:db:a6:
         0d:51:16:e7:f6:53:a3:1c:ff:93:d8:74:39:a6:41:f2:b7:25:
         15:79:35:ba:24:7f:02:d2:a9:8e:ce:95:71:a3:26:9e:38:52:
         2e:c2:10:9c:ad:18:99:28:4d:eb:8e:78:18:8d:92:b1:72:cb:
         01:37:2e:97:d0:99:cb:02:b4:e8:3d:76:c2:8a:e6:e7:23:a0:
         4b:a2:20:64:64:11:96:ae:bf:be:46:56:93:04:4c:14:7c:5b:
         4e:12:ff:58:89:fc:4f:79:27:bf:83:08:56:9d:30:86:64:42:
         a3:f7:57:58:cc:2c:19:2c:27:3c:5d:1d:92:22:12:77:71:ba:
         15:13:b1:bf:26:ff:4e:40:a5:ce:e9:60:d3:75:32:96:ef:c7:
         5d:5c:3b:01:54:9e:45:4f:46:b5:62:12:fc:8c:54:7f:60:c6:
         30:c2:37:24:f0:2f:07:72:89:31:11:95:ba:90:88:4b:1c:64:
         80:24:c6:34:fd:4e:03:24:2a:ba:f3:5f:a2:78:2b:8b:de:45:
         15:b0:6d:88:9e:01:35:5b:f9:b1:d2:5f:48:35:c6:95:3a:d8:
         f9:f8:7b:9c:32:68:f6:c2:42:e7:02:be:5b:b9:ec:b9:cb:26:
         7a:b7:a8:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlXghmr8Gbn1+GwiCVj9h+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE1MDMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDgzOTYwNTYwMjhhMzM3ZTg2MDdlMGE3NzZhNWZmMWE5ZjljZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKJ+w+kI2OK0aXeqBktVS40hLN/+
4qTY8bhBMlFFegvGH9hvbRKOljOy/4A6zoCVZmFYFrBzuy9YUuB5+1xUC33PCdjV
Hv83hOVMB2x7oyUKs242Y9m1Gg938jaLv1QsfHv9K7xBQlUw8zLWYAW3K7hBh23G
ip+qzkXRMIoWv0lVilpFB9TvlMvhgiQSxqLv7V5KR/zwtesSCcPbgbf2HbxN8jok
H93HzumOrf6FryvXRM60IqYiYPqU+Cls/ncyIAxZpmmJ8f3EzWBCI1d2CgWUPyIb
1BNxhaqhQfReL1GFnbh3XxxCVLy5AkAnjMT0YgbXnkjXfkIKUZ2/kp3MFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKSDlgVgKKM36GB+CndqX/Gp+c2IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcElPV0JXQW9vemZvWUg0S2QycGY4YW41ellnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH9p/DTf+xoED/sK5ZSf
u6Xbpg1RFuf2U6Mc/5PYdDmmQfK3JRV5NbokfwLSqY7OlXGjJp44Ui7CEJytGJko
TeuOeBiNkrFyywE3LpfQmcsCtOg9dsKK5ucjoEuiIGRkEZauv75GVpMETBR8W04S
/1iJ/E95J7+DCFadMIZkQqP3V1jMLBksJzxdHZIiEndxuhUTsb8m/05Apc7pYNN1
Mpbvx11cOwFUnkVPRrViEvyMVH9gxjDCNyTwLwdyiTERlbqQiEscZIAkxjT9TgMk
KrrzX6J4K4veRRWwbYieATVb+bHSX0g1xpU62Pn4e5wyaPbCQucCvlu57LnLJnq3
qO0=
-----END CERTIFICATE-----