Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXhIVTz2LiHIhwGDNry_AtxzDM4.roa
File:                     uXhIVTz2LiHIhwGDNry_AtxzDM4.roa (raw, json)
Hash identifier:          udvcSxjT1nxeT2rXj7KhypuEJlDaiQbBz2qciA1GT7w=
Subject key identifier:   B9:78:48:55:3C:F6:2E:21:C8:87:01:83:36:BC:BF:02:DC:73:0C:CE
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0188BAE2C57AB2624F3BF00C52F006509191
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXhIVTz2LiHIhwGDNry_AtxzDM4.roa
Signing time:             Wed 14 Jun 2023 17:10:03 +0000
ROA not before:           Wed 14 Jun 2023 17:10:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ba:e2:c5:7a:b2:62:4f:3b:f0:0c:52:f0:06:50:91:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: Jun 14 17:10:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b97848553cf62e21c887018336bcbf02dc730cce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:0d:8d:52:1e:8e:e4:91:09:85:fb:ea:f8:49:
                    02:41:42:34:ba:77:6e:f2:ca:19:25:13:f8:09:72:
                    4d:97:bc:3b:08:f0:ac:b2:ac:ed:0c:4d:63:fa:40:
                    a6:be:60:3d:5c:f6:41:ee:7b:55:aa:01:a7:6e:43:
                    a5:8e:7d:fe:79:70:ea:a2:1b:e6:56:5d:46:ec:ad:
                    00:1a:69:6b:e7:24:30:97:95:e4:9e:df:e2:65:84:
                    bb:ff:3e:ff:e6:01:05:2d:c7:9d:54:c2:0a:64:20:
                    14:2f:a1:81:e6:1d:a4:bb:0c:cf:a1:4c:9a:9d:58:
                    97:f3:dc:68:93:b4:83:a8:60:12:d7:97:07:58:7b:
                    50:c0:88:6a:80:86:8d:a1:ac:37:35:62:e9:3e:40:
                    bc:4b:60:b9:1f:19:38:9a:ce:eb:90:2e:de:a8:bd:
                    1d:62:77:2a:31:64:8b:e4:24:4c:00:6e:eb:ba:29:
                    d3:47:7d:f1:eb:4c:9a:cc:7f:f7:5f:4f:ff:01:bb:
                    43:0a:55:f6:88:1f:eb:ad:2b:7e:58:15:86:d1:a0:
                    67:0d:d8:e9:4d:d6:69:a2:7a:d3:50:6a:ac:73:ea:
                    01:cc:5a:c6:14:3e:8e:75:e6:cb:6b:9d:3c:9d:e3:
                    ff:48:e7:b7:7c:de:a9:a4:75:60:20:5e:7b:76:d8:
                    c0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:78:48:55:3C:F6:2E:21:C8:87:01:83:36:BC:BF:02:DC:73:0C:CE
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXhIVTz2LiHIhwGDNry_AtxzDM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:73:d8:ae:65:ae:5d:35:5e:7a:d1:70:01:b8:5c:f2:57:74:
         0c:11:de:e0:1a:64:1e:21:10:27:ab:a7:40:c9:6d:5f:a9:57:
         01:f0:6a:ae:18:29:c5:9e:ec:d4:82:22:e2:7a:10:5c:73:d2:
         1d:a6:52:18:d3:05:47:01:ae:48:4f:72:b5:f4:38:24:a8:51:
         19:37:1a:d9:e9:14:88:ca:9d:9c:16:16:fb:9f:29:13:ab:7c:
         bc:28:fd:1a:3d:69:8e:b7:4a:3c:ba:5c:6e:49:99:be:a2:5e:
         96:58:5f:c4:7e:7e:fa:8e:1d:8d:51:31:65:1f:b7:a5:71:0c:
         02:72:a3:41:e5:d2:ee:44:4d:3a:03:ad:f1:40:54:2a:6e:25:
         1e:72:e9:01:fe:55:14:2a:d9:31:3b:d8:6d:cb:d0:51:87:3a:
         f3:aa:2c:e9:d6:fd:59:26:3e:50:f8:bd:e6:35:59:ef:d3:b0:
         f2:27:5d:3a:90:98:11:bb:a7:99:29:3b:1d:11:09:23:79:50:
         3d:c3:60:52:44:cf:9b:64:aa:c1:0d:45:48:ff:24:e3:6b:d9:
         d8:99:61:45:78:9a:a6:f2:b3:af:5e:12:8e:6d:e7:b3:53:23:
         55:36:08:9a:2b:ed:6b:8b:85:32:09:8e:b1:d8:08:9b:08:60:
         a8:0c:96:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi64sV6smJPO/AMUvAGUJGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MTcxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc4NDg1NTNjZjYyZTIxYzg4NzAxODMzNmJjYmYwMmRjNzMwY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA2NUh6O5JEJhfvq+EkCQUI0undu
8soZJRP4CXJNl7w7CPCssqztDE1j+kCmvmA9XPZB7ntVqgGnbkOljn3+eXDqohvm
Vl1G7K0AGmlr5yQwl5Xknt/iZYS7/z7/5gEFLcedVMIKZCAUL6GB5h2kuwzPoUya
nViX89xok7SDqGAS15cHWHtQwIhqgIaNoaw3NWLpPkC8S2C5Hxk4ms7rkC7eqL0d
YncqMWSL5CRMAG7ruinTR33x60yazH/3X0//AbtDClX2iB/rrSt+WBWG0aBnDdjp
TdZponrTUGqsc+oBzFrGFD6OdebLa508neP/SOe3fN6ppHVgIF57dtjAPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLl4SFU89i4hyIcBgza8vwLccwzOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVhoSVZUejJMaUhJaHdHRE5yeV9BdHh6RE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK5z2K5lrl01XnrRcAG4
XPJXdAwR3uAaZB4hECerp0DJbV+pVwHwaq4YKcWe7NSCIuJ6EFxz0h2mUhjTBUcB
rkhPcrX0OCSoURk3GtnpFIjKnZwWFvufKROrfLwo/Ro9aY63Sjy6XG5Jmb6iXpZY
X8R+fvqOHY1RMWUft6VxDAJyo0Hl0u5ETToDrfFAVCpuJR5y6QH+VRQq2TE72G3L
0FGHOvOqLOnW/VkmPlD4veY1We/TsPInXTqQmBG7p5kpOx0RCSN5UD3DYFJEz5tk
qsENRUj/JONr2diZYUV4mqbys69eEo5t57NTI1U2CJor7WuLhTIJjrHYCJsIYKgM
lu0=
-----END CERTIFICATE-----