Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yqK9I9Ndl3p_8Ihpg_CEbfEqYeI.roa
File:                     yqK9I9Ndl3p_8Ihpg_CEbfEqYeI.roa (raw, json)
Hash identifier:          GKeRCMVxBoCkD4KP14koqfQWscNGG0Uz/3GfKFeWc7s=
Subject key identifier:   CA:A2:BD:23:D3:5D:97:7A:7F:F0:88:69:83:F0:84:6D:F1:2A:61:E2
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       01886E127B209E1ECBFA68532CE93EB73073
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yqK9I9Ndl3p_8Ihpg_CEbfEqYeI.roa
Signing time:             Tue 30 May 2023 19:11:24 +0000
ROA not before:           Tue 30 May 2023 19:11:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6e:12:7b:20:9e:1e:cb:fa:68:53:2c:e9:3e:b7:30:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 30 19:11:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=caa2bd23d35d977a7ff0886983f0846df12a61e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e2:4c:8a:14:8b:ac:1d:12:d4:8f:b1:c7:c5:
                    00:f3:1b:1d:6f:be:43:20:44:38:72:5c:53:01:7e:
                    a0:88:3d:92:39:01:bb:a6:7e:a8:c5:68:d1:0b:ed:
                    d3:42:3c:b1:bb:7c:4e:a2:59:8c:40:54:72:94:13:
                    9b:1a:80:0d:21:64:5a:f6:c6:ab:af:88:03:57:9d:
                    e2:af:3e:c4:82:6a:63:a5:83:cc:0f:d5:a8:d7:bd:
                    b1:2a:e7:8b:37:fa:d2:21:fb:2d:6f:67:a6:d1:e9:
                    30:c9:ad:56:fe:84:15:a1:b3:66:48:36:d4:0f:ef:
                    7e:8e:58:7f:ee:b1:65:34:1a:e2:b2:6e:d4:8d:0f:
                    79:47:85:1c:b5:37:69:50:f2:99:cf:ec:2e:2d:9f:
                    af:e9:53:28:ee:ba:e6:ee:72:ca:30:12:d5:92:fe:
                    5f:38:8e:9a:f4:30:0b:e9:ca:ff:f0:47:7c:5b:0e:
                    d8:b3:49:be:32:f5:26:b4:48:b2:ca:32:34:ae:f8:
                    85:63:ff:26:0d:32:06:8d:70:37:01:5a:56:83:42:
                    5a:2f:a6:bf:bb:d8:6e:53:0b:a9:11:17:ac:b7:3f:
                    7c:34:9c:d4:57:81:b6:91:b7:38:42:09:92:e7:86:
                    41:d5:a8:70:47:cb:08:45:7e:c0:23:0e:e5:ed:2d:
                    2d:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:A2:BD:23:D3:5D:97:7A:7F:F0:88:69:83:F0:84:6D:F1:2A:61:E2
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yqK9I9Ndl3p_8Ihpg_CEbfEqYeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:6e:3e:42:63:e5:f1:7b:da:2f:98:12:30:fd:67:12:82:84:
         1c:49:43:81:4a:d1:99:5a:d6:f6:a2:d2:a8:42:bc:15:6c:12:
         82:71:07:00:59:2d:a4:1b:73:cf:e2:f9:a0:12:ce:30:5e:5a:
         63:74:af:c6:00:9d:a7:1e:39:bf:af:b6:49:6b:c5:bd:6b:9a:
         a1:5a:a4:f6:4f:f3:aa:2b:81:99:0b:4b:46:68:f0:36:c2:2d:
         74:df:23:c4:b7:68:c5:83:c3:2f:33:ab:48:39:30:c2:ff:db:
         08:47:f3:20:27:56:b8:3d:86:f5:e3:29:a4:67:ea:5c:81:7c:
         08:43:c4:3a:b6:c1:02:27:5a:b6:d5:65:f5:83:e0:65:89:13:
         0b:26:92:ae:a9:ea:51:00:9b:4d:ad:8e:77:ea:62:1f:be:06:
         3b:2c:93:6a:51:93:8c:e6:9e:f9:ff:8b:ab:66:ee:a2:97:a1:
         7b:4d:ee:f8:a9:85:3d:0e:cf:6b:c8:ff:9d:d2:9e:62:6b:db:
         43:ba:f8:0b:58:c4:c6:f9:aa:3d:14:c3:81:86:d3:4e:f2:99:
         d7:81:91:71:c3:b6:77:bc:41:8f:f1:d9:39:31:0e:34:f1:5e:
         79:2b:86:80:21:4e:95:d3:6b:92:99:4b:e3:c9:bd:55:c5:08:
         28:3a:1c:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhuEnsgnh7L+mhTLOk+tzBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTMwMTkxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEyYmQyM2QzNWQ5NzdhN2ZmMDg4Njk4M2YwODQ2ZGYxMmE2MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uJMihSLrB0S1I+xx8UA8xsdb75D
IEQ4clxTAX6giD2SOQG7pn6oxWjRC+3TQjyxu3xOolmMQFRylBObGoANIWRa9sar
r4gDV53irz7EgmpjpYPMD9Wo172xKueLN/rSIfstb2em0ekwya1W/oQVobNmSDbU
D+9+jlh/7rFlNBrism7UjQ95R4UctTdpUPKZz+wuLZ+v6VMo7rrm7nLKMBLVkv5f
OI6a9DAL6cr/8Ed8Ww7Ys0m+MvUmtEiyyjI0rviFY/8mDTIGjXA3AVpWg0JaL6a/
u9huUwupERestz98NJzUV4G2kbc4QgmS54ZB1ahwR8sIRX7AIw7l7S0teQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqivSPTXZd6f/CIaYPwhG3xKmHiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveXFLOUk5TmRsM3BfOElocGdfQ0ViZkVxWWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJduPkJj5fF72i+YEjD9
ZxKChBxJQ4FK0Zla1vai0qhCvBVsEoJxBwBZLaQbc8/i+aASzjBeWmN0r8YAnace
Ob+vtklrxb1rmqFapPZP86orgZkLS0Zo8DbCLXTfI8S3aMWDwy8zq0g5MML/2whH
8yAnVrg9hvXjKaRn6lyBfAhDxDq2wQInWrbVZfWD4GWJEwsmkq6p6lEAm02tjnfq
Yh++Bjssk2pRk4zmnvn/i6tm7qKXoXtN7viphT0Oz2vI/53SnmJr20O6+AtYxMb5
qj0Uw4GG007ymdeBkXHDtne8QY/x2TkxDjTxXnkrhoAhTpXTa5KZS+PJvVXFCCg6
HFg=
-----END CERTIFICATE-----