Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z30WWxYKt26YeBemvsCSBqrr4pE.roa
File:                     z30WWxYKt26YeBemvsCSBqrr4pE.roa (raw, json)
Hash identifier:          5nYebEjbftEmuNAuRM9tfXCd/26l5YVFnkzBwCBQwAI=
Subject key identifier:   CF:7D:16:5B:16:0A:B7:6E:98:78:17:A6:BE:C0:92:06:AA:EB:E2:91
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       0187FC578FBC60E7A7A7FD808BB4D26C455F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z30WWxYKt26YeBemvsCSBqrr4pE.roa
Signing time:             Mon 08 May 2023 17:10:09 +0000
ROA not before:           Mon 08 May 2023 17:10:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fc:57:8f:bc:60:e7:a7:a7:fd:80:8b:b4:d2:6c:45:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May  8 17:10:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf7d165b160ab76e987817a6bec09206aaebe291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e2:bc:2c:c6:0a:2a:88:30:82:d9:bf:28:d1:
                    51:a3:8e:9e:82:02:c0:61:a6:1a:81:36:93:1a:aa:
                    00:4a:7d:2c:55:ce:90:91:48:c0:cc:4d:7c:36:a9:
                    d1:ec:c8:42:9e:95:3d:27:8c:57:84:ba:5a:9d:9b:
                    4b:bf:62:c2:6a:c7:3c:1c:ff:86:8a:49:d5:b0:df:
                    6d:e3:5d:24:1e:87:b0:e4:c6:54:78:63:da:8f:98:
                    44:20:35:3c:1e:5b:42:38:51:ec:3a:0c:ee:2c:59:
                    8c:bf:1b:2b:8f:2c:22:83:52:d0:f5:38:30:05:16:
                    fd:e4:a8:88:cf:eb:71:65:ba:a8:fe:61:a6:a6:ab:
                    4d:02:76:2f:33:6f:1c:30:75:57:8d:8b:9b:d4:2e:
                    13:6c:4a:34:c4:74:4c:79:5a:d5:a8:31:c2:b7:ab:
                    a5:a9:2c:a9:c8:4a:e4:fc:c6:5f:b3:f2:af:79:0c:
                    76:e4:de:e1:1d:8c:89:41:89:25:d8:ac:2e:92:6d:
                    f4:94:6f:ae:99:01:ee:7b:fe:ca:3d:61:92:ae:64:
                    3b:6f:4d:a2:7c:2d:2a:bd:54:f7:16:18:e8:2b:2d:
                    bc:b5:1f:f9:65:32:d7:4d:12:49:b3:43:87:7c:44:
                    6c:5d:e9:b9:17:15:8a:42:27:10:49:29:00:16:66:
                    09:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:7D:16:5B:16:0A:B7:6E:98:78:17:A6:BE:C0:92:06:AA:EB:E2:91
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z30WWxYKt26YeBemvsCSBqrr4pE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:97:b5:6a:7a:16:22:6c:0d:e7:c7:e4:76:00:e8:1f:35:eb:
         33:d6:86:11:b9:e3:b8:15:05:de:3e:5a:39:6f:fa:af:27:76:
         5b:70:22:ee:a8:a0:fc:a4:4f:95:a6:47:64:03:11:d8:46:b2:
         e7:e7:f9:4a:2c:10:a6:85:c8:b6:55:c7:6a:fb:99:cf:46:65:
         77:ed:d3:95:41:ff:84:fc:02:9b:23:5f:75:15:bf:63:ed:1a:
         ec:08:9e:cc:2a:eb:3e:13:cf:d8:61:c1:82:ed:54:70:9e:ea:
         54:b3:34:88:14:d0:cf:6f:4c:ae:ce:02:47:7f:96:bf:f1:32:
         da:db:a9:74:aa:d1:c0:dc:79:11:35:11:55:3e:68:db:63:12:
         1e:b8:ca:c9:45:51:8b:18:1c:e5:b4:eb:e9:67:7f:54:fa:53:
         bc:37:80:d4:6b:4b:4b:ce:f7:bc:0a:6e:b9:08:45:5f:84:f2:
         6b:8a:7f:4a:4a:87:9a:68:3c:63:60:b1:0a:c4:0c:28:fc:f4:
         65:f4:26:ef:f8:62:8f:20:78:e6:b5:25:b3:e9:b0:e4:b0:f6:
         18:b6:db:ea:0d:47:09:d6:1b:30:01:3c:45:a2:8c:82:f6:66:
         11:57:ab:c9:8f:9f:b9:bc:b3:97:77:a9:62:50:ef:a0:27:2e:
         8e:31:17:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYf8V4+8YOenp/2Ai7TSbEVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA4MTcxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdkMTY1YjE2MGFiNzZlOTg3ODE3YTZiZWMwOTIwNmFhZWJlMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOK8LMYKKogwgtm/KNFRo46eggLA
YaYagTaTGqoASn0sVc6QkUjAzE18NqnR7MhCnpU9J4xXhLpanZtLv2LCasc8HP+G
iknVsN9t410kHoew5MZUeGPaj5hEIDU8HltCOFHsOgzuLFmMvxsrjywig1LQ9Tgw
BRb95KiIz+txZbqo/mGmpqtNAnYvM28cMHVXjYub1C4TbEo0xHRMeVrVqDHCt6ul
qSypyErk/MZfs/KveQx25N7hHYyJQYkl2Kwukm30lG+umQHue/7KPWGSrmQ7b02i
fC0qvVT3FhjoKy28tR/5ZTLXTRJJs0OHfERsXem5FxWKQicQSSkAFmYJbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM99FlsWCrdumHgXpr7Akgaq6+KRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvejMwV1d4WUt0MjZZZUJlbXZzQ1NCcXJyNHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmXtWp6FiJsDefH5HYA
6B816zPWhhG547gVBd4+Wjlv+q8ndltwIu6ooPykT5WmR2QDEdhGsufn+UosEKaF
yLZVx2r7mc9GZXft05VB/4T8ApsjX3UVv2PtGuwInswq6z4Tz9hhwYLtVHCe6lSz
NIgU0M9vTK7OAkd/lr/xMtrbqXSq0cDceRE1EVU+aNtjEh64yslFUYsYHOW06+ln
f1T6U7w3gNRrS0vO97wKbrkIRV+E8muKf0pKh5poPGNgsQrEDCj89GX0Ju/4Yo8g
eOa1JbPpsOSw9hi22+oNRwnWGzABPEWijIL2ZhFXq8mPn7m8s5d3qWJQ76AnLo4x
Fxk=
-----END CERTIFICATE-----