Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438373a3a2f33322d3438203d3e20323135383238.roa
File:                     326130373a323438373a3a2f33322d3438203d3e20323135383238.roa (raw, json)
Hash identifier:          xk7l1owCzIrdzsG7TbvX2HYnTLvHPNo+ynDFSI4bcJA=
Subject key identifier:   E4:D8:0E:79:4B:F4:7D:1B:8D:3F:E0:A3:EE:EF:07:90:B6:E9:C4:E0
Certificate issuer:       /CN=28FA507C2092BDD1BBD1B0816C9D71CD4681096C
Certificate serial:       2B34D5E02C879093A318447ECFDCE85436B72A2E
Authority key identifier: 28:FA:50:7C:20:92:BD:D1:BB:D1:B0:81:6C:9D:71:CD:46:81:09:6C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438373a3a2f33322d3438203d3e20323135383238.roa
Signing time:             Sat 13 Apr 2024 12:31:13 +0000
ROA not before:           Sat 13 Apr 2024 12:26:13 +0000
ROA not after:            Sat 12 Apr 2025 12:31:13 +0000
asID:                     215828
IP address blocks:        2a07:2487::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:34:d5:e0:2c:87:90:93:a3:18:44:7e:cf:dc:e8:54:36:b7:2a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28FA507C2092BDD1BBD1B0816C9D71CD4681096C
        Validity
            Not Before: Apr 13 12:26:13 2024 GMT
            Not After : Apr 12 12:31:13 2025 GMT
        Subject: CN=E4D80E794BF47D1B8D3FE0A3EEEF0790B6E9C4E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c8:2a:36:b0:d0:ed:7b:94:0a:50:64:47:f2:
                    81:52:b7:aa:46:57:c4:88:ef:9f:9d:12:d9:80:06:
                    18:01:f6:b4:b4:42:e7:50:9e:7f:32:a8:d3:6d:76:
                    55:8a:d1:d4:a1:6f:40:b4:ca:3f:50:33:50:0e:ae:
                    25:33:2f:44:46:bd:02:23:29:52:3c:e4:1f:27:15:
                    75:54:d7:2e:99:68:9e:86:5d:f2:74:31:54:76:1c:
                    e8:7b:5f:b9:99:c5:c8:0d:2c:a8:25:94:d4:53:83:
                    1f:82:f1:71:95:9c:ef:cd:77:fd:5b:89:fc:86:61:
                    38:a9:27:41:41:fb:93:19:10:98:82:68:17:62:23:
                    42:9d:f1:52:49:88:f0:1a:f2:bc:22:48:7a:ee:fd:
                    3a:3e:8b:62:17:7d:c6:01:0d:05:58:a9:f4:52:31:
                    a8:41:f3:eb:ef:41:ce:2e:63:b3:51:cc:c6:22:99:
                    e6:85:55:22:d7:3d:3f:bc:1c:fd:31:bd:9b:b4:be:
                    ff:e4:b3:08:a4:27:ba:a8:ed:ec:53:40:47:5b:9f:
                    ac:3c:f1:b1:3f:0a:98:aa:42:ce:36:c1:01:62:83:
                    6c:22:69:8a:a8:09:92:81:1d:1c:7d:26:6f:3c:4b:
                    44:73:b1:08:b9:80:ed:81:6e:e8:d3:fa:7a:ae:c0:
                    21:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D8:0E:79:4B:F4:7D:1B:8D:3F:E0:A3:EE:EF:07:90:B6:E9:C4:E0
            X509v3 Authority Key Identifier:
                keyid:28:FA:50:7C:20:92:BD:D1:BB:D1:B0:81:6C:9D:71:CD:46:81:09:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438373a3a2f33322d3438203d3e20323135383238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:2487::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:eb:1f:53:6c:3c:ec:95:15:84:7c:ce:1b:fc:1c:2b:72:e3:
         a7:6f:5c:65:da:4b:d3:e3:12:74:c5:d6:af:45:9f:33:68:f4:
         8b:73:42:16:a1:89:40:ea:6e:f1:2c:b8:49:c4:fb:94:d3:af:
         f6:b7:8b:32:43:75:d6:c5:60:d8:b0:1e:b9:62:8e:8e:eb:ec:
         45:cc:f8:cf:1a:32:6f:65:dc:10:56:68:21:4b:e2:7c:67:55:
         f0:ea:b1:b1:9e:ee:55:7e:11:a6:9c:85:67:b5:c0:b7:0c:ea:
         42:ea:99:e0:52:71:cb:19:20:52:04:c3:34:ba:f5:c5:4b:a8:
         d6:9d:30:23:ac:3d:e5:fd:dd:4b:93:39:19:56:16:3c:eb:83:
         1b:35:09:fc:ef:50:55:a0:e5:bc:fb:51:bd:ad:d0:26:63:0c:
         e8:87:5b:9b:51:28:89:5b:8a:66:8c:c1:6d:3b:af:2e:61:4b:
         00:94:d3:d7:c7:50:fe:ce:04:47:a0:76:89:9d:aa:c8:db:6c:
         46:ec:3f:74:95:bc:56:65:65:00:77:48:de:cb:fb:21:a9:04:
         a1:e6:75:f9:6f:58:f0:44:5d:a3:df:0d:07:21:a8:ed:31:29:
         d6:d3:d1:b4:06:a3:47:ae:2d:dd:03:32:1c:03:d6:35:b9:4e:
         4b:d4:55:ec
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUKzTV4CyHkJOjGER+z9zoVDa3Ki4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjhGQTUwN0MyMDkyQkREMUJCRDFCMDgxNkM5RDcxQ0Q0
NjgxMDk2QzAeFw0yNDA0MTMxMjI2MTNaFw0yNTA0MTIxMjMxMTNaMDMxMTAvBgNV
BAMTKEU0RDgwRTc5NEJGNDdEMUI4RDNGRTBBM0VFRUYwNzkwQjZFOUM0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhyCo2sNDte5QKUGRH8oFSt6pG
V8SI75+dEtmABhgB9rS0QudQnn8yqNNtdlWK0dShb0C0yj9QM1AOriUzL0RGvQIj
KVI85B8nFXVU1y6ZaJ6GXfJ0MVR2HOh7X7mZxcgNLKgllNRTgx+C8XGVnO/Nd/1b
ifyGYTipJ0FB+5MZEJiCaBdiI0Kd8VJJiPAa8rwiSHru/To+i2IXfcYBDQVYqfRS
MahB8+vvQc4uY7NRzMYimeaFVSLXPT+8HP0xvZu0vv/kswikJ7qo7exTQEdbn6w8
8bE/CpiqQs42wQFig2wiaYqoCZKBHRx9Jm88S0RzsQi5gO2BbujT+nquwCF/AgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQU5NgOeUv0fRuNP+Cj7u8HkLbpxOAwHwYDVR0j
BBgwFoAUKPpQfCCSvdG70bCBbJ1xzUaBCWwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWMwZWQwNDYtZmE5NS00NWMzLTkxNDYtOTcxZGI4YTll
OGJiLzUvMjhGQTUwN0MyMDkyQkREMUJCRDFCMDgxNkM5RDcxQ0Q0NjgxMDk2Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yMWE3OTdmOS0zYzEwLTQ1
MzYtYWE2NC0wOWNhMmQ5NTQ1YzgvMC8yOEZBNTA3QzIwOTJCREQxQkJEMUIwODE2
QzlENzFDRDQ2ODEwOTZDLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUF
BzALhoGNcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85YzBlZDA0Ni1mYTk1LTQ1YzMtOTE0Ni05NzFkYjhhOWU4YmIvNS8zMjYxMzAz
NzNhMzIzNDM4MzczYTNhMmYzMzMyMmQzNDM4MjAzZDNlMjAzMjMxMzUzODMyMzgu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAqBySHMA0GCSqGSIb3DQEBCwUAA4IBAQBd6x9TbDzslRWEfM4b
/BwrcuOnb1xl2kvT4xJ0xdavRZ8zaPSLc0IWoYlA6m7xLLhJxPuU06/2t4syQ3XW
xWDYsB65Yo6O6+xFzPjPGjJvZdwQVmghS+J8Z1Xw6rGxnu5VfhGmnIVntcC3DOpC
6pngUnHLGSBSBMM0uvXFS6jWnTAjrD3l/d1LkzkZVhY864MbNQn871BVoOW8+1G9
rdAmYwzoh1ubUSiJW4pmjMFtO68uYUsAlNPXx1D+zgRHoHaJnarI22xG7D90lbxW
ZWUAd0jey/shqQSh5nX5b1jwRF2j3w0HIajtMSnW09G0BqNHri3dAzIcA9Y1uU5L
1FXs
-----END CERTIFICATE-----
Generated at Fri Jul 12 22:58:03 2024 by rpki-client on console-ams.rpki-client.org