Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/2V_JK6rjk2y5OzV-jGzfsnfR4RM.roa
File:                     2V_JK6rjk2y5OzV-jGzfsnfR4RM.roa (raw, json)
Hash identifier:          01s7oF2QbdI5IMZDB8rKIwaE1speupoZ2KjAlI2OqvU=
Subject key identifier:   D9:5F:C9:2B:AA:E3:93:6C:B9:3B:35:7E:8C:6C:DF:B2:77:D1:E1:13
Certificate issuer:       /CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Certificate serial:       019422200AD182D9BA93B64EFBD144B6CA1C
Authority key identifier: 9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/2V_JK6rjk2y5OzV-jGzfsnfR4RM.roa
Signing time:             Wed 01 Jan 2025 13:48:32 +0000
ROA not before:           Wed 01 Jan 2025 13:48:32 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42375
IP address blocks:        2a07:d940::/29 maxlen: 29
                          2a07:f600:4081::/48 maxlen: 48
                          2a07:f600:4085::/48 maxlen: 48
                          2a11:3840::/29 maxlen: 29
                          2a11:52c0::/29 maxlen: 29
                          2a11:7780::/29 maxlen: 29
                          2a11:78c0::/29 maxlen: 29
                          2a11:8d80::/29 maxlen: 29
                          2a11:8ec0::/29 maxlen: 29
                          2a11:fe00::/29 maxlen: 29
                          2a12:3400::/29 maxlen: 29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:20:0a:d1:82:d9:ba:93:b6:4e:fb:d1:44:b6:ca:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a26657e6b25449425b748645e7420c76ac2b3a4
        Validity
            Not Before: Jan  1 13:48:32 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d95fc92baae3936cb93b357e8c6cdfb277d1e113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:51:07:e4:14:aa:51:e3:63:8a:0a:b7:18:fe:
                    9e:54:96:0d:2f:0a:6d:2a:87:cd:89:b1:4f:6f:60:
                    a2:14:4f:7d:ee:1b:0e:39:74:d6:a6:df:06:af:5d:
                    42:87:d4:b6:11:2c:25:8a:b7:64:8d:ec:bf:33:05:
                    9d:ce:5c:9e:9b:0a:52:11:a4:55:95:27:a6:93:04:
                    1e:a6:7b:8d:61:16:c7:b8:24:56:c5:a9:a6:e3:cb:
                    ac:09:0e:28:ff:1e:b5:f0:8c:02:5c:8d:f4:bf:72:
                    e7:80:c7:f5:b3:c5:70:ce:18:97:1f:b9:88:a0:85:
                    66:1e:6e:0c:4f:79:f0:99:18:33:84:d9:4c:89:a3:
                    35:38:70:2d:90:d3:11:37:d7:74:58:75:23:d9:dd:
                    03:f0:18:c4:ef:17:f1:c8:32:c9:d8:62:10:c8:3f:
                    a4:4a:cd:0e:65:ef:f1:ec:94:fe:c9:11:8e:65:a6:
                    64:d1:d1:37:aa:eb:17:e4:07:62:82:a0:2a:9b:71:
                    08:07:3e:12:d1:4a:ee:06:f6:6e:cc:cc:72:51:11:
                    b2:fc:0a:df:8d:f0:c7:92:a8:ae:19:0b:b4:4a:b8:
                    2f:62:21:16:b3:ae:48:d4:14:07:7a:77:ef:b3:9a:
                    29:f9:39:35:a9:48:11:5b:7e:8d:f0:04:38:38:d4:
                    cb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:5F:C9:2B:AA:E3:93:6C:B9:3B:35:7E:8C:6C:DF:B2:77:D1:E1:13
            X509v3 Authority Key Identifier:
                keyid:9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/2V_JK6rjk2y5OzV-jGzfsnfR4RM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/miZlfmslRJQlt0hkXnQgx2rCs6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:d940::/29
                  2a07:f600:4081::/48
                  2a07:f600:4085::/48
                  2a11:3840::/29
                  2a11:52c0::/29
                  2a11:7780::/29
                  2a11:78c0::/29
                  2a11:8d80::/29
                  2a11:8ec0::/29
                  2a11:fe00::/29
                  2a12:3400::/29

    Signature Algorithm: sha256WithRSAEncryption
         2c:51:c1:fd:88:46:72:c8:f4:35:4e:80:15:91:52:f8:f1:38:
         a7:d0:de:41:5e:6c:79:4a:af:a7:9b:a4:ed:22:f2:74:20:10:
         72:fc:c9:55:31:e4:67:7b:ff:76:f8:49:6a:0a:8b:40:fc:74:
         1b:2d:83:08:7b:60:98:20:2b:a1:f0:5a:a9:dc:b0:e8:06:58:
         d1:ac:da:45:53:f7:a7:70:05:93:21:92:6f:79:e2:6a:26:ca:
         c3:7c:17:3b:2c:b0:c1:0f:48:c1:28:3f:3a:71:36:26:47:66:
         63:50:82:4d:51:06:af:0d:ac:b1:48:a7:73:f4:ca:95:5c:be:
         86:d7:a4:65:d3:1a:db:fd:d5:bf:41:db:77:8d:37:1c:86:4a:
         d8:f4:eb:a4:6b:12:83:07:8b:b6:19:d4:59:11:ee:d3:86:da:
         12:61:33:dc:5d:ab:14:a4:79:81:1e:d8:5e:a7:e3:e2:70:24:
         2f:6b:65:73:9f:2c:34:99:f7:7d:28:a3:a9:68:8b:a2:6c:f7:
         8a:5f:95:14:aa:56:24:31:f9:93:c5:bd:31:78:4d:74:2e:e9:
         90:12:3e:a2:a8:b1:46:6c:6a:bc:7a:4a:e3:66:aa:af:2a:6f:
         69:56:26:ec:8b:df:0f:54:56:60:34:a0:6c:e6:5c:be:4d:8d:
         cd:55:42:08
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQiIArRgtm6k7ZO+9FEtsocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjY2NTdlNmIyNTQ0OTQyNWI3NDg2NDVlNzQyMGM3NmFj
MmIzYTQwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVmYzkyYmFhZTM5MzZjYjkzYjM1N2U4YzZjZGZiMjc3ZDFlMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41EH5BSqUeNjigq3GP6eVJYNLwpt
KofNibFPb2CiFE997hsOOXTWpt8Gr11Ch9S2ESwlirdkjey/MwWdzlyemwpSEaRV
lSemkwQepnuNYRbHuCRWxamm48usCQ4o/x618IwCXI30v3LngMf1s8VwzhiXH7mI
oIVmHm4MT3nwmRgzhNlMiaM1OHAtkNMRN9d0WHUj2d0D8BjE7xfxyDLJ2GIQyD+k
Ss0OZe/x7JT+yRGOZaZk0dE3qusX5AdigqAqm3EIBz4S0UruBvZuzMxyURGy/Arf
jfDHkqiuGQu0SrgvYiEWs65I1BQHenfvs5op+Tk1qUgRW36N8AQ4ONTLeQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNlfySuq45NsuTs1foxs37J30eETMB8GA1UdIwQY
MBaAFJomZX5rJUSUJbdIZF50IMdqwrOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQt
MTEwYjc2OGJmNGMwLzEvMlZfSks2cmprMnk1T3pWLWpHemZzbmZSNFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQtMTEwYjc2OGJmNGMw
LzEvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwUDKgfZQAMH
ACoH9gBAgQMHACoH9gBAhQMFAyoROEADBQMqEVLAAwUDKhF3gAMFAyoReMADBQMq
EY2AAwUDKhGOwAMFAyoR/gADBQMqEjQAMA0GCSqGSIb3DQEBCwUAA4IBAQAsUcH9
iEZyyPQ1ToAVkVL48Tin0N5BXmx5Sq+nm6TtIvJ0IBBy/MlVMeRne/92+ElqCotA
/HQbLYMIe2CYICuh8Fqp3LDoBljRrNpFU/encAWTIZJveeJqJsrDfBc7LLDBD0jB
KD86cTYmR2ZjUIJNUQavDayxSKdz9MqVXL6G16Rl0xrb/dW/Qdt3jTcchkrY9Ouk
axKDB4u2GdRZEe7ThtoSYTPcXasUpHmBHthep+PicCQva2Vznyw0mfd9KKOpaIui
bPeKX5UUqlYkMfmTxb0xeE10LumQEj6iqLFGbGq8ekrjZqqvKm9pVibsi98PVFZg
NKBs5ly+TY3NVUII
-----END CERTIFICATE-----