Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3430203d3e20313939333130.roa
File:                     326131343a373538303a6430303a3a2f34302d3430203d3e20313939333130.roa (raw, json)
Hash identifier:          o5EJWyX5wiy66BCn4Phzo2mfDCvoGVTO+ICQo5ndufg=
Subject key identifier:   55:C0:68:A2:8A:40:29:69:14:E4:21:9B:71:99:D5:8A:6E:6D:95:80
Certificate issuer:       /CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB
Certificate serial:       63D2EF21F7DEE4AC61B6E65271E530595191E87A
Authority key identifier: 13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3430203d3e20313939333130.roa
Signing time:             Sat 08 Mar 2025 15:17:23 +0000
ROA not before:           Sat 08 Mar 2025 15:12:23 +0000
ROA not after:            Sat 07 Mar 2026 15:17:23 +0000
asID:                     199310
IP address blocks:        2a14:7580:d00::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:d2:ef:21:f7:de:e4:ac:61:b6:e6:52:71:e5:30:59:51:91:e8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB
        Validity
            Not Before: Mar  8 15:12:23 2025 GMT
            Not After : Mar  7 15:17:23 2026 GMT
        Subject: CN=55C068A28A40296914E4219B7199D58A6E6D9580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:65:ac:64:80:2b:21:b9:a5:31:09:c1:61:47:
                    62:08:31:d1:f6:60:7f:31:43:96:19:43:6f:74:44:
                    bb:18:05:34:62:d2:f5:6e:11:19:e3:0f:d8:20:5e:
                    29:e6:c2:83:de:6b:8f:51:eb:96:b8:ac:af:9b:e4:
                    00:89:01:ef:3e:4a:8f:e8:52:43:49:3c:8d:f9:7d:
                    34:21:ae:b1:f9:0e:78:24:08:54:5a:22:95:ef:ef:
                    2a:9e:3d:83:08:28:58:a7:7b:63:08:02:b2:cc:26:
                    2a:12:da:f3:3e:43:4f:cc:da:1e:74:c1:7c:54:a7:
                    bd:ee:9d:99:9e:4b:7e:08:f6:f3:6e:18:33:18:54:
                    1d:13:dd:62:23:fe:f0:fc:21:aa:7d:1d:1d:26:5b:
                    86:34:f4:31:57:41:20:4b:84:7d:26:db:78:bd:c5:
                    25:46:be:68:d9:fd:cb:ee:54:6b:48:23:08:0e:20:
                    0d:e0:a5:12:15:e7:58:2e:19:11:ad:77:16:44:08:
                    6f:8d:8a:d5:0f:2d:ee:72:fb:88:ee:78:03:fc:de:
                    dc:f9:3a:d9:36:e1:2d:db:e3:35:ac:90:03:52:22:
                    d1:63:7f:42:75:06:41:2b:48:4c:e3:6e:8a:ea:68:
                    43:57:7f:7e:0a:ae:c8:9b:1d:8b:1a:8e:08:f6:14:
                    8d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C0:68:A2:8A:40:29:69:14:E4:21:9B:71:99:D5:8A:6E:6D:95:80
            X509v3 Authority Key Identifier:
                keyid:13:E1:A9:98:F7:7D:7C:1F:F2:95:5C:0B:68:8F:EB:FE:0F:81:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/13E1A998F77D7C1FF2955C0B688FEBFE0F8196EB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0157647c-91d6-4a04-8a91-d15385d1fab2/1/326131343a373538303a6430303a3a2f34302d3430203d3e20313939333130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         4b:63:47:20:53:a2:58:dc:65:1d:cd:64:6e:ad:52:fd:10:26:
         cf:2a:03:45:5c:06:2b:bf:b8:a0:04:fa:a8:b8:c5:a5:b2:6b:
         8c:d0:16:93:c4:37:4c:cd:72:64:5f:c4:8e:38:8d:4d:06:85:
         11:92:d7:03:9f:8c:6b:43:85:8f:f7:a7:6d:38:6e:bb:41:1f:
         6e:e4:c9:15:5e:31:99:9c:c5:b0:fe:0b:15:d4:3d:1c:bb:1d:
         74:8a:1a:46:49:2a:08:02:5d:2d:40:bb:d9:da:33:77:37:ba:
         64:07:aa:18:34:c3:76:99:d7:aa:18:b4:c2:2e:63:aa:04:4a:
         a2:1e:bb:be:b3:e5:25:58:0e:e2:3d:ff:87:39:e9:eb:4e:dc:
         e5:c6:3a:83:5d:01:a1:c2:d9:9f:0e:9d:17:27:16:e8:27:1d:
         e1:fa:0d:70:ba:18:16:f5:7d:c6:3b:c6:b3:4a:e3:45:2b:c3:
         3a:73:ab:e5:de:47:ea:8a:fc:cb:93:fa:bc:90:7b:11:e3:d3:
         ce:a1:1b:32:d1:0a:af:6a:36:fb:6b:d3:9e:03:6f:00:b1:dc:
         95:c5:91:cd:da:8b:ab:d6:e0:31:b0:92:3e:a8:11:82:ae:cd:
         da:93:96:3e:fb:8b:67:7d:d5:df:7f:e3:74:b5:1a:ee:06:44:
         5b:2b:c3:0f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUY9LvIffe5KxhtuZSceUwWVGR6HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUw
RjgxOTZFQjAeFw0yNTAzMDgxNTEyMjNaFw0yNjAzMDcxNTE3MjNaMDMxMTAvBgNV
BAMTKDU1QzA2OEEyOEE0MDI5NjkxNEU0MjE5QjcxOTlENThBNkU2RDk1ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZZaxkgCshuaUxCcFhR2IIMdH2
YH8xQ5YZQ290RLsYBTRi0vVuERnjD9ggXinmwoPea49R65a4rK+b5ACJAe8+So/o
UkNJPI35fTQhrrH5DngkCFRaIpXv7yqePYMIKFine2MIArLMJioS2vM+Q0/M2h50
wXxUp73unZmeS34I9vNuGDMYVB0T3WIj/vD8Iap9HR0mW4Y09DFXQSBLhH0m23i9
xSVGvmjZ/cvuVGtIIwgOIA3gpRIV51guGRGtdxZECG+NitUPLe5y+4jueAP83tz5
Otk24S3b4zWskANSItFjf0J1BkErSEzjborqaENXf34KrsibHYsajgj2FI3RAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUVcBooopAKWkU5CGbcZnVim5tlYAwHwYDVR0j
BBgwFoAUE+GpmPd9fB/ylVwLaI/r/g+BluswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDE1NzY0N2MtOTFkNi00YTA0LThhOTEtZDE1Mzg1ZDFm
YWIyLzEvMTNFMUE5OThGNzdEN0MxRkYyOTU1QzBCNjg4RkVCRkUwRjgxOTZFQi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8xM0UxQTk5OEY3N0Q3QzFGRjI5NTVDMEI2
ODhGRUJGRTBGODE5NkVCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wMTU3NjQ3Yy05MWQ2LTRhMDQtOGE5MS1kMTUzODVkMWZhYjIvMS8zMjYxMzEz
NDNhMzczNTM4MzAzYTY0MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMxMzkz
OTMzMzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUdYANMA0GCSqGSIb3DQEBCwUAA4IBAQBLY0cg
U6JY3GUdzWRurVL9ECbPKgNFXAYrv7igBPqouMWlsmuM0BaTxDdMzXJkX8SOOI1N
BoURktcDn4xrQ4WP96dtOG67QR9u5MkVXjGZnMWw/gsV1D0cux10ihpGSSoIAl0t
QLvZ2jN3N7pkB6oYNMN2mdeqGLTCLmOqBEqiHru+s+UlWA7iPf+HOenrTtzlxjqD
XQGhwtmfDp0XJxboJx3h+g1wuhgW9X3GO8azSuNFK8M6c6vl3kfqivzLk/q8kHsR
49POoRsy0Qqvajb7a9OeA28AsdyVxZHN2our1uAxsJI+qBGCrs3ak5Y++4tnfdXf
f+N0tRruBkRbK8MP
-----END CERTIFICATE-----