Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a333030303a3a2f33362d3434203d3e20323134323233.roa
File:                     326130623a346530373a333030303a3a2f33362d3434203d3e20323134323233.roa (raw, json)
Hash identifier:          4qDm7R4A51OgYHEFrzqGewxsx9OdIfwkKQLFU/BdCw8=
Subject key identifier:   BB:2F:BA:2E:5A:6D:EE:9C:54:D2:0A:FF:74:A6:47:87:04:86:2B:30
Certificate issuer:       /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial:       2316FE4E90E118D595F988E1F16E54DA44389739
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a333030303a3a2f33362d3434203d3e20323134323233.roa
Signing time:             Mon 23 Sep 2024 08:59:30 +0000
ROA not before:           Mon 23 Sep 2024 08:54:30 +0000
ROA not after:            Mon 22 Sep 2025 08:59:30 +0000
asID:                     214223
IP address blocks:        2a0b:4e07:3000::/36 maxlen: 44
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:16:fe:4e:90:e1:18:d5:95:f9:88:e1:f1:6e:54:da:44:38:97:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
        Validity
            Not Before: Sep 23 08:54:30 2024 GMT
            Not After : Sep 22 08:59:30 2025 GMT
        Subject: CN=BB2FBA2E5A6DEE9C54D20AFF74A6478704862B30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:05:7e:39:76:13:66:e0:97:ce:c1:35:09:dc:
                    bb:16:cc:f2:ef:a2:e1:a9:9a:d9:4f:d9:7c:12:35:
                    5a:26:78:16:23:15:25:5b:31:7e:26:61:bc:2a:cd:
                    c9:c3:dd:74:4b:84:f3:56:ec:ce:d8:01:ae:96:02:
                    17:7d:74:0b:bc:11:07:ed:05:de:df:c2:cb:b4:f5:
                    4b:2d:76:9d:79:3e:b9:1a:d7:5c:13:22:85:8c:21:
                    08:31:af:e7:36:d9:a2:59:19:49:d8:a5:ee:2d:f1:
                    93:21:2a:99:6b:9d:6d:d8:b1:6a:2a:19:88:59:08:
                    26:bf:22:a0:db:44:41:91:b1:26:ea:78:96:e7:7b:
                    25:ee:aa:60:79:08:84:dd:cc:00:00:87:86:91:16:
                    3e:4c:28:3b:31:bb:fc:d4:46:a4:f7:e0:9b:e0:43:
                    41:0c:b4:44:c5:57:0f:bd:00:84:22:7e:e7:f7:d2:
                    83:0f:a4:12:34:03:a0:b8:8d:77:a6:36:28:c5:6c:
                    be:5b:2c:38:9c:b8:98:49:2e:18:29:33:4e:42:40:
                    ed:ba:65:2f:c1:97:57:e9:2b:be:ed:d9:50:62:f0:
                    eb:84:f1:b3:49:d2:8d:b0:06:b9:6f:1d:ae:c5:f3:
                    7c:a2:4e:cd:68:4a:93:10:42:4a:58:dd:87:df:52:
                    12:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:2F:BA:2E:5A:6D:EE:9C:54:D2:0A:FF:74:A6:47:87:04:86:2B:30
            X509v3 Authority Key Identifier:
                keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a333030303a3a2f33362d3434203d3e20323134323233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:3000::/36

    Signature Algorithm: sha256WithRSAEncryption
         02:8b:cf:f3:26:3c:cd:c0:da:a0:e7:a0:2c:ea:af:90:17:d8:
         a5:bd:71:41:56:ec:7f:b9:ca:0f:25:49:65:b4:a2:1b:3a:08:
         85:43:d5:4b:41:1d:17:e3:b8:d0:98:48:93:86:42:31:4c:0a:
         e6:3d:3d:ee:69:7f:af:c0:66:cf:81:3d:47:42:97:06:ac:de:
         98:3c:3e:bf:a0:ca:d4:96:55:78:13:a9:7f:e5:89:82:b7:3e:
         07:c4:e8:91:2e:50:79:75:bc:da:2a:0e:68:2a:d9:9b:42:2b:
         a1:23:65:aa:ae:a9:c6:bc:fc:fd:85:40:42:f5:9f:a1:dd:d1:
         ff:d5:14:c4:02:cb:78:53:7d:e5:ca:ad:b6:7b:da:c8:a0:68:
         4d:84:67:32:36:04:97:47:08:af:f8:e4:3c:ce:0d:95:19:2b:
         bf:e6:26:be:da:35:8e:6e:aa:c6:c7:6e:a7:43:cc:e3:9a:30:
         8f:13:ca:d5:8c:f1:e6:63:11:6c:2a:91:3d:60:58:ef:6f:ce:
         35:00:81:ad:47:9b:cf:84:67:c3:ac:2b:c6:b1:73:a9:f9:ee:
         ac:15:c1:bd:87:15:95:56:67:e2:f1:86:28:d6:49:f1:b4:31:
         0a:61:50:0c:75:91:de:cd:d0:51:c1:41:36:c0:db:a3:20:63:
         a4:84:e5:eb
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUIxb+TpDhGNWV+Yjh8W5U2kQ4lzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA5MjMwODU0MzBaFw0yNTA5MjIwODU5MzBaMDMxMTAvBgNV
BAMTKEJCMkZCQTJFNUE2REVFOUM1NEQyMEFGRjc0QTY0Nzg3MDQ4NjJCMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXBX45dhNm4JfOwTUJ3LsWzPLv
ouGpmtlP2XwSNVomeBYjFSVbMX4mYbwqzcnD3XRLhPNW7M7YAa6WAhd9dAu8EQft
Bd7fwsu09Ustdp15Prka11wTIoWMIQgxr+c22aJZGUnYpe4t8ZMhKplrnW3YsWoq
GYhZCCa/IqDbREGRsSbqeJbneyXuqmB5CITdzAAAh4aRFj5MKDsxu/zURqT34Jvg
Q0EMtETFVw+9AIQifuf30oMPpBI0A6C4jXemNijFbL5bLDicuJhJLhgpM05CQO26
ZS/Bl1fpK77t2VBi8OuE8bNJ0o2wBrlvHa7F83yiTs1oSpMQQkpY3YffUhLfAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUuy+6Llpt7pxU0gr/dKZHhwSGKzAwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTMzMzAzMDMwM2EzYTJmMzMzNjJkMzQzNDIwM2QzZTIwMzIz
MTM0MzIzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKgtOBzAwDQYJKoZIhvcNAQELBQADggEBAAKL
z/MmPM3A2qDnoCzqr5AX2KW9cUFW7H+5yg8lSWW0ohs6CIVD1UtBHRfjuNCYSJOG
QjFMCuY9Pe5pf6/AZs+BPUdClwas3pg8Pr+gytSWVXgTqX/liYK3PgfE6JEuUHl1
vNoqDmgq2ZtCK6EjZaquqca8/P2FQEL1n6Hd0f/VFMQCy3hTfeXKrbZ72sigaE2E
ZzI2BJdHCK/45DzODZUZK7/mJr7aNY5uqsbHbqdDzOOaMI8TytWM8eZjEWwqkT1g
WO9vzjUAga1Hm8+EZ8OsK8axc6n57qwVwb2HFZVWZ+LxhijWSfG0MQphUAx1kd7N
0FHBQTbA26MgY6SE5es=
-----END CERTIFICATE-----