Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a383a3a2f34362d3438203d3e20323134303232.roa
File:                     326130623a346530373a383a3a2f34362d3438203d3e20323134303232.roa (raw, json)
Hash identifier:          hRfs9fJpqq1/hE5yUjqrgLXOY0S5WnT+QuxhI2lB9nQ=
Subject key identifier:   3C:5C:D8:71:2D:51:C5:B4:64:61:CE:91:DE:2F:C0:44:12:51:E3:87
Certificate issuer:       /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial:       74FC1B5FD53CDF432CB1DFD17E2397B1DB1FC4C5
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a383a3a2f34362d3438203d3e20323134303232.roa
Signing time:             Fri 15 Nov 2024 13:59:09 +0000
ROA not before:           Fri 15 Nov 2024 13:54:09 +0000
ROA not after:            Fri 14 Nov 2025 13:59:09 +0000
asID:                     214022
IP address blocks:        2a0b:4e07:8::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:fc:1b:5f:d5:3c:df:43:2c:b1:df:d1:7e:23:97:b1:db:1f:c4:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
        Validity
            Not Before: Nov 15 13:54:09 2024 GMT
            Not After : Nov 14 13:59:09 2025 GMT
        Subject: CN=3C5CD8712D51C5B46461CE91DE2FC0441251E387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cd:89:47:a4:7d:15:28:e8:40:67:d4:88:1f:
                    4a:ef:56:be:71:bd:d0:20:96:16:81:00:5e:08:da:
                    7c:75:61:f0:4b:4a:6e:ff:e2:e0:bc:fe:c2:dd:aa:
                    10:12:40:e3:7c:7b:00:53:d1:24:f1:b6:47:48:a6:
                    04:89:59:73:c7:2e:c0:03:e1:11:15:e3:f6:5c:ba:
                    ee:45:bb:fd:83:f8:b2:af:cf:17:ab:92:73:a8:72:
                    7c:ed:ff:ac:93:9a:04:bd:1a:f1:01:52:37:af:fa:
                    2d:82:e9:8b:63:c6:53:93:9b:01:f7:11:d8:da:9c:
                    80:6e:37:d1:54:e4:eb:d4:9e:de:e6:68:77:88:f6:
                    a9:ec:f1:b4:e1:be:2e:be:bf:4c:11:f9:33:f5:8e:
                    b0:6a:d7:91:97:26:7b:97:f7:73:f4:62:b2:d1:b6:
                    c1:be:0b:d3:c1:9d:aa:c4:6f:b6:f8:4a:41:f7:98:
                    00:dd:7a:2e:c3:6a:34:dc:2f:20:c4:d2:b8:cc:81:
                    17:ce:a1:c1:13:f8:0b:a9:2a:ef:68:e3:12:5a:c0:
                    8e:79:2c:44:1d:88:3c:d0:82:bb:a1:43:5b:82:80:
                    e8:3f:ac:02:f5:09:fd:06:63:ce:d9:83:da:2c:d3:
                    7b:3e:91:24:ec:3a:dc:d9:06:07:34:01:b0:b3:70:
                    55:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:5C:D8:71:2D:51:C5:B4:64:61:CE:91:DE:2F:C0:44:12:51:E3:87
            X509v3 Authority Key Identifier:
                keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a383a3a2f34362d3438203d3e20323134303232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:8::/46

    Signature Algorithm: sha256WithRSAEncryption
         05:90:0e:a3:6c:c8:39:8e:e3:ae:9d:b0:b1:f0:be:81:c7:7d:
         cf:ce:d6:00:e3:a8:9d:88:c5:4e:87:20:5e:e6:d7:25:35:84:
         08:70:ce:75:73:00:a8:87:88:62:c9:d7:0c:47:e2:77:c0:a1:
         96:e5:1b:39:70:df:df:c8:4c:3f:a4:8c:22:39:f9:87:79:d4:
         c1:dc:ee:50:b0:8e:6d:44:62:24:15:ca:ac:d3:44:5b:22:93:
         cb:18:52:d5:f6:a4:1a:86:d0:7e:40:bf:11:b3:49:6d:64:08:
         0a:a3:f7:93:7c:75:06:86:bc:c1:7a:79:30:78:5c:97:50:7c:
         26:83:17:2f:2c:c1:13:66:f0:f4:ad:ab:f3:7c:7b:d7:ed:51:
         8f:0e:1e:13:8e:2d:bc:24:c6:97:ed:1e:7c:6b:05:83:40:82:
         bc:ba:f6:76:6f:b7:ce:3c:f3:9d:b2:50:07:ef:47:2b:93:67:
         24:a1:42:03:b5:39:d2:22:3f:6f:a1:79:6a:cf:0c:bb:b7:17:
         aa:09:8b:6a:b3:f2:2c:38:db:a4:30:75:9f:d6:84:14:39:a0:
         6e:be:e9:cf:48:f7:a3:2b:4d:77:e1:f9:ef:31:9b:de:13:29:
         90:df:82:01:8f:03:86:c9:c2:f5:f8:ae:3a:32:1c:83:22:54:
         2c:fe:3f:63
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUdPwbX9U830Mssd/RfiOXsdsfxMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDExMTUxMzU0MDlaFw0yNTExMTQxMzU5MDlaMDMxMTAvBgNV
BAMTKDNDNUNEODcxMkQ1MUM1QjQ2NDYxQ0U5MURFMkZDMDQ0MTI1MUUzODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLzYlHpH0VKOhAZ9SIH0rvVr5x
vdAglhaBAF4I2nx1YfBLSm7/4uC8/sLdqhASQON8ewBT0STxtkdIpgSJWXPHLsAD
4REV4/Zcuu5Fu/2D+LKvzxerknOocnzt/6yTmgS9GvEBUjev+i2C6YtjxlOTmwH3
EdjanIBuN9FU5OvUnt7maHeI9qns8bThvi6+v0wR+TP1jrBq15GXJnuX93P0YrLR
tsG+C9PBnarEb7b4SkH3mADdei7DajTcLyDE0rjMgRfOocET+AupKu9o4xJawI55
LEQdiDzQgruhQ1uCgOg/rAL1Cf0GY87Zg9os03s+kSTsOtzZBgc0AbCzcFUVAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQUPFzYcS1RxbRkYc6R3i/ARBJR44cwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBsQYIKwYBBQUHAQsEgaQwgaEwgZ4GCCsGAQUF
BzALhoGRcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTM4M2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzIzMTM0MzAz
MjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcCKgtOBwAIMA0GCSqGSIb3DQEBCwUAA4IBAQAFkA6jbMg5
juOunbCx8L6Bx33PztYA46idiMVOhyBe5tclNYQIcM51cwCoh4hiydcMR+J3wKGW
5Rs5cN/fyEw/pIwiOfmHedTB3O5QsI5tRGIkFcqs00RbIpPLGFLV9qQahtB+QL8R
s0ltZAgKo/eTfHUGhrzBenkweFyXUHwmgxcvLMETZvD0ravzfHvX7VGPDh4Tji28
JMaX7R58awWDQIK8uvZ2b7fOPPOdslAH70crk2ckoUIDtTnSIj9voXlqzwy7txeq
CYtqs/IsONukMHWf1oQUOaBuvunPSPejK0134fnvMZveEymQ34IBjwOGycL1+K46
MhyDIlQs/j9j
-----END CERTIFICATE-----