Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/12549943-6457-45e0-a54f-c1930815b6f7/0/326131343a373538313a323030303a3a2f34302d3438203d3e20343031333836.roa
File:                     326131343a373538313a323030303a3a2f34302d3438203d3e20343031333836.roa (raw, json)
Hash identifier:          rBikDsD9k6d5EvVf1KWvks2PGm3K9/DfAfkZtKu9GXc=
Subject key identifier:   EF:80:63:00:86:8F:21:9A:3D:17:7E:25:49:6C:12:12:F0:5B:CE:25
Certificate issuer:       /CN=AEDED3DECB1DA8A4E6AAE6726E80553046089AFD
Certificate serial:       38BC9B04CA91A4B5C357E395567A35095C40F30D
Authority key identifier: AE:DE:D3:DE:CB:1D:A8:A4:E6:AA:E6:72:6E:80:55:30:46:08:9A:FD
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AEDED3DECB1DA8A4E6AAE6726E80553046089AFD.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/12549943-6457-45e0-a54f-c1930815b6f7/0/326131343a373538313a323030303a3a2f34302d3438203d3e20343031333836.roa
Signing time:             Sat 12 Oct 2024 17:24:27 +0000
ROA not before:           Sat 12 Oct 2024 17:19:27 +0000
ROA not after:            Sat 11 Oct 2025 17:24:27 +0000
asID:                     401386
IP address blocks:        2a14:7581:2000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:bc:9b:04:ca:91:a4:b5:c3:57:e3:95:56:7a:35:09:5c:40:f3:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AEDED3DECB1DA8A4E6AAE6726E80553046089AFD
        Validity
            Not Before: Oct 12 17:19:27 2024 GMT
            Not After : Oct 11 17:24:27 2025 GMT
        Subject: CN=EF806300868F219A3D177E25496C1212F05BCE25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b1:4a:fb:8d:94:5b:e1:17:b8:7a:34:64:bb:
                    0d:42:a1:dd:76:6d:46:95:d2:d1:34:18:b4:4d:ec:
                    03:94:7d:7b:09:ba:d7:63:9c:23:14:ae:10:20:bb:
                    45:6b:b3:90:0e:e0:54:d6:96:b5:dc:27:b2:80:0e:
                    63:06:cc:ab:e3:0e:53:27:73:61:72:76:97:d5:b2:
                    6f:78:01:0b:0a:4c:ae:dc:ce:f6:7d:0b:f5:86:75:
                    15:11:d9:cf:a4:a9:db:50:84:d6:55:01:db:9a:10:
                    4e:9e:e7:2d:70:57:1e:d9:80:ac:d5:68:93:37:31:
                    a0:8e:68:d8:54:93:40:a1:27:0c:6b:0f:15:dd:62:
                    74:04:95:c9:1d:50:76:59:91:2b:63:34:d6:0c:15:
                    70:9c:2f:6e:05:b5:c1:6a:24:6b:91:db:71:6e:b9:
                    fc:14:9c:6e:8c:00:2d:8c:5a:01:e3:e8:7d:39:e8:
                    92:bd:d5:ad:f8:65:71:53:a5:dc:f6:d3:cd:3f:e1:
                    b4:bf:c1:f0:7e:46:74:a5:24:1e:83:1a:df:ca:a0:
                    ab:d0:da:30:51:8d:fc:b7:23:d7:0b:2b:c0:bd:cd:
                    a0:3f:fd:58:fa:41:e1:d2:15:48:f3:2d:dd:76:72:
                    6d:7c:09:7f:4c:54:9d:7f:7b:0f:c3:37:bd:2c:e3:
                    17:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:80:63:00:86:8F:21:9A:3D:17:7E:25:49:6C:12:12:F0:5B:CE:25
            X509v3 Authority Key Identifier:
                keyid:AE:DE:D3:DE:CB:1D:A8:A4:E6:AA:E6:72:6E:80:55:30:46:08:9A:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/12549943-6457-45e0-a54f-c1930815b6f7/0/AEDED3DECB1DA8A4E6AAE6726E80553046089AFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AEDED3DECB1DA8A4E6AAE6726E80553046089AFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/12549943-6457-45e0-a54f-c1930815b6f7/0/326131343a373538313a323030303a3a2f34302d3438203d3e20343031333836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2f:1d:d0:6a:17:58:18:3b:7b:45:49:b4:9f:77:bc:b6:67:1b:
         3d:52:6d:1e:8d:60:78:55:30:33:8c:74:b8:e1:8a:a4:d2:51:
         c0:8f:04:15:ef:00:2a:c9:15:ba:cb:29:f3:51:98:67:bd:24:
         30:36:9c:f2:5b:c9:76:9d:7f:b7:4f:3a:21:08:96:b6:ff:80:
         d6:04:ac:43:fa:e0:ec:6f:9d:e1:cf:13:14:92:01:10:d5:4b:
         6d:34:28:a5:ae:a7:a9:b1:09:8f:93:a9:dc:34:5c:69:f9:b5:
         58:aa:e0:97:67:b3:2f:3c:1b:1c:ff:85:a9:3b:dc:e6:17:33:
         1e:18:24:12:0f:9b:42:2d:98:c2:c3:51:46:c4:80:1b:39:d6:
         61:5b:21:46:95:4b:03:cb:34:1c:11:2d:d2:05:ae:33:43:3e:
         07:bf:8b:e1:d6:c3:12:97:5c:cf:df:d4:be:2c:56:eb:12:10:
         c4:53:ce:83:c0:ce:79:50:fd:f8:38:83:42:e2:30:ea:d9:66:
         2b:1f:98:cd:e1:21:f3:51:a5:9c:18:f2:d3:0d:72:b6:38:45:
         7b:ae:1d:47:9f:af:52:74:47:cf:34:69:6f:97:15:56:d3:d0:
         e3:20:56:27:59:de:38:9a:41:f5:6f:e9:6d:6f:2a:63:2d:59:
         7a:c5:4e:73
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUOLybBMqRpLXDV+OVVno1CVxA8w0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUVERUQzREVDQjFEQThBNEU2QUFFNjcyNkU4MDU1MzA0
NjA4OUFGRDAeFw0yNDEwMTIxNzE5MjdaFw0yNTEwMTExNzI0MjdaMDMxMTAvBgNV
BAMTKEVGODA2MzAwODY4RjIxOUEzRDE3N0UyNTQ5NkMxMjEyRjA1QkNFMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCysUr7jZRb4Re4ejRkuw1Cod12
bUaV0tE0GLRN7AOUfXsJutdjnCMUrhAgu0Vrs5AO4FTWlrXcJ7KADmMGzKvjDlMn
c2FydpfVsm94AQsKTK7czvZ9C/WGdRUR2c+kqdtQhNZVAduaEE6e5y1wVx7ZgKzV
aJM3MaCOaNhUk0ChJwxrDxXdYnQElckdUHZZkStjNNYMFXCcL24FtcFqJGuR23Fu
ufwUnG6MAC2MWgHj6H056JK91a34ZXFTpdz2080/4bS/wfB+RnSlJB6DGt/KoKvQ
2jBRjfy3I9cLK8C9zaA//Vj6QeHSFUjzLd12cm18CX9MVJ1/ew/DN70s4xfDAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU74BjAIaPIZo9F34lSWwSEvBbziUwHwYDVR0j
BBgwFoAUrt7T3ssdqKTmquZyboBVMEYImv0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTI1NDk5NDMtNjQ1Ny00NWUwLWE1NGYtYzE5MzA4MTVi
NmY3LzAvQUVERUQzREVDQjFEQThBNEU2QUFFNjcyNkU4MDU1MzA0NjA4OUFGRC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BRURFRDNERUNCMURBOEE0RTZBQUU2NzI2
RTgwNTUzMDQ2MDg5QUZELmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xMjU0OTk0My02NDU3LTQ1ZTAtYTU0Zi1jMTkzMDgxNWI2ZjcvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQz
MDMxMzMzODM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gSAwDQYJKoZIhvcNAQELBQADggEBAC8d
0GoXWBg7e0VJtJ93vLZnGz1SbR6NYHhVMDOMdLjhiqTSUcCPBBXvACrJFbrLKfNR
mGe9JDA2nPJbyXadf7dPOiEIlrb/gNYErEP64OxvneHPExSSARDVS200KKWup6mx
CY+Tqdw0XGn5tViq4Jdnsy88Gxz/hak73OYXMx4YJBIPm0ItmMLDUUbEgBs51mFb
IUaVSwPLNBwRLdIFrjNDPge/i+HWwxKXXM/f1L4sVusSEMRTzoPAznlQ/fg4g0Li
MOrZZisfmM3hIfNRpZwY8tMNcrY4RXuuHUefr1J0R880aW+XFVbT0OMgVidZ3jia
QfVv6W1vKmMtWXrFTnM=
-----END CERTIFICATE-----