Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383233303a3a2f34342d3438203d3e20323033303639.roa
File:                     326131323a646434373a383233303a3a2f34342d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          m4Y3kXpWwf73wpGduiKIcP36BetloHc4APyMlsLTCA8=
Subject key identifier:   3F:59:45:30:E7:C0:59:03:B8:22:EA:18:16:59:56:BA:E7:CB:70:DB
Certificate issuer:       /CN=34E6AAC74193FE34C57CB5F562608EE1E50DAD51
Certificate serial:       0638520C31653E448FD301466BFA5872493B2425
Authority key identifier: 34:E6:AA:C7:41:93:FE:34:C5:7C:B5:F5:62:60:8E:E1:E5:0D:AD:51
Authority info access:    rsync://rpki.co/repo/AS945/1/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383233303a3a2f34342d3438203d3e20323033303639.roa
Signing time:             Tue 12 Mar 2024 06:00:36 +0000
ROA not before:           Tue 12 Mar 2024 05:55:36 +0000
ROA not after:            Tue 11 Mar 2025 06:00:36 +0000
asID:                     203069
IP address blocks:        2a12:dd47:8230::/44 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:38:52:0c:31:65:3e:44:8f:d3:01:46:6b:fa:58:72:49:3b:24:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34E6AAC74193FE34C57CB5F562608EE1E50DAD51
        Validity
            Not Before: Mar 12 05:55:36 2024 GMT
            Not After : Mar 11 06:00:36 2025 GMT
        Subject: CN=3F594530E7C05903B822EA18165956BAE7CB70DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0b:69:09:02:99:d9:f9:95:c5:ef:85:2a:18:
                    3c:7e:c9:4a:df:0b:69:f0:94:b1:83:37:68:ec:09:
                    4f:a8:0c:c2:e0:89:47:c6:12:b5:ce:95:15:0a:a5:
                    3f:50:ab:7d:de:58:7f:77:a3:a1:f2:90:72:75:8c:
                    6d:19:c8:92:69:51:2d:9f:d4:f6:56:5b:4c:f2:fe:
                    33:2d:40:e3:30:d0:06:8a:11:47:fc:da:a9:51:a0:
                    f0:cf:37:65:21:e8:b2:42:55:82:5c:2f:f4:76:45:
                    bd:cb:8e:4d:db:18:65:21:20:29:c1:83:27:27:09:
                    ec:fa:11:c5:b8:ce:41:54:ba:57:62:a8:c8:07:1e:
                    44:b0:3b:e7:ae:8a:e0:21:5a:27:37:4b:ca:46:b5:
                    26:9b:52:5e:66:69:11:a2:bd:d6:c0:65:c5:41:b9:
                    12:da:bd:e1:fd:8d:27:01:b7:b4:5d:30:1b:b0:71:
                    6a:c8:15:21:c8:bc:c1:46:cb:20:cd:8b:e1:a8:a5:
                    1c:34:d3:43:38:8e:80:59:14:29:cc:16:8e:a0:d3:
                    9e:ff:d9:ca:21:2a:c6:11:1d:38:0f:0e:a8:51:23:
                    3f:39:78:94:ea:5a:f8:55:80:c4:3b:28:36:c5:3b:
                    8c:f2:3d:2d:76:69:16:44:08:52:d9:a5:24:f0:71:
                    7f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:59:45:30:E7:C0:59:03:B8:22:EA:18:16:59:56:BA:E7:CB:70:DB
            X509v3 Authority Key Identifier:
                keyid:34:E6:AA:C7:41:93:FE:34:C5:7C:B5:F5:62:60:8E:E1:E5:0D:AD:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383233303a3a2f34342d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8230::/44

    Signature Algorithm: sha256WithRSAEncryption
         9d:df:27:64:ca:89:2b:73:3a:d5:61:03:af:e4:9d:c5:b2:5e:
         15:0e:e5:38:8c:ce:05:f7:dd:9b:8f:d4:04:7f:af:37:08:76:
         44:20:06:01:19:4c:ea:3c:28:50:7c:3a:d6:12:7f:68:fc:b0:
         45:3d:80:89:64:21:14:7b:3a:6f:1f:20:ce:c6:f2:b5:3e:e6:
         c8:5d:9f:fe:db:ce:54:6f:3c:29:c7:96:9d:88:fb:0f:7a:47:
         f0:0d:4b:86:52:1e:23:88:e3:af:dc:06:1c:a7:f0:82:3d:d0:
         03:f8:38:e1:63:6f:f0:ff:93:71:5e:af:c4:19:fa:00:4d:31:
         44:ce:ce:f1:c8:a3:3f:50:ce:01:b5:aa:d3:4e:c6:bf:e1:3e:
         f7:69:78:04:00:5c:86:c7:e3:7d:1c:13:e1:a7:6b:3c:86:f8:
         b4:3d:5c:09:4d:17:f2:df:62:68:a6:18:6b:f2:91:68:36:dc:
         78:34:fb:a2:63:1c:0c:f3:75:a8:fb:09:53:68:7e:bb:18:ad:
         0a:44:4e:81:60:42:b2:23:3c:f3:cd:94:5b:33:3b:57:e4:3d:
         96:a6:ca:b9:5b:8e:46:88:49:97:be:a5:f2:71:b7:17:8f:a4:
         e3:16:49:8f:b6:1a:9f:7a:c9:82:62:3e:d7:7f:b1:d7:01:46:
         63:97:1c:30
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUBjhSDDFlPkSP0wFGa/pYckk7JCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzRFNkFBQzc0MTkzRkUzNEM1N0NCNUY1NjI2MDhFRTFF
NTBEQUQ1MTAeFw0yNDAzMTIwNTU1MzZaFw0yNTAzMTEwNjAwMzZaMDMxMTAvBgNV
BAMTKDNGNTk0NTMwRTdDMDU5MDNCODIyRUExODE2NTk1NkJBRTdDQjcwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbC2kJApnZ+ZXF74UqGDx+yUrf
C2nwlLGDN2jsCU+oDMLgiUfGErXOlRUKpT9Qq33eWH93o6HykHJ1jG0ZyJJpUS2f
1PZWW0zy/jMtQOMw0AaKEUf82qlRoPDPN2Uh6LJCVYJcL/R2Rb3Ljk3bGGUhICnB
gycnCez6EcW4zkFUuldiqMgHHkSwO+euiuAhWic3S8pGtSabUl5maRGivdbAZcVB
uRLaveH9jScBt7RdMBuwcWrIFSHIvMFGyyDNi+GopRw000M4joBZFCnMFo6g057/
2cohKsYRHTgPDqhRIz85eJTqWvhVgMQ7KDbFO4zyPS12aRZECFLZpSTwcX+bAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUP1lFMOfAWQO4IuoYFllWuufLcNswHwYDVR0j
BBgwFoAUNOaqx0GT/jTFfLX1YmCO4eUNrVEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzYvMzRFNkFBQzc0MTkzRkUzNEM1N0NCNUY1NjI2MDhFRTFFNTBEQUQ1MS5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28v
cmVwby9BUzk0NS8xLzM0RTZBQUM3NDE5M0ZFMzRDNTdDQjVGNTYyNjA4RUUxRTUw
REFENTEuY2VyMIG3BggrBgEFBQcBCwSBqjCBpzCBpAYIKwYBBQUHMAuGgZdyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzFiZjhlOTc3
LTcyNzgtNDZjZi1hYmQxLTk5Y2QxZmQyYmU0ZS82LzMyNjEzMTMyM2E2NDY0MzQz
NzNhMzgzMjMzMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMwMzMzMDM2Mzku
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwQqEt1HgjAwDQYJKoZIhvcNAQELBQADggEBAJ3fJ2TKiStzOtVh
A6/kncWyXhUO5TiMzgX33ZuP1AR/rzcIdkQgBgEZTOo8KFB8OtYSf2j8sEU9gIlk
IRR7Om8fIM7G8rU+5shdn/7bzlRvPCnHlp2I+w96R/ANS4ZSHiOI46/cBhyn8II9
0AP4OOFjb/D/k3Fer8QZ+gBNMUTOzvHIoz9QzgG1qtNOxr/hPvdpeAQAXIbH430c
E+GnazyG+LQ9XAlNF/LfYmimGGvykWg23Hg0+6JjHAzzdaj7CVNofrsYrQpEToFg
QrIjPPPNlFszO1fkPZamyrlbjkaISZe+pfJxtxePpOMWSY+2Gp96yYJiPtd/sdcB
RmOXHDA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:19 2024 by rpki-client on console-fra.rpki-client.org