Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538303a623030303a3a2f34382d3438203d3e20323134343531.roa
File:                     326131343a373538303a623030303a3a2f34382d3438203d3e20323134343531.roa (raw, json)
Hash identifier:          SuZwoUCzEEGoRhFnO51tkIZKxv3we3OJQ/xM024HKiQ=
Subject key identifier:   AF:C4:99:6F:A8:D1:D5:2D:72:33:7A:F1:24:72:C0:EE:9B:79:D5:D7
Certificate issuer:       /CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B
Certificate serial:       72E587ADAC16E2C314388855CDE85C90F0A647A2
Authority key identifier: 41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538303a623030303a3a2f34382d3438203d3e20323134343531.roa
Signing time:             Sun 12 Jan 2025 17:11:01 +0000
ROA not before:           Sun 12 Jan 2025 17:06:01 +0000
ROA not after:            Sun 11 Jan 2026 17:11:01 +0000
asID:                     214451
IP address blocks:        2a14:7580:b000::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:e5:87:ad:ac:16:e2:c3:14:38:88:55:cd:e8:5c:90:f0:a6:47:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B
        Validity
            Not Before: Jan 12 17:06:01 2025 GMT
            Not After : Jan 11 17:11:01 2026 GMT
        Subject: CN=AFC4996FA8D1D52D72337AF12472C0EE9B79D5D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b6:1c:b9:cf:ba:83:8b:23:c1:27:da:ce:2d:
                    8a:10:dc:b1:f3:63:0e:b9:d2:b7:20:3a:0c:32:2d:
                    a6:9e:56:b2:0e:32:5b:ba:a4:a3:a9:4a:fd:0c:3b:
                    11:a3:99:52:b9:95:40:fc:33:e4:12:fa:14:26:ab:
                    55:4a:49:7d:16:a9:2f:1d:9c:12:0d:88:5f:85:be:
                    2b:98:f1:7e:e0:23:30:ad:5c:59:42:a8:a3:3e:47:
                    5f:dc:67:88:ca:8f:17:9d:ad:cc:68:bb:d8:41:05:
                    bb:93:01:73:6b:74:22:0c:fd:fc:4f:89:eb:e9:1b:
                    7e:58:50:2d:a4:0b:64:10:2c:b5:a4:4e:5d:e9:67:
                    d5:1d:3f:01:e4:d9:09:66:1d:8c:72:7b:b6:d9:74:
                    49:9e:c8:e8:f8:c6:0f:69:b3:d8:17:e8:8a:35:6e:
                    ad:88:5c:3e:36:c4:4b:24:68:7c:6a:ef:1b:4d:d5:
                    ba:35:4d:f9:06:64:d4:b7:bc:0b:1e:9e:3f:0b:b1:
                    23:8c:6a:a6:49:30:9d:e6:76:8f:be:db:4a:8c:6e:
                    b6:0c:e5:5c:1d:f6:8a:28:3a:36:b1:ce:7c:e6:b6:
                    fc:49:f5:1d:45:29:e3:b9:7d:60:cb:de:42:7e:4d:
                    cc:e0:b2:6a:4a:41:ca:50:2e:9c:32:3c:53:95:30:
                    e1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:C4:99:6F:A8:D1:D5:2D:72:33:7A:F1:24:72:C0:EE:9B:79:D5:D7
            X509v3 Authority Key Identifier:
                keyid:41:C6:B5:56:7A:DB:76:46:22:2A:1B:9F:1A:A7:03:8F:0C:2D:4B:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/41C6B5567ADB7646222A1B9F1AA7038F0C2D4B4B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/1/326131343a373538303a623030303a3a2f34382d3438203d3e20323134343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580:b000::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:41:b5:51:ba:19:ff:6a:9c:28:f7:de:c3:07:ea:d2:dd:02:
         97:43:97:9d:0c:3b:b1:43:65:0f:4b:fc:9d:46:5d:08:51:38:
         55:ca:a8:98:87:27:12:6c:d9:94:8e:92:f0:73:c7:e1:dd:75:
         cd:6d:4c:82:60:d2:9f:a0:53:b2:ec:e5:41:71:65:ae:f7:33:
         7d:60:9b:71:93:90:71:53:9c:11:2d:61:dc:a8:6f:cf:76:9c:
         49:66:41:52:42:7c:e7:f8:b6:18:b3:f3:01:08:4e:4a:50:55:
         de:70:95:7d:21:f6:e9:12:a2:1b:9b:67:33:e0:ed:18:53:75:
         b1:62:e2:73:01:93:15:86:f5:af:e7:4c:1c:da:1c:4d:32:f7:
         02:b5:04:d7:b2:94:e2:29:a7:67:50:d0:77:d1:9b:b2:81:8a:
         ce:34:24:3c:d4:37:85:aa:e8:12:bb:7b:23:2a:6c:40:ef:30:
         3a:a6:58:99:a5:db:ca:0d:52:3a:72:16:15:9d:5d:5c:f7:77:
         b9:c6:01:9a:ff:5d:b5:e3:97:ea:4e:25:18:32:06:6a:3b:5d:
         18:9d:b6:50:77:72:89:f9:83:ce:61:cf:68:5a:49:c9:2a:bc:
         bb:38:38:be:1e:bb:4a:1c:6d:d3:db:fc:bd:70:bf:70:2f:cb:
         22:ff:da:4a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUcuWHrawW4sMUOIhVzehckPCmR6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYw
QzJENEI0QjAeFw0yNTAxMTIxNzA2MDFaFw0yNjAxMTExNzExMDFaMDMxMTAvBgNV
BAMTKEFGQzQ5OTZGQThEMUQ1MkQ3MjMzN0FGMTI0NzJDMEVFOUI3OUQ1RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGthy5z7qDiyPBJ9rOLYoQ3LHz
Yw650rcgOgwyLaaeVrIOMlu6pKOpSv0MOxGjmVK5lUD8M+QS+hQmq1VKSX0WqS8d
nBINiF+FviuY8X7gIzCtXFlCqKM+R1/cZ4jKjxedrcxou9hBBbuTAXNrdCIM/fxP
ievpG35YUC2kC2QQLLWkTl3pZ9UdPwHk2QlmHYxye7bZdEmeyOj4xg9ps9gX6Io1
bq2IXD42xEskaHxq7xtN1bo1TfkGZNS3vAsenj8LsSOMaqZJMJ3mdo++20qMbrYM
5Vwd9oooOjaxznzmtvxJ9R1FKeO5fWDL3kJ+TczgsmpKQcpQLpwyPFOVMOHLAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUr8SZb6jR1S1yM3rxJHLA7pt51dcwHwYDVR0j
BBgwFoAUQca1VnrbdkYiKhufGqcDjwwtS0swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJjZjhiYTctY2IwMi00MThiLWJlMDQtNGQ5ZjNhMDdl
OTUwLzEvNDFDNkI1NTY3QURCNzY0NjIyMkExQjlGMUFBNzAzOEYwQzJENEI0Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC80MUM2QjU1NjdBREI3NjQ2MjIyQTFCOUYx
QUE3MDM4RjBDMkQ0QjRCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yMmNmOGJhNy1jYjAyLTQxOGItYmUwNC00ZDlmM2EwN2U5NTAvMS8zMjYxMzEz
NDNhMzczNTM4MzAzYTYyMzAzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gLAAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
QbVRuhn/apwo997DB+rS3QKXQ5edDDuxQ2UPS/ydRl0IUThVyqiYhycSbNmUjpLw
c8fh3XXNbUyCYNKfoFOy7OVBcWWu9zN9YJtxk5BxU5wRLWHcqG/PdpxJZkFSQnzn
+LYYs/MBCE5KUFXecJV9IfbpEqIbm2cz4O0YU3WxYuJzAZMVhvWv50wc2hxNMvcC
tQTXspTiKadnUNB30ZuygYrONCQ81DeFqugSu3sjKmxA7zA6pliZpdvKDVI6chYV
nV1c93e5xgGa/12145fqTiUYMgZqO10YnbZQd3KJ+YPOYc9oWknJKry7ODi+HrtK
HG3T2/y9cL9wL8si/9pK
-----END CERTIFICATE-----