Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030353a3a2f34382d3438203d3e20323135333634.roa
File:                     326131343a373538313a313030353a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier:          O/hfz0aM2Fu4UMny04wjJ5FgsNZdjywDf4gCRUTA6do=
Subject key identifier:   5D:97:AB:CD:8E:BC:D7:E8:6A:39:74:CB:DD:B5:70:1A:A1:24:67:B8
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       1EE29BAC86C848457E1599986D7184EEEEFDE705
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030353a3a2f34382d3438203d3e20323135333634.roa
Signing time:             Wed 05 Mar 2025 16:02:18 +0000
ROA not before:           Wed 05 Mar 2025 15:57:18 +0000
ROA not after:            Wed 04 Mar 2026 16:02:18 +0000
asID:                     215364
IP address blocks:        2a14:7581:1005::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:e2:9b:ac:86:c8:48:45:7e:15:99:98:6d:71:84:ee:ee:fd:e7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar  5 15:57:18 2025 GMT
            Not After : Mar  4 16:02:18 2026 GMT
        Subject: CN=5D97ABCD8EBCD7E86A3974CBDDB5701AA12467B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3d:ac:55:6c:39:7e:2c:58:dc:2a:35:ae:8a:
                    96:71:04:2d:c5:ce:18:0d:34:9c:47:04:de:b1:19:
                    f7:28:4e:ac:6c:29:a4:f7:ec:f1:5a:13:1d:f1:12:
                    d8:5f:ac:f9:9f:63:59:19:bd:37:c9:4e:37:af:49:
                    63:fa:3b:3e:d1:1d:8c:13:74:7e:bd:1d:ba:0e:15:
                    0d:c7:03:13:7b:20:eb:eb:2f:5f:08:bc:c7:69:08:
                    2b:c3:f5:be:2d:0f:0f:5c:c8:51:f4:4b:9e:9d:0d:
                    c2:d0:32:19:eb:51:24:0e:6c:03:94:53:0c:d8:4e:
                    09:4b:dd:09:b1:90:f0:b7:3f:f7:f6:28:d8:db:33:
                    e7:f9:15:0e:a3:99:87:e7:98:52:7e:bf:8e:9a:32:
                    0a:c9:15:dc:eb:98:dd:6a:f3:a4:0d:3b:b4:54:30:
                    29:85:ad:e8:78:54:9c:d7:90:e4:fc:81:0f:10:c5:
                    82:55:ab:21:cc:2b:85:4d:ca:05:13:29:93:78:0f:
                    50:d1:0e:ef:cc:e6:58:e7:94:5c:00:59:e6:c3:db:
                    b3:23:3f:13:97:f7:d8:30:9a:f6:5f:10:b9:6b:72:
                    7a:df:4d:37:20:bc:b1:21:d7:19:54:38:6d:0b:12:
                    a4:99:bb:96:45:09:6d:c4:24:56:e8:c7:1f:9b:a5:
                    20:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:97:AB:CD:8E:BC:D7:E8:6A:39:74:CB:DD:B5:70:1A:A1:24:67:B8
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030353a3a2f34382d3438203d3e20323135333634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:1005::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:4c:35:89:4b:92:fe:90:ec:0c:e8:d6:10:d1:89:f0:fe:ac:
         6e:41:dc:a2:d0:7d:19:b5:76:a2:6d:9f:a0:60:c0:e3:3c:bd:
         02:95:7e:b8:15:ba:41:4f:f3:32:3f:5b:65:bb:c7:dc:fc:54:
         7c:45:e0:fe:1e:1e:e7:a7:bb:c8:dc:2b:3f:bb:e7:f0:64:77:
         bd:10:99:03:5c:4a:da:ca:05:ee:cd:e4:4e:66:05:6e:65:99:
         4a:36:05:97:ca:82:ea:5c:b3:1c:2a:05:30:7e:63:d1:5c:30:
         9a:67:ac:cb:78:9f:78:b0:f3:b2:65:8d:ae:a7:b1:06:b4:58:
         b6:be:ea:e8:65:30:60:55:ba:1a:3e:b2:7c:56:a0:f5:1f:3c:
         e6:30:6e:d9:a5:93:48:32:0c:22:c7:3b:fc:02:07:5d:73:6d:
         4d:c2:37:97:d3:eb:90:43:18:de:04:e9:4f:7c:20:d5:5d:fd:
         3f:15:54:51:0b:ba:fd:d8:5a:4a:62:72:85:c0:b3:e8:42:dc:
         96:88:3e:85:bb:5f:8d:06:b2:65:1e:f9:06:51:f1:c0:78:d1:
         3f:03:88:8d:81:9e:ef:0b:3c:5c:93:e3:0b:36:2c:d1:8e:48:
         dd:97:76:59:93:e4:26:50:14:48:f5:f4:61:fe:15:58:d8:d9:
         f2:f6:0d:1b
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUHuKbrIbISEV+FZmYbXGE7u795wUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MThaFw0yNjAzMDQxNjAyMThaMDMxMTAvBgNV
BAMTKDVEOTdBQkNEOEVCQ0Q3RTg2QTM5NzRDQkREQjU3MDFBQTEyNDY3QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnPaxVbDl+LFjcKjWuipZxBC3F
zhgNNJxHBN6xGfcoTqxsKaT37PFaEx3xEthfrPmfY1kZvTfJTjevSWP6Oz7RHYwT
dH69HboOFQ3HAxN7IOvrL18IvMdpCCvD9b4tDw9cyFH0S56dDcLQMhnrUSQObAOU
UwzYTglL3QmxkPC3P/f2KNjbM+f5FQ6jmYfnmFJ+v46aMgrJFdzrmN1q86QNO7RU
MCmFreh4VJzXkOT8gQ8QxYJVqyHMK4VNygUTKZN4D1DRDu/M5ljnlFwAWebD27Mj
PxOX99gwmvZfELlrcnrfTTcgvLEh1xlUOG0LEqSZu5ZFCW3EJFboxx+bpSCZAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUXZerzY681+hqOXTL3bVwGqEkZ7gwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRAFMA0GCSqGSIb3DQEBCwUAA4IBAQCO
TDWJS5L+kOwM6NYQ0Ynw/qxuQdyi0H0ZtXaibZ+gYMDjPL0ClX64FbpBT/MyP1tl
u8fc/FR8ReD+Hh7np7vI3Cs/u+fwZHe9EJkDXEraygXuzeROZgVuZZlKNgWXyoLq
XLMcKgUwfmPRXDCaZ6zLeJ94sPOyZY2up7EGtFi2vuroZTBgVboaPrJ8VqD1Hzzm
MG7ZpZNIMgwixzv8Agddc21NwjeX0+uQQxjeBOlPfCDVXf0/FVRRC7r92FpKYnKF
wLPoQtyWiD6Fu1+NBrJlHvkGUfHAeNE/A4iNgZ7vCzxck+MLNizRjkjdl3ZZk+Qm
UBRI9fRh/hVY2Nny9g0b
-----END CERTIFICATE-----