Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230393a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3230393a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          /MXdIUv6sXr4a1cN8C50zHf17m/VeHlouLE6dCLmnlo=
Subject key identifier:   8D:EB:B5:03:47:C8:2F:F9:FF:70:9E:34:44:5D:E7:6A:3B:26:86:1A
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       55389C99EC96B635D12F6866FB24F6C0BEC83EE1
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230393a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Fri 13 Sep 2024 05:23:12 +0000
ROA not before:           Fri 13 Sep 2024 05:18:12 +0000
ROA not after:            Fri 12 Sep 2025 05:23:12 +0000
asID:                     216324
IP address blocks:        2a14:7581:209::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:38:9c:99:ec:96:b6:35:d1:2f:68:66:fb:24:f6:c0:be:c8:3e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Sep 13 05:18:12 2024 GMT
            Not After : Sep 12 05:23:12 2025 GMT
        Subject: CN=8DEBB50347C82FF9FF709E34445DE76A3B26861A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:77:a8:f8:07:08:db:a9:fd:f6:a8:52:a9:c1:
                    65:04:f5:88:04:6c:7e:62:9e:88:4f:49:3d:81:70:
                    95:1d:36:a2:44:2a:94:01:04:57:fc:28:6f:21:74:
                    19:bb:c7:2b:c8:e0:13:09:e1:29:39:85:94:6c:50:
                    6e:a6:cf:e6:39:7b:4b:d3:fe:72:98:cf:ca:2c:c1:
                    7e:f0:4d:3d:32:77:ba:27:f2:02:11:10:79:99:fb:
                    bf:45:4a:21:b3:d6:88:8e:08:4a:c5:81:be:65:ff:
                    bb:43:ec:3b:17:a8:af:75:e1:2f:29:6d:82:a6:6c:
                    34:aa:3e:29:bb:80:ac:ec:49:7e:3b:9e:23:6f:c3:
                    fe:f6:26:24:b8:bf:59:88:20:db:40:12:53:b5:bc:
                    6a:f7:c4:e0:6f:38:aa:1e:bc:ce:c3:b0:e8:35:99:
                    e3:06:29:74:6e:99:8b:dd:bd:90:01:a6:d7:05:80:
                    d1:da:44:a6:42:b1:9d:18:ce:78:90:b9:d5:6b:73:
                    cc:aa:4b:7c:41:43:b5:00:a3:a6:3e:7e:8d:c6:67:
                    64:58:a2:98:d8:d4:04:f7:da:16:f3:f2:a4:d5:53:
                    e4:43:ec:07:43:be:58:43:3e:71:a8:44:8d:b6:d3:
                    be:d2:d7:00:25:5b:77:fe:a1:ce:54:47:15:e1:32:
                    d8:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EB:B5:03:47:C8:2F:F9:FF:70:9E:34:44:5D:E7:6A:3B:26:86:1A
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230393a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:209::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:ad:28:23:6d:28:cc:bf:57:dc:3c:af:e1:10:49:51:49:28:
         64:1e:7c:46:49:98:49:5e:25:39:32:22:04:bc:a9:82:c7:77:
         2f:46:ca:da:0c:62:c4:59:b9:50:8e:52:ef:06:f7:a6:53:27:
         1e:b9:10:4a:05:a3:d2:2e:33:67:39:8d:c5:92:ce:fe:33:8f:
         42:af:8e:5c:1d:4d:17:4e:cc:a2:9c:a3:37:7e:ab:0e:64:2c:
         f7:49:9a:25:1a:2d:3b:cd:49:d4:2b:66:d2:77:18:58:a3:2b:
         d9:14:ae:94:42:1b:18:67:7a:a4:1f:80:c4:f8:58:f6:94:c9:
         ee:7e:51:52:93:c6:79:46:52:a2:35:67:98:41:d0:50:f1:8f:
         28:d9:76:56:d2:29:ee:80:e5:50:65:aa:b4:ea:04:f4:b4:62:
         21:e8:d3:31:3b:a8:ca:0f:0a:5a:13:64:cf:a5:75:35:8d:ea:
         72:6d:2b:a6:34:03:04:ec:b2:9c:05:ea:71:94:90:3d:bc:89:
         9a:4c:65:15:4a:91:c3:74:e9:84:86:d1:2d:b0:07:53:58:17:
         eb:6f:9b:92:42:c2:85:10:c1:f2:ca:89:ef:a6:64:18:0d:08:
         cc:65:bb:19:44:47:f2:34:43:ef:df:d3:63:c3:48:4a:8c:e1:
         ef:30:a2:cf
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUVTicmeyWtjXRL2hm+yT2wL7IPuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA5MTMwNTE4MTJaFw0yNTA5MTIwNTIzMTJaMDMxMTAvBgNV
BAMTKDhERUJCNTAzNDdDODJGRjlGRjcwOUUzNDQ0NURFNzZBM0IyNjg2MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdd6j4Bwjbqf32qFKpwWUE9YgE
bH5inohPST2BcJUdNqJEKpQBBFf8KG8hdBm7xyvI4BMJ4Sk5hZRsUG6mz+Y5e0vT
/nKYz8oswX7wTT0yd7on8gIREHmZ+79FSiGz1oiOCErFgb5l/7tD7DsXqK914S8p
bYKmbDSqPim7gKzsSX47niNvw/72JiS4v1mIINtAElO1vGr3xOBvOKoevM7DsOg1
meMGKXRumYvdvZABptcFgNHaRKZCsZ0YzniQudVrc8yqS3xBQ7UAo6Y+fo3GZ2RY
opjY1AT32hbz8qTVU+RD7AdDvlhDPnGoRI22077S1wAlW3f+oc5URxXhMtghAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUjeu1A0fIL/n/cJ40RF3najsmhhowHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYECCTANBgkqhkiG9w0BAQsFAAOCAQEAB60o
I20ozL9X3Dyv4RBJUUkoZB58RkmYSV4lOTIiBLypgsd3L0bK2gxixFm5UI5S7wb3
plMnHrkQSgWj0i4zZzmNxZLO/jOPQq+OXB1NF07MopyjN36rDmQs90maJRotO81J
1Ctm0ncYWKMr2RSulEIbGGd6pB+AxPhY9pTJ7n5RUpPGeUZSojVnmEHQUPGPKNl2
VtIp7oDlUGWqtOoE9LRiIejTMTuoyg8KWhNkz6V1NY3qcm0rpjQDBOyynAXqcZSQ
PbyJmkxlFUqRw3TphIbRLbAHU1gX62+bkkLChRDB8sqJ76ZkGA0IzGW7GURH8jRD
79/TY8NISozh7zCizw==
-----END CERTIFICATE-----