Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6631303a3a2f34342d3434203d3e203437323732.roa
File:                     323630323a663936643a6631303a3a2f34342d3434203d3e203437323732.roa (raw, json)
Hash identifier:          472lLQX0pXT6pu71pUt3F6LYaQTBYiKx6rCLxUZ/d7g=
Subject key identifier:   8B:C1:3C:4B:CB:75:4D:E2:E9:34:D0:9C:38:84:83:B2:A9:64:05:B5
Certificate issuer:       /CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
Certificate serial:       56A6FF123CD47F2C7B871F7757CBF6C6177C7827
Authority key identifier: 6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6631303a3a2f34342d3434203d3e203437323732.roa
Signing time:             Sat 03 Aug 2024 15:29:44 +0000
ROA not before:           Sat 03 Aug 2024 15:24:44 +0000
ROA not after:            Sat 02 Aug 2025 15:29:44 +0000
asID:                     47272
IP address blocks:        2602:f96d:f10::/44 maxlen: 44
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:a6:ff:12:3c:d4:7f:2c:7b:87:1f:77:57:cb:f6:c6:17:7c:78:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
        Validity
            Not Before: Aug  3 15:24:44 2024 GMT
            Not After : Aug  2 15:29:44 2025 GMT
        Subject: CN=8BC13C4BCB754DE2E934D09C388483B2A96405B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d0:ec:35:14:ad:06:7d:00:9b:3d:70:8d:fd:
                    97:66:8b:49:28:88:1e:6f:b4:c7:98:fc:7c:dc:14:
                    54:51:ac:bc:9c:82:dd:4c:05:33:e4:50:a9:30:5d:
                    7f:32:d0:38:0d:bb:bf:9d:98:03:5e:f8:d3:67:53:
                    ce:a4:7c:12:9d:18:22:c5:0f:39:ab:9e:6a:77:1f:
                    e0:60:0d:4a:a9:a2:c2:f7:db:db:a3:65:c5:72:80:
                    c5:ce:13:5d:9b:cb:4a:f7:d6:bd:98:9a:f6:d6:2e:
                    c3:3c:fa:c1:8b:34:cb:46:eb:6b:8b:c5:d8:d8:ae:
                    51:1c:40:7a:81:b7:ba:4f:e2:96:db:83:63:ac:7b:
                    ae:ea:d1:d7:4c:19:2d:86:b0:e2:1d:41:2d:70:9b:
                    e4:87:63:be:6d:1d:28:26:c8:0f:23:51:21:cd:84:
                    94:4b:ac:f8:a9:73:9d:41:01:f0:22:46:04:83:45:
                    b6:ee:21:b7:e5:45:c4:5d:99:b6:47:40:71:6b:fa:
                    c5:db:0a:48:20:da:0f:3c:75:2e:06:c2:24:99:25:
                    8e:9c:2a:6d:9d:f4:a2:87:d4:8e:65:7f:ea:fa:34:
                    bf:54:8b:9f:06:42:e8:0b:29:1b:30:5e:1a:eb:bc:
                    f8:85:33:f8:5f:96:8b:4f:72:9f:bb:ad:d8:40:7d:
                    c9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:C1:3C:4B:CB:75:4D:E2:E9:34:D0:9C:38:84:83:B2:A9:64:05:B5
            X509v3 Authority Key Identifier:
                keyid:6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/6D7A266730928D9DFDFDACE36F73AC89E424E228.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6631303a3a2f34342d3434203d3e203437323732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f96d:f10::/44

    Signature Algorithm: sha256WithRSAEncryption
         9d:33:1e:04:32:52:ae:f9:6b:a4:de:fc:04:6d:4e:6b:97:a1:
         8c:36:cf:e8:4e:8e:f8:6c:56:6b:8e:87:f3:1e:1e:39:ea:2f:
         08:e7:47:b2:d0:25:c9:ed:6d:2e:21:b3:1d:a1:53:8b:33:84:
         6c:10:18:eb:18:fc:0b:00:85:f7:52:1e:97:fb:3b:e5:30:dd:
         a6:bb:9f:4b:bf:31:10:42:f3:e9:ce:04:dc:13:f0:72:a4:4e:
         4c:24:ec:98:35:be:d6:3c:48:3a:5c:4e:a6:84:96:6a:ea:0b:
         c8:30:66:7d:48:50:fe:95:04:aa:c9:3a:4a:5c:7a:dc:08:51:
         20:8d:51:64:7c:47:81:61:46:bb:2d:5b:42:7a:6e:ec:9e:32:
         9f:78:69:66:34:09:3c:9f:87:ce:18:c9:74:70:cf:7a:43:e3:
         82:42:2c:c2:5d:fe:51:18:bc:d0:7d:98:84:df:35:74:2f:97:
         9a:c5:a4:86:ed:4e:96:2c:29:52:64:cd:29:eb:4d:7e:11:bf:
         34:4e:5d:2c:7a:20:4b:c5:77:79:f1:84:e6:3c:d2:90:48:eb:
         a6:67:29:32:dc:9f:67:b0:1c:f9:09:0f:15:93:1a:10:46:29:
         e2:78:04:28:da:55:d0:21:9f:4e:d7:9d:77:99:e5:13:2e:9e:
         81:b7:ec:76
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUVqb/EjzUfyx7hx93V8v2xhd8eCcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5
MmE1NzM3OWQ3ZjEzYmU4ZmEwHhcNMjQwODAzMTUyNDQ0WhcNMjUwODAyMTUyOTQ0
WjAzMTEwLwYDVQQDEyg4QkMxM0M0QkNCNzU0REUyRTkzNEQwOUMzODg0ODNCMkE5
NjQwNUI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NDsNRStBn0A
mz1wjf2XZotJKIgeb7THmPx83BRUUay8nILdTAUz5FCpMF1/MtA4Dbu/nZgDXvjT
Z1POpHwSnRgixQ85q55qdx/gYA1KqaLC99vbo2XFcoDFzhNdm8tK99a9mJr21i7D
PPrBizTLRutri8XY2K5RHEB6gbe6T+KW24NjrHuu6tHXTBkthrDiHUEtcJvkh2O+
bR0oJsgPI1EhzYSUS6z4qXOdQQHwIkYEg0W27iG35UXEXZm2R0Bxa/rF2wpIINoP
PHUuBsIkmSWOnCptnfSih9SOZX/q+jS/VIufBkLoCykbMF4a67z4hTP4X5aLT3Kf
u63YQH3JpwIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFIvBPEvLdU3i6TTQnDiEg7Kp
ZAW1MB8GA1UdIwQYMBaAFG16Jmcwko2d/f2s429zrInkJOIoMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2Mx
LTI3NjU0M2EyNWM3ZC80LzZEN0EyNjY3MzA5MjhEOURGREZEQUNFMzZGNzNBQzg5
RTQyNEUyMjguY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC8wMmM3NzA2Yi0zYmFmLTQyY2ItYmRmNy03
ODJiMDM2MjUyYjMvZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5MmE1
NzM3OWQ3ZjEzYmU4ZmEuY2VyMIGzBggrBgEFBQcBCwSBpjCBozCBoAYIKwYBBQUH
MAuGgZNyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC80LzMyMzYzMDMy
M2E2NjM5MzY2NDNhNjYzMTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzQzNzMy
MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBCYC+W0PEDANBgkqhkiG9w0BAQsFAAOCAQEAnTMeBDJS
rvlrpN78BG1Oa5ehjDbP6E6O+GxWa46H8x4eOeovCOdHstAlye1tLiGzHaFTizOE
bBAY6xj8CwCF91Iel/s75TDdprufS78xEELz6c4E3BPwcqROTCTsmDW+1jxIOlxO
poSWauoLyDBmfUhQ/pUEqsk6Slx63AhRII1RZHxHgWFGuy1bQnpu7J4yn3hpZjQJ
PJ+HzhjJdHDPekPjgkIswl3+URi80H2YhN81dC+XmsWkhu1OliwpUmTNKetNfhG/
NE5dLHogS8V3efGE5jzSkEjrpmcpMtyfZ7Ac+QkPFZMaEEYp4ngEKNpV0CGfTted
d5nlEy6egbfsdg==
-----END CERTIFICATE-----