Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/326130613a363034343a383030303a3a2f33362d3438203d3e20323135363035.roa
File:                     326130613a363034343a383030303a3a2f33362d3438203d3e20323135363035.roa (raw, json)
Hash identifier:          rfBVKVeDolW2xuJXtIBW3+sb6n+RTsWvOaIU0c6mIxY=
Subject key identifier:   B2:95:C4:31:5B:7B:43:BF:96:6F:DF:E9:9B:19:4B:63:7B:3E:6B:EC
Certificate issuer:       /CN=B89BFA84DC5AFE05076A0800B960FEA22FC90D09
Certificate serial:       7524780ED3FEC43ACFD286FB3F7797A5E20326A2
Authority key identifier: B8:9B:FA:84:DC:5A:FE:05:07:6A:08:00:B9:60:FE:A2:2F:C9:0D:09
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/326130613a363034343a383030303a3a2f33362d3438203d3e20323135363035.roa
Signing time:             Tue 06 Aug 2024 19:02:56 +0000
ROA not before:           Tue 06 Aug 2024 18:57:56 +0000
ROA not after:            Tue 05 Aug 2025 19:02:56 +0000
asID:                     215605
IP address blocks:        2a0a:6044:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:24:78:0e:d3:fe:c4:3a:cf:d2:86:fb:3f:77:97:a5:e2:03:26:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B89BFA84DC5AFE05076A0800B960FEA22FC90D09
        Validity
            Not Before: Aug  6 18:57:56 2024 GMT
            Not After : Aug  5 19:02:56 2025 GMT
        Subject: CN=B295C4315B7B43BF966FDFE99B194B637B3E6BEC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f6:00:7c:e0:b7:d4:c6:aa:f8:87:ee:16:db:
                    30:65:89:b3:d6:20:b6:a0:f2:01:86:a1:dd:08:18:
                    98:55:27:3f:a8:e3:8c:0f:40:0f:2d:3c:44:ac:dc:
                    6c:37:4a:24:83:b6:16:75:66:89:7e:63:7f:27:a6:
                    07:af:ff:49:50:60:86:b3:c3:e6:66:38:1f:96:95:
                    8a:d6:5e:3f:af:3d:14:5d:16:90:d5:08:84:35:41:
                    31:93:c6:62:d0:86:74:33:a2:a6:88:07:29:ed:31:
                    3c:36:86:5a:c0:64:ca:b1:be:cd:50:4d:b0:48:eb:
                    1b:a0:28:cc:03:aa:30:ad:5a:a2:cb:db:15:90:2a:
                    2b:a9:8a:1c:a0:7c:12:2a:74:af:e9:90:a2:4a:d7:
                    41:3f:29:01:83:77:3e:70:96:c3:91:a3:ae:ab:29:
                    aa:16:93:8c:43:c3:ea:77:79:54:ad:c6:64:55:a7:
                    6e:fb:76:1b:58:41:5c:8d:42:c2:a6:56:8f:3a:99:
                    29:4a:ac:c4:5c:15:95:71:79:3c:d6:72:da:a0:dd:
                    3b:d6:5b:3c:93:9c:8e:d0:60:00:d0:42:5e:41:cc:
                    c5:d4:fd:ba:be:c4:79:ed:74:43:ba:45:4a:15:17:
                    98:25:4a:b3:95:bd:47:12:e1:c2:02:75:da:05:6c:
                    37:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:95:C4:31:5B:7B:43:BF:96:6F:DF:E9:9B:19:4B:63:7B:3E:6B:EC
            X509v3 Authority Key Identifier:
                keyid:B8:9B:FA:84:DC:5A:FE:05:07:6A:08:00:B9:60:FE:A2:2F:C9:0D:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/B89BFA84DC5AFE05076A0800B960FEA22FC90D09.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/491a43bc-76ec-4abe-ba7d-e73e90d662cb/1/326130613a363034343a383030303a3a2f33362d3438203d3e20323135363035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         43:5c:7f:4a:79:4b:b3:84:2b:19:77:16:0d:f5:ff:15:2d:a3:
         3f:65:51:61:b6:2d:17:f7:7b:a0:eb:ba:4b:f0:f0:60:e0:70:
         b2:f0:12:bb:dd:10:e5:da:a4:e3:8c:91:34:4e:a9:63:95:9a:
         cc:96:2e:b4:69:f1:8e:02:24:1a:95:58:29:76:67:c4:9d:66:
         60:c0:4a:35:12:71:ca:42:f2:cb:de:71:40:cb:aa:9a:eb:29:
         af:37:35:85:64:cf:ab:17:1e:51:f9:a6:2c:6c:7c:36:04:27:
         6b:87:10:55:b5:27:cb:b0:cb:c8:d6:a5:db:e4:18:a3:d0:b9:
         15:ca:81:88:21:27:ba:11:d9:32:59:e1:64:bc:63:94:2b:54:
         8c:04:10:da:a3:76:56:96:ff:50:5d:95:62:ad:86:43:9f:e8:
         15:e8:d9:7d:4b:60:42:b6:2b:d5:a8:1e:c8:b0:d5:4f:4a:c3:
         50:35:1f:f7:65:cd:0b:88:6d:f5:a2:f8:40:b1:d8:42:fa:33:
         5e:13:9d:41:f5:a0:15:0b:23:f8:95:91:ee:31:a7:0c:c1:a0:
         74:c4:88:3d:df:88:5c:6d:1b:58:18:e5:af:89:9c:d6:ed:1d:
         da:92:f7:18:b6:21:ab:4c:03:12:ca:42:4f:12:e6:83:35:79:
         60:a6:5f:b8
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUdSR4DtP+xDrP0ob7P3eXpeIDJqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjg5QkZBODREQzVBRkUwNTA3NkEwODAwQjk2MEZFQTIy
RkM5MEQwOTAeFw0yNDA4MDYxODU3NTZaFw0yNTA4MDUxOTAyNTZaMDMxMTAvBgNV
BAMTKEIyOTVDNDMxNUI3QjQzQkY5NjZGREZFOTlCMTk0QjYzN0IzRTZCRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE9gB84LfUxqr4h+4W2zBlibPW
ILag8gGGod0IGJhVJz+o44wPQA8tPESs3Gw3SiSDthZ1Zol+Y38npgev/0lQYIaz
w+ZmOB+WlYrWXj+vPRRdFpDVCIQ1QTGTxmLQhnQzoqaIByntMTw2hlrAZMqxvs1Q
TbBI6xugKMwDqjCtWqLL2xWQKiupihygfBIqdK/pkKJK10E/KQGDdz5wlsORo66r
KaoWk4xDw+p3eVStxmRVp277dhtYQVyNQsKmVo86mSlKrMRcFZVxeTzWctqg3TvW
WzyTnI7QYADQQl5BzMXU/bq+xHntdEO6RUoVF5glSrOVvUcS4cICddoFbDdtAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUspXEMVt7Q7+Wb9/pmxlLY3s+a+wwHwYDVR0j
BBgwFoAUuJv6hNxa/gUHaggAuWD+oi/JDQkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDkxYTQzYmMtNzZlYy00YWJlLWJhN2QtZTczZTkwZDY2
MmNiLzEvQjg5QkZBODREQzVBRkUwNTA3NkEwODAwQjk2MEZFQTIyRkM5MEQwOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC9CODlCRkE4NERDNUFGRTA1MDc2QTA4MDBC
OTYwRkVBMjJGQzkwRDA5LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS80OTFhNDNiYy03NmVjLTRhYmUtYmE3ZC1lNzNlOTBkNjYyY2IvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM4MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz
MTM1MzYzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKgpgRIAwDQYJKoZIhvcNAQELBQADggEBAENc
f0p5S7OEKxl3Fg31/xUtoz9lUWG2LRf3e6Drukvw8GDgcLLwErvdEOXapOOMkTRO
qWOVmsyWLrRp8Y4CJBqVWCl2Z8SdZmDASjUSccpC8svecUDLqprrKa83NYVkz6sX
HlH5pixsfDYEJ2uHEFW1J8uwy8jWpdvkGKPQuRXKgYghJ7oR2TJZ4WS8Y5QrVIwE
ENqjdlaW/1BdlWKthkOf6BXo2X1LYEK2K9WoHsiw1U9Kw1A1H/dlzQuIbfWi+ECx
2EL6M14TnUH1oBULI/iVke4xpwzBoHTEiD3fiFxtG1gY5a+JnNbtHdqS9xi2IatM
AxLKQk8S5oM1eWCmX7g=
-----END CERTIFICATE-----