Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa
File:                     326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa (raw, json)
Hash identifier:          Ba5xfWqOndYVE5HvV9FAMJv5ExmemcLNBu1Yv2cHUgw=
Subject key identifier:   E7:C7:E1:D6:50:B1:92:7C:E7:B3:68:51:F0:0E:05:33:6C:AC:08:EE
Certificate issuer:       /CN=A816FDA8ADEC8085A8A348E698709DE583B219B5
Certificate serial:       43FA521808B745B874F487B18A2402E56D33383B
Authority key identifier: A8:16:FD:A8:AD:EC:80:85:A8:A3:48:E6:98:70:9D:E5:83:B2:19:B5
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa
Signing time:             Mon 06 Jan 2025 13:20:32 +0000
ROA not before:           Mon 06 Jan 2025 13:15:32 +0000
ROA not after:            Mon 05 Jan 2026 13:20:32 +0000
asID:                     215577
IP address blocks:        2a07:54c7:5f00::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:fa:52:18:08:b7:45:b8:74:f4:87:b1:8a:24:02:e5:6d:33:38:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A816FDA8ADEC8085A8A348E698709DE583B219B5
        Validity
            Not Before: Jan  6 13:15:32 2025 GMT
            Not After : Jan  5 13:20:32 2026 GMT
        Subject: CN=E7C7E1D650B1927CE7B36851F00E05336CAC08EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:48:d6:9a:bf:e4:e6:78:57:48:80:1e:b8:12:
                    a8:e7:6f:62:b6:6c:f2:4f:0e:ec:00:b3:aa:a2:0e:
                    fc:f6:0a:b0:3f:91:eb:0f:a0:d7:3b:f5:91:a8:7a:
                    32:2c:9f:24:a9:a8:db:ae:8c:5f:3b:99:71:a9:bc:
                    42:51:39:cc:2c:e0:15:58:96:9e:46:19:6c:84:ea:
                    b3:0b:01:b9:7a:6d:91:89:40:f5:27:56:2d:61:b4:
                    26:48:6a:4d:cf:06:8c:84:10:5e:e8:d4:72:19:88:
                    03:7b:80:b2:14:7f:db:2a:fd:ff:c5:3f:51:d1:61:
                    67:91:a7:33:05:f6:65:c5:0e:84:66:53:1c:b0:fe:
                    ca:b9:70:55:9a:04:7f:fb:5a:2b:9b:03:b6:c1:0b:
                    04:14:ee:5d:31:51:13:ee:cb:fd:ca:bd:1f:19:a2:
                    49:bb:99:7d:b6:27:08:b3:0d:8e:3d:20:f5:1f:f1:
                    25:d3:65:c0:c1:2b:cb:cd:bc:32:32:4c:7a:08:f0:
                    0b:83:9a:c0:67:87:a2:ad:08:88:f3:12:51:ac:53:
                    6f:cc:38:e4:1d:ea:70:39:82:81:23:20:a2:6b:7d:
                    1a:d1:67:77:0a:47:ea:d1:bc:6a:4d:d0:d4:70:30:
                    ba:5c:38:c6:b8:c9:cf:07:28:65:4d:da:68:5f:de:
                    95:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:C7:E1:D6:50:B1:92:7C:E7:B3:68:51:F0:0E:05:33:6C:AC:08:EE
            X509v3 Authority Key Identifier:
                keyid:A8:16:FD:A8:AD:EC:80:85:A8:A3:48:E6:98:70:9D:E5:83:B2:19:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:5f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         78:d2:da:4f:a6:ff:cd:93:8b:8f:1b:f1:bd:ca:8e:70:27:82:
         41:3a:c6:d4:ca:98:f9:65:80:d4:72:e7:f8:76:9e:34:49:d5:
         f7:00:16:61:99:23:a3:2b:fb:33:0c:3c:bc:06:6d:c7:81:99:
         04:e1:d9:08:4b:7e:49:27:ca:20:2a:09:99:c9:d3:d1:b8:19:
         11:7e:64:18:27:2c:dd:b3:e9:2c:f5:e5:2d:6c:bd:fe:00:eb:
         61:da:e5:90:48:f7:cf:a1:0e:e1:e6:6c:6c:04:84:80:d2:f9:
         fb:e9:e7:1c:d5:c3:bb:bc:81:c7:84:39:9b:fe:75:93:d3:7c:
         b6:9e:bf:15:cd:c6:35:31:2d:a3:33:a6:31:a9:d2:33:42:ee:
         83:e0:a0:cc:9b:67:a4:22:1a:80:62:66:61:bb:e2:8f:af:63:
         f7:91:af:c6:d1:49:be:34:0d:b6:43:7d:30:a6:a9:04:2d:88:
         66:ea:8a:31:a6:4e:38:d8:87:43:fd:a4:8c:70:0e:ee:c0:10:
         fb:e3:bc:c0:a5:f5:99:e6:76:5b:25:4d:5a:45:fa:a2:7a:14:
         72:71:ac:12:99:87:7e:a9:45:39:64:a9:27:2f:31:87:f0:79:
         72:15:26:29:4e:87:03:59:e8:82:59:ff:0e:c3:ab:98:8d:14:
         2e:d3:18:8c
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUQ/pSGAi3Rbh09IexiiQC5W0zODswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTgxNkZEQThBREVDODA4NUE4QTM0OEU2OTg3MDlERTU4
M0IyMTlCNTAeFw0yNTAxMDYxMzE1MzJaFw0yNjAxMDUxMzIwMzJaMDMxMTAvBgNV
BAMTKEU3QzdFMUQ2NTBCMTkyN0NFN0IzNjg1MUYwMEUwNTMzNkNBQzA4RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJSNaav+TmeFdIgB64Eqjnb2K2
bPJPDuwAs6qiDvz2CrA/kesPoNc79ZGoejIsnySpqNuujF87mXGpvEJROcws4BVY
lp5GGWyE6rMLAbl6bZGJQPUnVi1htCZIak3PBoyEEF7o1HIZiAN7gLIUf9sq/f/F
P1HRYWeRpzMF9mXFDoRmUxyw/sq5cFWaBH/7WiubA7bBCwQU7l0xURPuy/3KvR8Z
okm7mX22JwizDY49IPUf8SXTZcDBK8vNvDIyTHoI8AuDmsBnh6KtCIjzElGsU2/M
OOQd6nA5goEjIKJrfRrRZ3cKR+rRvGpN0NRwMLpcOMa4yc8HKGVN2mhf3pXZAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU58fh1lCxknzns2hR8A4FM2ysCO4wHwYDVR0j
BBgwFoAUqBb9qK3sgIWoo0jmmHCd5YOyGbUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTgyMWM0N2UtZTgxNS00MmRlLWJkNmItMTlhMmUxYWU1
NjRhLzAvQTgxNkZEQThBREVDODA4NUE4QTM0OEU2OTg3MDlERTU4M0IyMTlCNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9BODE2RkRBOEFERUM4MDg1QThBMzQ4RTY5
ODcwOURFNTgzQjIxOUI1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS81ODIxYzQ3ZS1lODE1LTQyZGUtYmQ2Yi0xOWEyZTFhZTU2NGEvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM1NjYzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz
MTM1MzUzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdUx18wDQYJKoZIhvcNAQELBQADggEBAHjS
2k+m/82Ti48b8b3KjnAngkE6xtTKmPllgNRy5/h2njRJ1fcAFmGZI6Mr+zMMPLwG
bceBmQTh2QhLfkknyiAqCZnJ09G4GRF+ZBgnLN2z6Sz15S1svf4A62Ha5ZBI98+h
DuHmbGwEhIDS+fvp5xzVw7u8gceEOZv+dZPTfLaevxXNxjUxLaMzpjGp0jNC7oPg
oMybZ6QiGoBiZmG74o+vY/eRr8bRSb40DbZDfTCmqQQtiGbqijGmTjjYh0P9pIxw
Du7AEPvjvMCl9ZnmdlslTVpF+qJ6FHJxrBKZh36pRTlkqScvMYfweXIVJilOhwNZ
6IJZ/w7Dq5iNFC7TGIw=
-----END CERTIFICATE-----