Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/0/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa
File:                     326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa (raw, json)
Hash identifier:          V3YELr4eWbwARwB8uGMwjB/Zhh7aFve/bQLanheB4n4=
Subject key identifier:   EB:25:71:07:8F:CB:DA:79:5A:CE:35:DF:AB:B6:98:C2:0D:73:BE:68
Certificate issuer:       /CN=7B8B788E11038E988A479693F5D7C2EA216BCD76
Certificate serial:       3DB30852AB5EF8F12A0138189229C3E87CF22ABE
Authority key identifier: 7B:8B:78:8E:11:03:8E:98:8A:47:96:93:F5:D7:C2:EA:21:6B:CD:76
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/7B8B788E11038E988A479693F5D7C2EA216BCD76.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/0/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa
Signing time:             Fri 17 May 2024 17:54:35 +0000
ROA not before:           Fri 17 May 2024 17:49:35 +0000
ROA not after:            Fri 16 May 2025 17:54:35 +0000
asID:                     215747
IP address blocks:        2a14:1ec7:fe00::/44 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:b3:08:52:ab:5e:f8:f1:2a:01:38:18:92:29:c3:e8:7c:f2:2a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7B8B788E11038E988A479693F5D7C2EA216BCD76
        Validity
            Not Before: May 17 17:49:35 2024 GMT
            Not After : May 16 17:54:35 2025 GMT
        Subject: CN=EB2571078FCBDA795ACE35DFABB698C20D73BE68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:33:95:b0:e5:03:de:16:23:13:22:25:0c:3e:
                    db:95:ac:e7:0f:ec:9f:b8:6f:12:bc:42:8e:1d:f6:
                    ef:c9:ae:e3:7e:c3:12:4d:10:5a:8e:4a:30:b7:cb:
                    df:02:08:67:51:4d:86:48:ba:fc:73:06:ac:7c:2c:
                    2b:74:aa:75:da:29:cf:3d:25:19:42:fd:11:3a:f2:
                    07:7d:22:76:e6:b3:ea:ac:15:ed:c0:c9:d1:4b:f0:
                    82:79:ae:ff:c1:0f:e8:a4:10:f4:92:75:9b:ca:c0:
                    27:0a:ee:1b:a2:f6:63:16:51:7a:43:a3:5f:9a:d9:
                    28:33:a2:06:41:7b:53:23:04:bd:ae:14:30:78:e6:
                    a9:69:97:8e:72:f7:73:05:c3:89:be:2a:28:2c:d1:
                    59:b2:40:90:d3:52:57:93:d5:e8:86:93:c1:0b:dd:
                    93:f7:0a:26:09:78:f2:97:80:1c:fc:0a:92:13:a5:
                    71:77:3c:e0:6c:cc:2b:c1:d4:92:8f:9c:24:60:aa:
                    54:2e:0e:0e:9b:5b:3b:44:5b:3a:5a:f8:a2:e2:a6:
                    ef:4f:0d:8f:e4:a9:38:3f:31:f7:8c:3c:11:c8:79:
                    01:91:fb:5b:7c:c4:ee:da:e3:57:df:fb:09:b8:e9:
                    7e:57:18:c6:f6:65:b8:bc:2a:15:3b:20:cd:3c:10:
                    81:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:25:71:07:8F:CB:DA:79:5A:CE:35:DF:AB:B6:98:C2:0D:73:BE:68
            X509v3 Authority Key Identifier:
                keyid:7B:8B:78:8E:11:03:8E:98:8A:47:96:93:F5:D7:C2:EA:21:6B:CD:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/0/7B8B788E11038E988A479693F5D7C2EA216BCD76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/7B8B788E11038E988A479693F5D7C2EA216BCD76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/0/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:1ec7:fe00::/44

    Signature Algorithm: sha256WithRSAEncryption
         29:46:90:a7:33:7b:7c:22:7c:82:18:4b:fc:a4:19:ed:68:0a:
         6f:b4:af:46:b6:f2:d7:d0:a7:64:64:25:d9:fe:53:3d:7c:13:
         9d:a8:a3:37:24:81:42:d5:c2:c4:69:41:c4:e9:f6:d6:95:f3:
         c6:7c:e7:73:05:f3:4b:73:3d:6b:ff:1b:d4:67:99:46:ff:bc:
         aa:14:4d:3a:b5:b0:e6:64:a4:02:43:63:4d:0a:4f:56:02:59:
         c8:1e:3f:17:72:8b:0c:cd:d1:13:b0:da:3d:2f:5f:ea:fb:cd:
         52:b9:84:97:aa:d0:78:82:f4:f6:61:5f:d6:52:ed:78:20:7d:
         7c:83:25:dd:6e:52:b6:ff:f7:45:2d:e9:0a:e2:ea:45:ff:20:
         46:da:2c:a5:ad:42:99:43:b4:b2:65:49:8c:0e:1c:b1:3d:24:
         4c:34:ae:b6:b6:e2:b3:ca:48:0c:5e:54:89:b6:be:18:a7:03:
         42:78:5b:75:44:3b:0c:82:5f:e6:b3:16:f2:8c:e8:a9:aa:21:
         6a:95:27:7b:bb:90:05:53:62:9d:91:30:7e:ff:2f:3f:04:ed:
         c1:72:29:6b:37:73:02:0d:c9:47:5e:a5:87:8c:87:8b:79:b2:
         d0:30:da:25:4c:eb:31:0f:3b:48:58:3c:74:19:c8:a2:0a:47:
         70:50:86:b8
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUPbMIUqte+PEqATgYkinD6HzyKr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0I4Qjc4OEUxMTAzOEU5ODhBNDc5NjkzRjVEN0MyRUEy
MTZCQ0Q3NjAeFw0yNDA1MTcxNzQ5MzVaFw0yNTA1MTYxNzU0MzVaMDMxMTAvBgNV
BAMTKEVCMjU3MTA3OEZDQkRBNzk1QUNFMzVERkFCQjY5OEMyMEQ3M0JFNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVM5Ww5QPeFiMTIiUMPtuVrOcP
7J+4bxK8Qo4d9u/JruN+wxJNEFqOSjC3y98CCGdRTYZIuvxzBqx8LCt0qnXaKc89
JRlC/RE68gd9Inbms+qsFe3AydFL8IJ5rv/BD+ikEPSSdZvKwCcK7hui9mMWUXpD
o1+a2SgzogZBe1MjBL2uFDB45qlpl45y93MFw4m+Kigs0VmyQJDTUleT1eiGk8EL
3ZP3CiYJePKXgBz8CpITpXF3POBszCvB1JKPnCRgqlQuDg6bWztEWzpa+KLipu9P
DY/kqTg/MfeMPBHIeQGR+1t8xO7a41ff+wm46X5XGMb2Zbi8KhU7IM08EIHfAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU6yVxB4/L2nlazjXfq7aYwg1zvmgwHwYDVR0j
BBgwFoAUe4t4jhEDjpiKR5aT9dfC6iFrzXYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTg4MzNlOTgtNmYyMS00ZDMwLThkODMtMTQwYWNhOTM4
ZDcxLzAvN0I4Qjc4OEUxMTAzOEU5ODhBNDc5NjkzRjVEN0MyRUEyMTZCQ0Q3Ni5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC83QjhCNzg4RTExMDM4RTk4OEE0Nzk2OTNG
NUQ3QzJFQTIxNkJDRDc2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS81ODgzM2U5OC02ZjIxLTRkMzAtOGQ4My0xNDBhY2E5MzhkNzEvMC8zMjYxMzEz
NDNhMzE2NTYzMzczYTY2NjUzMDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MTM1MzczNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhQex/4AMA0GCSqGSIb3DQEBCwUAA4IBAQAp
RpCnM3t8InyCGEv8pBntaApvtK9GtvLX0KdkZCXZ/lM9fBOdqKM3JIFC1cLEaUHE
6fbWlfPGfOdzBfNLcz1r/xvUZ5lG/7yqFE06tbDmZKQCQ2NNCk9WAlnIHj8XcosM
zdETsNo9L1/q+81SuYSXqtB4gvT2YV/WUu14IH18gyXdblK2//dFLekK4upF/yBG
2iylrUKZQ7SyZUmMDhyxPSRMNK62tuKzykgMXlSJtr4YpwNCeFt1RDsMgl/msxby
jOipqiFqlSd7u5AFU2KdkTB+/y8/BO3BcilrN3MCDclHXqWHjIeLebLQMNolTOsx
DztIWDx0GciiCkdwUIa4
-----END CERTIFICATE-----