Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031643a3a2f34382d3438203d3e20323136303433.roa
File:                     326130363a313238333a633031643a3a2f34382d3438203d3e20323136303433.roa (raw, json)
Hash identifier:          VEdAULisNTAYDP9V/xW18GHNBXqrqGxyUEsTiIEvFLI=
Subject key identifier:   DC:13:F6:D9:F9:BC:35:93:B4:01:9F:DB:C1:1E:6B:A5:9C:BF:E0:EF
Certificate issuer:       /CN=729896CB421DE8ED6A598D27F2F6491BCABB9F24
Certificate serial:       2B89DE51A2B68799170E682109D2F1F3712038B9
Authority key identifier: 72:98:96:CB:42:1D:E8:ED:6A:59:8D:27:F2:F6:49:1B:CA:BB:9F:24
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/729896CB421DE8ED6A598D27F2F6491BCABB9F24.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031643a3a2f34382d3438203d3e20323136303433.roa
Signing time:             Sun 28 Apr 2024 20:17:11 +0000
ROA not before:           Sun 28 Apr 2024 20:12:11 +0000
ROA not after:            Sun 27 Apr 2025 20:17:11 +0000
asID:                     216043
IP address blocks:        2a06:1283:c01d::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:89:de:51:a2:b6:87:99:17:0e:68:21:09:d2:f1:f3:71:20:38:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=729896CB421DE8ED6A598D27F2F6491BCABB9F24
        Validity
            Not Before: Apr 28 20:12:11 2024 GMT
            Not After : Apr 27 20:17:11 2025 GMT
        Subject: CN=DC13F6D9F9BC3593B4019FDBC11E6BA59CBFE0EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:35:27:d4:90:cc:f7:66:2c:fa:a7:d4:3f:99:
                    d9:8a:98:03:9a:f4:75:9d:e5:b4:6c:f5:ec:33:ac:
                    ab:e1:79:33:85:cc:d6:4e:95:76:bd:fe:fc:03:b4:
                    7b:a6:fc:82:f7:2b:39:69:83:2d:40:fd:32:46:c0:
                    fc:74:cb:19:3c:8c:47:f2:00:83:06:a2:30:ef:04:
                    a8:60:13:28:76:49:01:0e:12:fc:0e:b4:b8:f3:b4:
                    a3:0e:24:d8:08:2d:04:c2:55:40:52:e1:58:57:df:
                    80:54:ed:02:6d:ce:0a:00:3b:84:92:48:d9:03:12:
                    e1:b4:37:1b:fe:70:c5:5f:e3:5b:a5:3e:73:c1:e7:
                    ae:3a:53:d3:15:ff:da:bf:04:48:53:03:17:5c:31:
                    02:f6:be:18:2e:25:0d:df:34:4b:2a:34:d1:71:73:
                    f6:f7:4a:91:b9:7b:a0:8e:70:f1:1a:6e:65:8e:cd:
                    79:42:e4:f4:f6:4f:8f:d8:53:ae:cb:8a:aa:72:54:
                    22:7c:7b:4b:c4:48:bb:04:7e:1b:e0:bf:3e:fc:85:
                    12:27:48:53:43:c1:57:45:96:da:53:50:80:dd:1b:
                    2c:3b:d1:99:df:70:7a:71:d4:12:e0:06:cc:b5:39:
                    51:c6:d0:06:93:3b:5f:e2:b0:ba:d2:16:62:60:36:
                    b2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:13:F6:D9:F9:BC:35:93:B4:01:9F:DB:C1:1E:6B:A5:9C:BF:E0:EF
            X509v3 Authority Key Identifier:
                keyid:72:98:96:CB:42:1D:E8:ED:6A:59:8D:27:F2:F6:49:1B:CA:BB:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/729896CB421DE8ED6A598D27F2F6491BCABB9F24.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/729896CB421DE8ED6A598D27F2F6491BCABB9F24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031643a3a2f34382d3438203d3e20323136303433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:c01d::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:dd:4e:78:a4:ba:cb:f5:b6:0c:e2:a2:36:78:f6:f4:e7:e4:
         5b:37:f3:da:45:c9:0a:6a:10:d6:5f:25:70:84:aa:9c:79:f7:
         4e:e8:72:c1:65:16:f4:01:39:c2:63:31:89:6a:bc:e0:0e:e1:
         2d:78:84:27:71:7d:86:57:d0:f7:bb:ca:cc:fa:6d:6c:f4:bb:
         cc:4f:80:91:46:7e:8a:e7:44:d2:69:3f:d5:40:2e:1c:1b:91:
         22:cc:90:a8:ca:26:f9:0b:f5:b9:e4:8b:37:77:7c:5f:2b:5d:
         7b:b2:32:70:c9:bd:af:6e:62:7d:d4:0d:81:20:5f:18:20:a6:
         80:75:46:58:04:e4:6b:19:3a:b2:5f:f7:b6:9d:96:77:9b:d2:
         23:21:9a:24:f0:29:f1:76:46:fa:c6:c5:ae:7c:5b:87:11:7a:
         b4:4c:74:ba:c0:a3:99:4a:51:2b:65:e2:9c:69:4e:29:0c:b1:
         3f:e8:bf:69:b2:c8:3a:ed:09:fc:91:27:f3:bb:2f:c7:40:d3:
         b3:86:00:e3:b5:af:01:cf:f7:05:71:1f:4a:6d:cb:d3:15:0f:
         ce:77:f7:da:80:46:64:0d:47:c5:c8:3a:57:08:8e:d9:d6:4f:
         8f:0b:35:ce:63:76:45:64:56:3a:a7:81:ec:22:f3:cf:15:91:
         e8:b9:c2:71
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUK4neUaK2h5kXDmghCdLx83EgOLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJD
QUJCOUYyNDAeFw0yNDA0MjgyMDEyMTFaFw0yNTA0MjcyMDE3MTFaMDMxMTAvBgNV
BAMTKERDMTNGNkQ5RjlCQzM1OTNCNDAxOUZEQkMxMUU2QkE1OUNCRkUwRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxNSfUkMz3Ziz6p9Q/mdmKmAOa
9HWd5bRs9ewzrKvheTOFzNZOlXa9/vwDtHum/IL3Kzlpgy1A/TJGwPx0yxk8jEfy
AIMGojDvBKhgEyh2SQEOEvwOtLjztKMOJNgILQTCVUBS4VhX34BU7QJtzgoAO4SS
SNkDEuG0Nxv+cMVf41ulPnPB5646U9MV/9q/BEhTAxdcMQL2vhguJQ3fNEsqNNFx
c/b3SpG5e6COcPEabmWOzXlC5PT2T4/YU67LiqpyVCJ8e0vESLsEfhvgvz78hRIn
SFNDwVdFltpTUIDdGyw70ZnfcHpx1BLgBsy1OVHG0AaTO1/isLrSFmJgNrJlAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU3BP22fm8NZO0AZ/bwR5rpZy/4O8wHwYDVR0j
BBgwFoAUcpiWy0Id6O1qWY0n8vZJG8q7nyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTg4MzNlOTgtNmYyMS00ZDMwLThkODMtMTQwYWNhOTM4
ZDcxLzEvNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJDQUJCOUYyNC5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJDQUJC
OUYyNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTg4MzNlOTgt
NmYyMS00ZDMwLThkODMtMTQwYWNhOTM4ZDcxLzEvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MzMwMzE2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMwMzQzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoGEoPAHTANBgkqhkiG9w0BAQsFAAOCAQEABN1OeKS6y/W2DOKi
Nnj29OfkWzfz2kXJCmoQ1l8lcISqnHn3TuhywWUW9AE5wmMxiWq84A7hLXiEJ3F9
hlfQ97vKzPptbPS7zE+AkUZ+iudE0mk/1UAuHBuRIsyQqMom+Qv1ueSLN3d8Xytd
e7IycMm9r25ifdQNgSBfGCCmgHVGWATkaxk6sl/3tp2Wd5vSIyGaJPAp8XZG+sbF
rnxbhxF6tEx0usCjmUpRK2XinGlOKQyxP+i/abLIOu0J/JEn87svx0DTs4YA47Wv
Ac/3BXEfSm3L0xUPznf32oBGZA1Hxcg6VwiO2dZPjws1zmN2RWRWOqeB7CLzzxWR
6LnCcQ==
-----END CERTIFICATE-----
Generated at Sun Sep 15 17:46:40 2024 by rpki-client on console-ams.rpki-client.org