Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031663a3a2f34382d3438203d3e20323136303433.roa
File:                     326130363a313238333a633031663a3a2f34382d3438203d3e20323136303433.roa (raw, json)
Hash identifier:          pv44xAxJkxxZII+iNVvfPHdYhW4Kg2i42uqcNrB2cDA=
Subject key identifier:   B0:D3:AE:1B:67:97:B2:30:29:23:06:18:C4:E2:5B:8A:D6:19:A6:99
Certificate issuer:       /CN=729896CB421DE8ED6A598D27F2F6491BCABB9F24
Certificate serial:       65DB6460F0B476FC7608F8BB3C03CDEA7F74B701
Authority key identifier: 72:98:96:CB:42:1D:E8:ED:6A:59:8D:27:F2:F6:49:1B:CA:BB:9F:24
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/729896CB421DE8ED6A598D27F2F6491BCABB9F24.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031663a3a2f34382d3438203d3e20323136303433.roa
Signing time:             Sun 28 Apr 2024 20:17:55 +0000
ROA not before:           Sun 28 Apr 2024 20:12:55 +0000
ROA not after:            Sun 27 Apr 2025 20:17:55 +0000
asID:                     216043
IP address blocks:        2a06:1283:c01f::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:db:64:60:f0:b4:76:fc:76:08:f8:bb:3c:03:cd:ea:7f:74:b7:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=729896CB421DE8ED6A598D27F2F6491BCABB9F24
        Validity
            Not Before: Apr 28 20:12:55 2024 GMT
            Not After : Apr 27 20:17:55 2025 GMT
        Subject: CN=B0D3AE1B6797B23029230618C4E25B8AD619A699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:71:4c:ef:87:42:fc:89:db:91:11:a3:21:07:
                    b7:c7:51:71:26:a1:a8:81:75:ef:40:70:14:db:72:
                    da:dd:7d:a7:c5:f3:c3:dd:9d:51:2c:fa:80:54:c9:
                    44:1d:99:38:d5:6e:5b:f0:b1:e0:64:c7:79:28:3f:
                    56:ef:28:a2:0e:67:5b:81:43:f3:53:58:be:90:38:
                    d9:11:44:74:7a:91:d6:cc:78:50:2b:4f:9d:62:39:
                    f6:8c:7e:6a:a9:3f:4b:d9:ac:d3:67:43:b8:38:46:
                    39:4d:90:fd:c0:95:d4:2b:43:f9:8d:20:ea:a8:74:
                    a9:e8:8f:d4:4d:57:2b:3c:63:02:b6:12:9b:ac:88:
                    44:e8:4b:89:e9:88:0e:cb:f1:05:f4:a1:80:77:20:
                    de:2f:a6:c2:85:ac:af:4f:a3:b1:b5:1b:2d:93:53:
                    c6:ce:1e:57:20:90:1e:78:f0:b1:66:67:80:48:27:
                    90:a8:5d:67:97:69:36:0a:5d:f5:d3:fe:70:7f:46:
                    45:ff:8b:c4:e2:78:c1:1a:4e:3d:d0:e2:28:6e:bf:
                    db:91:89:5a:c9:fb:48:ad:d7:4c:0c:b9:9d:94:bc:
                    22:74:0e:67:21:91:f7:7d:0a:29:13:35:dc:07:28:
                    7d:72:c3:66:90:24:37:05:81:d1:ed:68:c0:35:80:
                    f3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D3:AE:1B:67:97:B2:30:29:23:06:18:C4:E2:5B:8A:D6:19:A6:99
            X509v3 Authority Key Identifier:
                keyid:72:98:96:CB:42:1D:E8:ED:6A:59:8D:27:F2:F6:49:1B:CA:BB:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/729896CB421DE8ED6A598D27F2F6491BCABB9F24.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/729896CB421DE8ED6A598D27F2F6491BCABB9F24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/58833e98-6f21-4d30-8d83-140aca938d71/1/326130363a313238333a633031663a3a2f34382d3438203d3e20323136303433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:c01f::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:e8:90:30:b7:8e:19:89:54:e7:99:24:f8:6a:06:a0:50:e4:
         c9:77:7b:69:7c:1b:ae:61:7d:57:2a:ed:c8:c3:5c:25:18:55:
         4c:b2:8a:87:ac:3c:e7:88:05:97:75:21:ae:10:c3:f2:e8:58:
         b2:27:12:59:91:22:0c:c3:be:ce:00:de:31:66:a1:17:c7:6f:
         1f:86:a7:a1:a9:c6:94:96:0e:e0:95:d2:1d:d9:61:56:f9:4b:
         7e:4e:fe:92:24:d8:b4:55:64:6a:60:55:23:93:4f:48:af:34:
         b0:48:64:d7:57:e0:c2:ff:bf:f0:16:73:81:b7:26:36:09:50:
         d7:15:1c:c2:32:37:66:b3:51:20:e5:e3:5f:77:cd:6f:e6:aa:
         6d:b2:bc:b3:05:68:13:85:76:62:17:67:37:53:ef:7f:99:77:
         21:58:ec:1f:28:42:65:09:4b:81:62:12:d1:7e:93:bc:33:49:
         76:62:bf:b3:3b:d9:34:aa:41:35:e4:16:fd:3a:3b:56:11:c9:
         37:24:5e:45:d8:d1:40:d3:c8:25:8e:49:c3:ac:82:b3:d0:22:
         1c:a5:85:f6:92:7c:02:d3:b8:1c:4f:65:21:4c:6d:b8:22:2b:
         73:a2:a4:e2:7f:69:31:7c:e9:84:11:5d:93:98:c4:26:34:87:
         79:c2:2c:dc
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUZdtkYPC0dvx2CPi7PAPN6n90twEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJD
QUJCOUYyNDAeFw0yNDA0MjgyMDEyNTVaFw0yNTA0MjcyMDE3NTVaMDMxMTAvBgNV
BAMTKEIwRDNBRTFCNjc5N0IyMzAyOTIzMDYxOEM0RTI1QjhBRDYxOUE2OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGcUzvh0L8iduREaMhB7fHUXEm
oaiBde9AcBTbctrdfafF88PdnVEs+oBUyUQdmTjVblvwseBkx3koP1bvKKIOZ1uB
Q/NTWL6QONkRRHR6kdbMeFArT51iOfaMfmqpP0vZrNNnQ7g4RjlNkP3AldQrQ/mN
IOqodKnoj9RNVys8YwK2EpusiEToS4npiA7L8QX0oYB3IN4vpsKFrK9Po7G1Gy2T
U8bOHlcgkB548LFmZ4BIJ5CoXWeXaTYKXfXT/nB/RkX/i8TieMEaTj3Q4ihuv9uR
iVrJ+0it10wMuZ2UvCJ0Dmchkfd9CikTNdwHKH1yw2aQJDcFgdHtaMA1gPPvAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUsNOuG2eXsjApIwYYxOJbitYZppkwHwYDVR0j
BBgwFoAUcpiWy0Id6O1qWY0n8vZJG8q7nyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTg4MzNlOTgtNmYyMS00ZDMwLThkODMtMTQwYWNhOTM4
ZDcxLzEvNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJDQUJCOUYyNC5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNzI5ODk2Q0I0MjFERThFRDZBNTk4RDI3RjJGNjQ5MUJDQUJC
OUYyNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTg4MzNlOTgt
NmYyMS00ZDMwLThkODMtMTQwYWNhOTM4ZDcxLzEvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MzMwMzE2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMwMzQzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoGEoPAHzANBgkqhkiG9w0BAQsFAAOCAQEAWeiQMLeOGYlU55kk
+GoGoFDkyXd7aXwbrmF9VyrtyMNcJRhVTLKKh6w854gFl3UhrhDD8uhYsicSWZEi
DMO+zgDeMWahF8dvH4anoanGlJYO4JXSHdlhVvlLfk7+kiTYtFVkamBVI5NPSK80
sEhk11fgwv+/8BZzgbcmNglQ1xUcwjI3ZrNRIOXjX3fNb+aqbbK8swVoE4V2Yhdn
N1Pvf5l3IVjsHyhCZQlLgWIS0X6TvDNJdmK/szvZNKpBNeQW/To7VhHJNyReRdjR
QNPIJY5Jw6yCs9AiHKWF9pJ8AtO4HE9lIUxtuCIrc6Kk4n9pMXzphBFdk5jEJjSH
ecIs3A==
-----END CERTIFICATE-----