Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666530303a3a2f34302d3430203d3e20323130353631.roa
File:                     326131313a663263303a666530303a3a2f34302d3430203d3e20323130353631.roa (raw, json)
Hash identifier:          zlde9Ne4avtEwrpfPqI2HjRkIa3sNRFl3/Lr5vExNok=
Subject key identifier:   8C:9C:03:7C:F2:61:B6:77:48:14:89:42:D5:C7:8D:34:21:87:20:82
Certificate issuer:       /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial:       1F9BEDE69CEF37C0C90293B1140D0A07334CB5CF
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666530303a3a2f34302d3430203d3e20323130353631.roa
Signing time:             Wed 08 Nov 2023 14:49:53 +0000
ROA not before:           Wed 08 Nov 2023 14:44:53 +0000
ROA not after:            Wed 06 Nov 2024 14:49:53 +0000
asID:                     210561
IP address blocks:        2a11:f2c0:fe00::/40 maxlen: 40

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:9b:ed:e6:9c:ef:37:c0:c9:02:93:b1:14:0d:0a:07:33:4c:b5:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
        Validity
            Not Before: Nov  8 14:44:53 2023 GMT
            Not After : Nov  6 14:49:53 2024 GMT
        Subject: CN=8C9C037CF261B67748148942D5C78D3421872082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:71:d3:22:92:29:00:6a:7c:42:10:57:1a:f6:
                    41:5b:bc:95:0e:63:2c:bd:be:13:7e:69:c6:22:3d:
                    62:43:6a:67:09:a7:a1:fa:e5:7e:66:d6:05:e9:60:
                    03:49:7a:41:6a:e2:56:8d:73:5a:2c:e4:10:97:e1:
                    23:21:2c:a0:ae:68:9c:37:a6:d0:3c:21:fe:61:a6:
                    29:e0:33:bf:f8:ca:e6:8e:36:23:45:c7:2f:f2:ee:
                    24:a9:92:34:2b:4f:c2:93:39:21:ef:54:a9:f8:00:
                    f6:7c:3b:0a:78:7e:52:6c:b3:b0:d4:1d:03:57:18:
                    56:ef:b1:e0:d1:e5:a0:49:28:56:f5:4a:a8:a8:1b:
                    b5:3f:29:db:9e:75:76:2d:96:6b:99:91:a1:b9:15:
                    09:ac:98:d2:27:7d:3e:50:21:dd:f9:1f:8d:0c:0f:
                    e0:f7:cf:7d:b2:a3:04:3b:b0:80:93:6c:51:fa:a5:
                    07:94:6a:c3:1d:6f:ec:d6:28:db:1b:e5:5b:66:d9:
                    02:7a:a6:00:42:85:71:b4:22:c7:83:c5:6c:4e:3e:
                    7f:4b:79:b0:d9:02:11:f4:35:4f:45:f9:32:48:ae:
                    10:fa:59:27:de:cd:4f:c3:9a:f9:ff:dd:5b:9a:c7:
                    c4:04:4a:5b:dd:2f:16:c0:20:e4:95:f4:40:63:23:
                    53:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:9C:03:7C:F2:61:B6:77:48:14:89:42:D5:C7:8D:34:21:87:20:82
            X509v3 Authority Key Identifier:
                keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666530303a3a2f34302d3430203d3e20323130353631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f2c0:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         cd:f2:4f:ec:af:5d:32:fb:52:80:60:15:e7:9f:8e:2c:30:0e:
         87:53:da:63:52:e8:b0:16:93:cb:d3:1e:13:ed:d2:d6:b8:f0:
         35:54:3e:50:b8:c8:2e:c0:e7:e0:72:0f:88:59:27:11:9f:b9:
         fe:28:9d:85:46:d2:e5:ed:45:5e:4e:08:5b:8c:7b:fe:bb:6f:
         37:6e:2b:ed:d7:41:26:c6:2d:85:b5:ff:a1:3e:fb:d9:3d:2c:
         82:1f:da:56:63:96:3b:0f:06:97:1f:60:e6:46:3c:79:a8:cb:
         99:36:52:c4:5d:95:42:85:20:19:13:18:fb:70:40:c8:7d:e4:
         db:6a:af:19:9b:61:e7:00:1a:78:46:e8:e3:fb:da:f9:73:8a:
         76:b1:ed:6a:02:4d:38:7c:80:0c:81:95:b1:68:b3:34:0d:24:
         7e:ec:89:bc:73:ba:96:79:64:6d:0d:15:aa:45:0b:93:f5:c6:
         4d:93:5c:c4:95:84:68:0f:50:cb:b1:ae:a8:aa:71:53:b8:27:
         d1:52:18:26:5d:78:58:0d:a5:61:d3:0c:e9:81:94:b3:7b:a4:
         15:a6:0b:00:0b:d4:cb:e7:aa:12:24:ee:04:3a:9c:48:fb:b9:
         17:ed:68:cc:8f:0c:ed:b2:ee:cc:11:f1:af:77:c0:c0:38:31:
         9f:04:8f:e2
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUH5vt5pzvN8DJApOxFA0KBzNMtc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ0NTNaFw0yNDExMDYxNDQ5NTNaMDMxMTAvBgNV
BAMTKDhDOUMwMzdDRjI2MUI2Nzc0ODE0ODk0MkQ1Qzc4RDM0MjE4NzIwODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmcdMikikAanxCEFca9kFbvJUO
Yyy9vhN+acYiPWJDamcJp6H65X5m1gXpYANJekFq4laNc1os5BCX4SMhLKCuaJw3
ptA8If5hpingM7/4yuaONiNFxy/y7iSpkjQrT8KTOSHvVKn4APZ8Owp4flJss7DU
HQNXGFbvseDR5aBJKFb1SqioG7U/KduedXYtlmuZkaG5FQmsmNInfT5QId35H40M
D+D3z32yowQ7sICTbFH6pQeUasMdb+zWKNsb5Vtm2QJ6pgBChXG0IseDxWxOPn9L
ebDZAhH0NU9F+TJIrhD6WSfezU/Dmvn/3Vuax8QESlvdLxbAIOSV9EBjI1OjAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUjJwDfPJhtndIFIlC1ceNNCGHIIIwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY1MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzMDM1MzYzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoR8sD+MA0GCSqGSIb3DQEBCwUAA4IBAQDN8k/sr10y+1KAYBXn
n44sMA6HU9pjUuiwFpPL0x4T7dLWuPA1VD5QuMguwOfgcg+IWScRn7n+KJ2FRtLl
7UVeTghbjHv+u283bivt10Emxi2Ftf+hPvvZPSyCH9pWY5Y7DwaXH2DmRjx5qMuZ
NlLEXZVChSAZExj7cEDIfeTbaq8Zm2HnABp4Rujj+9r5c4p2se1qAk04fIAMgZWx
aLM0DSR+7Im8c7qWeWRtDRWqRQuT9cZNk1zElYRoD1DLsa6oqnFTuCfRUhgmXXhY
DaVh0wzpgZSze6QVpgsAC9TL56oSJO4EOpxI+7kX7WjMjwztsu7MEfGvd8DAODGf
BI/i
-----END CERTIFICATE-----
Generated at Sun Jun 30 17:34:14 2024 by rpki-client on console-fra.rpki-client.org