Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666393a3a2f34382d3438203d3e20323034373235.roa
File:                     326131313a663263303a666666393a3a2f34382d3438203d3e20323034373235.roa (raw, json)
Hash identifier:          Gt0oGb7nF3rXiz36LXQtJJrWGgJV/BgJAhXM+BfDmvc=
Subject key identifier:   32:77:B2:48:54:E6:D7:7A:FB:E1:57:B5:42:64:43:78:D6:01:95:68
Certificate issuer:       /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial:       0F974F75AD8411CBAE66A5744517B34E07FFFB6F
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666393a3a2f34382d3438203d3e20323034373235.roa
Signing time:             Wed 08 Nov 2023 14:49:39 +0000
ROA not before:           Wed 08 Nov 2023 14:44:39 +0000
ROA not after:            Wed 06 Nov 2024 14:49:39 +0000
asID:                     204725
IP address blocks:        2a11:f2c0:fff9::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:97:4f:75:ad:84:11:cb:ae:66:a5:74:45:17:b3:4e:07:ff:fb:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
        Validity
            Not Before: Nov  8 14:44:39 2023 GMT
            Not After : Nov  6 14:49:39 2024 GMT
        Subject: CN=3277B24854E6D77AFBE157B542644378D6019568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e3:45:8c:9b:b7:fa:6c:99:8f:de:4f:b5:22:
                    5f:62:36:4e:57:6e:7e:eb:6d:d4:9e:b8:00:bd:6b:
                    d6:55:15:8a:44:e1:b8:31:50:0f:9b:18:05:14:08:
                    ac:6d:c3:ba:d7:6f:3b:5d:61:1a:5e:06:ff:2b:7d:
                    0b:f5:65:08:6e:85:df:fb:01:b9:18:2b:af:9a:0d:
                    4c:16:f1:fc:72:63:84:4c:b2:a5:66:e5:f4:40:12:
                    51:e1:97:cb:6f:36:a7:c4:83:b2:7c:fc:d7:33:d9:
                    f8:3a:86:89:f5:4c:47:41:3d:fa:4e:a9:13:46:52:
                    36:f8:1f:0b:e3:27:6c:eb:ea:d2:13:27:28:34:1b:
                    6a:e7:f7:1a:55:dd:e9:e7:92:05:7e:3e:6d:c8:57:
                    d1:58:4c:00:44:0d:3a:4f:28:d5:02:20:97:08:15:
                    97:dd:8a:d9:5c:47:19:f4:93:e0:43:52:60:6e:2f:
                    1e:c3:69:e5:8e:3f:70:78:17:b4:8f:ce:8d:c9:87:
                    5b:bc:f1:7b:7e:69:fd:b2:f4:21:25:43:3e:c0:e3:
                    97:4c:92:94:5a:6d:d5:80:28:38:89:9c:2d:8b:90:
                    a9:9c:fc:2f:fa:04:75:14:25:18:76:87:24:6e:9a:
                    d6:29:8f:7b:99:0e:a5:19:d8:03:f6:fb:52:89:7a:
                    90:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:77:B2:48:54:E6:D7:7A:FB:E1:57:B5:42:64:43:78:D6:01:95:68
            X509v3 Authority Key Identifier:
                keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/326131313a663263303a666666393a3a2f34382d3438203d3e20323034373235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f2c0:fff9::/48

    Signature Algorithm: sha256WithRSAEncryption
         d1:82:a8:8c:fe:e8:60:3c:79:81:23:e4:6c:44:dd:75:09:2b:
         06:7e:d8:11:f9:a0:f7:1f:98:2e:fc:c0:b6:f7:6b:c2:3c:ca:
         78:97:29:a8:a7:f0:5c:2f:d5:fb:0d:d4:d7:89:6c:91:4e:17:
         d8:59:e1:3d:80:ba:c8:02:5f:24:f2:b6:98:29:b9:57:26:1d:
         46:d8:07:92:3a:0c:bb:34:d1:d4:e6:d1:e4:d7:e6:cc:12:55:
         a8:18:5f:7d:38:bc:0d:44:79:56:2c:cb:80:ff:37:8e:eb:70:
         e3:2f:05:c5:56:1f:82:1f:48:ca:51:2f:3f:23:ea:f7:d9:6e:
         1b:c4:58:54:25:f7:47:ea:36:d0:64:6d:f5:05:ca:fc:25:14:
         46:06:3a:b2:14:1e:59:f9:cd:57:5d:73:59:25:c5:0e:f5:3e:
         72:0e:b2:c1:0d:5c:ce:cb:ca:97:44:82:10:db:d1:46:61:fa:
         50:6c:20:73:4b:5d:62:01:4a:91:5a:3c:a6:3c:4a:b6:3b:d9:
         64:ba:0d:6c:2f:75:4c:e1:b8:11:cb:73:d5:bd:cd:df:ab:1e:
         1b:4a:7f:c8:77:8b:27:4a:14:3c:b3:3e:ac:7f:9b:f7:43:af:
         0b:58:e9:2e:9b:f7:c8:36:8c:48:6b:bc:22:b5:1d:17:96:46:
         0f:61:dc:5f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUD5dPda2EEcuuZqV0RRezTgf/+28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ0MzlaFw0yNDExMDYxNDQ5MzlaMDMxMTAvBgNV
BAMTKDMyNzdCMjQ4NTRFNkQ3N0FGQkUxNTdCNTQyNjQ0Mzc4RDYwMTk1NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ40WMm7f6bJmP3k+1Il9iNk5X
bn7rbdSeuAC9a9ZVFYpE4bgxUA+bGAUUCKxtw7rXbztdYRpeBv8rfQv1ZQhuhd/7
AbkYK6+aDUwW8fxyY4RMsqVm5fRAElHhl8tvNqfEg7J8/Ncz2fg6hon1TEdBPfpO
qRNGUjb4HwvjJ2zr6tITJyg0G2rn9xpV3ennkgV+Pm3IV9FYTABEDTpPKNUCIJcI
FZfditlcRxn0k+BDUmBuLx7DaeWOP3B4F7SPzo3Jh1u88Xt+af2y9CElQz7A45dM
kpRabdWAKDiJnC2LkKmc/C/6BHUUJRh2hyRumtYpj3uZDqUZ2AP2+1KJepAFAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUMneySFTm13r74Ve1QmRDeNYBlWgwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2NjYzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNDM3MzIzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/+TANBgkqhkiG9w0BAQsFAAOCAQEA0YKojP7oYDx5gSPk
bETddQkrBn7YEfmg9x+YLvzAtvdrwjzKeJcpqKfwXC/V+w3U14lskU4X2FnhPYC6
yAJfJPK2mCm5VyYdRtgHkjoMuzTR1ObR5NfmzBJVqBhffTi8DUR5VizLgP83jutw
4y8FxVYfgh9IylEvPyPq99luG8RYVCX3R+o20GRt9QXK/CUURgY6shQeWfnNV11z
WSXFDvU+cg6ywQ1czsvKl0SCENvRRmH6UGwgc0tdYgFKkVo8pjxKtjvZZLoNbC91
TOG4Ectz1b3N36seG0p/yHeLJ0oUPLM+rH+b90OvC1jpLpv3yDaMSGu8IrUdF5ZG
D2HcXw==
-----END CERTIFICATE-----
Generated at Sun Jun 30 17:34:14 2024 by rpki-client on console-fra.rpki-client.org