Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393066653a3a2f34382d3438203d3e20323135333634.roa
File:                     326131343a373538313a393066653a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier:          ZEC+FF7f6pTQCAI//mUYvs5HLV+Ku71q7R0YQM5kzz8=
Subject key identifier:   F5:F3:A6:B1:8E:B9:02:06:EE:8F:C9:85:1A:C4:A5:CF:2F:DA:AD:D2
Certificate issuer:       /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial:       5468C0626332E25B2DCA50B9E976BEC32E69632E
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393066653a3a2f34382d3438203d3e20323135333634.roa
Signing time:             Thu 20 Mar 2025 10:27:02 +0000
ROA not before:           Thu 20 Mar 2025 10:22:02 +0000
ROA not after:            Thu 19 Mar 2026 10:27:02 +0000
asID:                     215364
IP address blocks:        2a14:7581:90fe::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:68:c0:62:63:32:e2:5b:2d:ca:50:b9:e9:76:be:c3:2e:69:63:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
        Validity
            Not Before: Mar 20 10:22:02 2025 GMT
            Not After : Mar 19 10:27:02 2026 GMT
        Subject: CN=F5F3A6B18EB90206EE8FC9851AC4A5CF2FDAADD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8b:14:8a:18:62:72:b3:4e:2c:8f:ff:ec:5b:
                    e5:0f:bd:4c:1a:06:c2:7e:6d:b8:aa:38:76:f4:2e:
                    3f:23:6b:ee:3d:6e:d9:b7:7f:2f:48:64:29:98:d3:
                    29:ac:a3:a8:05:57:8a:4e:7c:2b:7c:74:b7:e8:5f:
                    3e:f1:dc:8e:bc:19:22:0e:7f:d8:3e:45:5b:32:19:
                    c3:19:86:77:37:77:13:7e:24:18:38:9f:4f:4a:b0:
                    2a:7d:10:f9:11:78:e4:32:7c:29:ce:2b:3e:9c:49:
                    9d:fb:96:07:5e:ea:cb:53:26:95:d6:d3:7c:ad:4e:
                    a7:96:a4:7c:71:74:67:76:97:3e:a3:59:c5:c5:0a:
                    cd:cf:45:4f:bc:2b:26:32:8b:a3:8c:03:1f:e8:9a:
                    af:53:3f:ba:93:87:e7:08:6c:9c:99:5f:db:e7:5f:
                    41:f5:ac:80:54:42:1d:42:6a:a8:30:d8:7f:15:2a:
                    7f:bb:92:c4:8e:38:5f:ec:f7:2b:88:f7:ac:fd:07:
                    f1:63:d3:2f:5c:84:24:51:68:45:42:40:ed:22:40:
                    c6:06:ed:7c:e8:3e:b9:8c:7b:68:16:81:6d:b9:7a:
                    4d:1b:19:00:56:91:45:da:bd:67:e9:72:9b:4c:f8:
                    d1:b3:f5:e8:77:a2:15:d2:d7:e0:e4:5a:a8:74:d8:
                    78:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:F3:A6:B1:8E:B9:02:06:EE:8F:C9:85:1A:C4:A5:CF:2F:DA:AD:D2
            X509v3 Authority Key Identifier:
                keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393066653a3a2f34382d3438203d3e20323135333634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:90fe::/48

    Signature Algorithm: sha256WithRSAEncryption
         b7:c8:26:11:5f:3c:6f:47:6b:21:94:0e:dd:7a:4f:06:d8:a5:
         32:08:22:36:65:43:ec:14:ee:50:7b:75:90:70:37:fd:08:f1:
         f0:b2:e7:2e:59:12:88:19:6e:99:3f:23:f6:ce:5e:bc:10:c7:
         81:2a:b6:ad:ee:c1:25:79:47:2b:12:82:8a:46:08:5f:cf:b7:
         e0:4c:38:16:05:16:7a:1f:dc:2a:5d:d0:bb:d2:e9:79:50:ae:
         f5:6a:97:06:f6:1c:d1:6f:c8:af:fa:c3:6d:74:0e:df:c2:c4:
         d8:56:c8:99:42:40:8b:1b:95:6b:b1:7f:51:5a:01:42:67:44:
         18:4a:fa:41:6a:e6:ad:92:3f:39:c3:9b:44:e9:dc:a3:62:ce:
         34:cb:5b:06:4f:45:a3:ca:0d:5c:68:3c:47:ff:57:44:37:cc:
         32:7e:c7:14:85:4d:6f:4c:be:48:bf:5c:72:e3:a4:f8:39:49:
         0a:4a:01:84:a5:0b:fa:0c:e8:56:72:92:f6:a5:da:f2:35:09:
         79:fe:9e:cd:44:7b:11:f2:01:1f:e8:99:3b:03:1a:e9:14:c3:
         f1:cc:c5:12:a8:7d:e5:0c:b9:37:e4:ef:fc:30:6d:ac:e2:f1:
         f2:20:12:9f:d3:57:d9:78:94:36:71:a5:6d:9d:ea:55:9c:ff:
         db:9f:04:48
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUVGjAYmMy4lstylC56Xa+wy5pYy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNTAzMjAxMDIyMDJaFw0yNjAzMTkxMDI3MDJaMDMxMTAvBgNV
BAMTKEY1RjNBNkIxOEVCOTAyMDZFRThGQzk4NTFBQzRBNUNGMkZEQUFERDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUixSKGGJys04sj//sW+UPvUwa
BsJ+bbiqOHb0Lj8ja+49btm3fy9IZCmY0ymso6gFV4pOfCt8dLfoXz7x3I68GSIO
f9g+RVsyGcMZhnc3dxN+JBg4n09KsCp9EPkReOQyfCnOKz6cSZ37lgde6stTJpXW
03ytTqeWpHxxdGd2lz6jWcXFCs3PRU+8KyYyi6OMAx/omq9TP7qTh+cIbJyZX9vn
X0H1rIBUQh1Caqgw2H8VKn+7ksSOOF/s9yuI96z9B/Fj0y9chCRRaEVCQO0iQMYG
7XzoPrmMe2gWgW25ek0bGQBWkUXavWfpcptM+NGz9eh3ohXS1+DkWqh02Hi7AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU9fOmsY65Agbuj8mFGsSlzy/ardIwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzA2NjY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZD+MA0GCSqGSIb3DQEBCwUAA4IBAQC3
yCYRXzxvR2shlA7dek8G2KUyCCI2ZUPsFO5Qe3WQcDf9CPHwsucuWRKIGW6ZPyP2
zl68EMeBKrat7sEleUcrEoKKRghfz7fgTDgWBRZ6H9wqXdC70ul5UK71apcG9hzR
b8iv+sNtdA7fwsTYVsiZQkCLG5VrsX9RWgFCZ0QYSvpBauatkj85w5tE6dyjYs40
y1sGT0Wjyg1caDxH/1dEN8wyfscUhU1vTL5Iv1xy46T4OUkKSgGEpQv6DOhWcpL2
pdryNQl5/p7NRHsR8gEf6Jk7AxrpFMPxzMUSqH3lDLk35O/8MG2s4vHyIBKf01fZ
eJQ2caVtnepVnP/bnwRI
-----END CERTIFICATE-----