Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130303a3a2f34382d3438203d3e20323134383431.roa
File:                     326131343a373538313a393130303a3a2f34382d3438203d3e20323134383431.roa (raw, json)
Hash identifier:          Vempd3ps8UPnFvtx6+Ga9r0Fz/m4sP8yDO51fnwduTg=
Subject key identifier:   04:0D:8E:7D:E1:D8:48:CD:D6:C9:7B:3F:88:9F:5C:B1:9C:3F:7D:72
Certificate issuer:       /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial:       70841B0326E6072729CE1FFC8AF74A35389A55D1
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130303a3a2f34382d3438203d3e20323134383431.roa
Signing time:             Wed 26 Jun 2024 05:03:47 +0000
ROA not before:           Wed 26 Jun 2024 04:58:47 +0000
ROA not after:            Wed 25 Jun 2025 05:03:47 +0000
asID:                     214841
IP address blocks:        2a14:7581:9100::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:84:1b:03:26:e6:07:27:29:ce:1f:fc:8a:f7:4a:35:38:9a:55:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
        Validity
            Not Before: Jun 26 04:58:47 2024 GMT
            Not After : Jun 25 05:03:47 2025 GMT
        Subject: CN=040D8E7DE1D848CDD6C97B3F889F5CB19C3F7D72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:87:cf:ec:db:13:24:de:e0:04:ed:10:50:fc:
                    a2:5d:87:56:fa:20:79:e6:2d:cd:5a:cb:74:0c:f5:
                    28:77:92:68:22:e8:57:25:5c:de:34:1c:1b:cd:11:
                    3a:7f:ee:0b:83:28:95:33:fd:74:7c:bf:c9:0a:68:
                    bb:35:49:4c:69:37:da:21:aa:5a:95:a2:b0:0a:57:
                    d5:a3:30:ab:ba:51:ec:63:01:73:41:0c:61:2f:32:
                    35:6e:0e:3f:e2:4b:55:f6:f9:da:1f:98:74:09:6a:
                    7b:0d:3a:f8:2b:a0:9c:7c:f2:c5:0f:5b:e3:57:bf:
                    89:0d:01:0a:21:ba:7e:b7:da:b5:7f:d7:8e:1a:63:
                    bc:56:ba:a6:a7:70:07:69:4a:b7:cb:12:2c:55:3c:
                    5e:d0:69:94:da:4b:90:ce:d8:03:10:ed:58:fd:e9:
                    3c:dc:f4:57:2b:7c:9c:a0:77:75:fd:96:48:78:3c:
                    50:7f:38:7a:08:01:22:c2:20:25:bd:7a:aa:5a:69:
                    8d:13:49:cb:ed:10:c4:27:59:6e:61:24:22:10:86:
                    89:10:4c:13:7f:ca:db:08:24:8a:3e:4d:b2:49:f6:
                    46:c6:c8:d1:d4:06:0c:07:6c:50:a4:3e:36:9a:fe:
                    79:be:09:89:66:6f:de:d3:31:b2:23:36:59:6a:01:
                    d8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:0D:8E:7D:E1:D8:48:CD:D6:C9:7B:3F:88:9F:5C:B1:9C:3F:7D:72
            X509v3 Authority Key Identifier:
                keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130303a3a2f34382d3438203d3e20323134383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:9100::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:19:e8:f0:4c:0f:a8:86:4f:e1:3c:88:1c:28:75:a1:ce:8e:
         72:70:48:12:e6:a5:76:59:df:6d:75:20:4c:16:cc:69:bd:b9:
         50:1a:5b:eb:e6:c5:31:17:57:53:c3:77:cd:cd:97:33:1d:fb:
         6d:96:39:17:86:3c:22:26:de:09:db:d2:30:d6:68:1a:e4:dd:
         dc:e2:82:a1:c7:21:2d:cf:fb:b0:a4:22:ac:53:cd:d7:46:18:
         0f:a6:9e:42:b9:f2:ee:82:d9:4d:b0:7d:6b:6e:c3:5b:99:d0:
         2b:c3:d4:b2:7d:89:0c:d8:e2:3b:df:89:36:a0:45:d4:6a:46:
         33:df:f3:17:03:cb:ef:bb:b8:81:90:1c:da:6d:9a:8d:fa:ff:
         65:89:40:63:5d:90:13:fb:c5:d7:aa:7c:ed:ac:b3:94:5b:f2:
         7b:9d:01:98:69:d0:88:7a:06:4c:43:cf:b1:ef:12:31:1a:ab:
         2f:a2:9a:27:f8:56:6b:eb:78:a8:43:aa:c8:3f:aa:e9:dc:66:
         df:38:59:c8:c8:59:32:f9:99:51:3c:88:40:26:d5:68:61:c4:
         2c:65:f7:8e:e6:35:77:c6:10:b6:7c:88:a6:fb:9e:44:27:72:
         b1:d0:22:ae:e6:9c:8d:a9:14:9a:ee:a2:c7:2c:f8:4b:aa:c8:
         72:80:01:1f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUcIQbAybmBycpzh/8ivdKNTiaVdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNDA2MjYwNDU4NDdaFw0yNTA2MjUwNTAzNDdaMDMxMTAvBgNV
BAMTKDA0MEQ4RTdERTFEODQ4Q0RENkM5N0IzRjg4OUY1Q0IxOUMzRjdENzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbh8/s2xMk3uAE7RBQ/KJdh1b6
IHnmLc1ay3QM9Sh3kmgi6FclXN40HBvNETp/7guDKJUz/XR8v8kKaLs1SUxpN9oh
qlqVorAKV9WjMKu6UexjAXNBDGEvMjVuDj/iS1X2+dofmHQJansNOvgroJx88sUP
W+NXv4kNAQohun632rV/144aY7xWuqancAdpSrfLEixVPF7QaZTaS5DO2AMQ7Vj9
6Tzc9FcrfJygd3X9lkh4PFB/OHoIASLCICW9eqpaaY0TScvtEMQnWW5hJCIQhokQ
TBN/ytsIJIo+TbJJ9kbGyNHUBgwHbFCkPjaa/nm+CYlmb97TMbIjNllqAdinAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUBA2OfeHYSM3WyXs/iJ9csZw/fXIwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzEzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzgzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZEAMA0GCSqGSIb3DQEBCwUAA4IBAQCE
GejwTA+ohk/hPIgcKHWhzo5ycEgS5qV2Wd9tdSBMFsxpvblQGlvr5sUxF1dTw3fN
zZczHfttljkXhjwiJt4J29Iw1mga5N3c4oKhxyEtz/uwpCKsU83XRhgPpp5CufLu
gtlNsH1rbsNbmdArw9SyfYkM2OI734k2oEXUakYz3/MXA8vvu7iBkBzabZqN+v9l
iUBjXZAT+8XXqnztrLOUW/J7nQGYadCIegZMQ8+x7xIxGqsvopon+FZr63ioQ6rI
P6rp3GbfOFnIyFky+ZlRPIhAJtVoYcQsZfeO5jV3xhC2fIim+55EJ3Kx0CKu5pyN
qRSa7qLHLPhLqshygAEf
-----END CERTIFICATE-----