Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393261303a3a2f34382d3438203d3e20323135333634.roa
File:                     326131343a373538313a393261303a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier:          52dW85fH8WieO38THcEAcWvAx0hfdz1p014Uu9iYIzA=
Subject key identifier:   10:45:0E:81:7A:07:53:D1:30:2A:1B:86:1B:23:04:A3:D1:9B:1F:58
Certificate issuer:       /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial:       3FE25513D62A5CCAA5BB090EC5374DF3352B5508
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393261303a3a2f34382d3438203d3e20323135333634.roa
Signing time:             Tue 23 Jul 2024 13:25:46 +0000
ROA not before:           Tue 23 Jul 2024 13:20:46 +0000
ROA not after:            Tue 22 Jul 2025 13:25:46 +0000
asID:                     215364
IP address blocks:        2a14:7581:92a0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:e2:55:13:d6:2a:5c:ca:a5:bb:09:0e:c5:37:4d:f3:35:2b:55:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
        Validity
            Not Before: Jul 23 13:20:46 2024 GMT
            Not After : Jul 22 13:25:46 2025 GMT
        Subject: CN=10450E817A0753D1302A1B861B2304A3D19B1F58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ea:97:08:0d:60:15:43:b9:16:8e:03:24:af:
                    18:61:b6:ea:b9:a0:59:d8:cf:76:e5:38:25:52:89:
                    2d:04:0d:8a:de:ef:c4:39:f2:da:32:22:bb:f1:dc:
                    19:94:bc:77:80:1c:57:bf:50:ef:ab:2f:4f:7e:4d:
                    87:12:bf:c6:d3:5c:d5:27:ff:63:dd:fa:73:2b:53:
                    38:db:a6:bd:6e:41:2a:4c:d7:55:03:ee:d6:f4:e4:
                    3d:08:9a:3d:31:77:36:f0:57:74:fb:c4:4d:d6:41:
                    7d:1e:55:fc:34:68:76:d3:75:80:b4:1b:9a:ba:d5:
                    86:ec:91:6b:78:d3:b9:46:e1:59:10:1a:a0:ea:49:
                    45:81:4c:12:cf:d0:7f:f2:56:94:1a:74:f3:3f:70:
                    7c:89:60:c9:cf:7c:6b:53:8f:00:a5:7c:65:a4:ce:
                    88:5e:58:6b:bb:c9:8b:e8:37:14:48:86:35:e4:bc:
                    4a:bd:14:3f:52:6a:a5:4c:1b:a7:5e:3e:d3:98:33:
                    62:92:d2:81:79:6f:fa:55:af:9b:b3:97:6c:28:1d:
                    a4:95:a7:f8:4a:9f:91:9d:e1:81:21:c7:17:6d:1b:
                    19:3e:90:4c:0c:ab:01:fd:92:44:d6:99:da:8a:2d:
                    b3:ad:b0:0f:48:58:a2:94:b9:51:0b:1e:2a:ec:37:
                    7a:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:45:0E:81:7A:07:53:D1:30:2A:1B:86:1B:23:04:A3:D1:9B:1F:58
            X509v3 Authority Key Identifier:
                keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393261303a3a2f34382d3438203d3e20323135333634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:92a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:8d:5c:8e:35:6b:e7:df:84:f1:2d:70:9f:bc:a7:71:de:47:
         dc:3f:a0:bc:34:e7:44:5f:04:ee:ff:2a:14:39:d6:80:b5:ae:
         2f:b0:a5:03:f3:53:79:ca:cf:7f:92:50:c2:ce:9d:03:1b:07:
         f2:11:41:9c:29:d8:ab:df:92:65:c2:56:23:40:b4:79:32:aa:
         fa:96:5c:5f:b3:f5:7e:a2:4c:ff:83:c5:4a:3c:17:d4:64:5f:
         c0:e4:ee:52:8a:6e:c7:88:c1:b7:cb:5d:bb:24:73:9c:cb:3a:
         4b:a5:90:da:9b:9b:3b:ec:c4:4a:89:0f:2e:56:40:df:09:10:
         fe:b7:7c:a1:e5:85:5b:42:4e:6c:af:9f:3c:9d:63:70:30:06:
         bb:d7:e0:bf:83:49:c5:2a:13:c6:b9:3d:e5:61:9a:34:73:c8:
         60:3b:b6:a4:8e:30:86:31:e2:55:2b:ae:ee:8e:b9:26:36:f7:
         df:dc:e1:93:a3:81:7a:5a:10:43:7d:40:d8:31:41:30:68:97:
         47:55:7a:f1:b8:c5:a5:5d:09:e4:73:b1:52:ee:58:53:b6:3d:
         67:dd:bf:24:07:09:3f:70:7a:db:93:de:82:22:c7:e0:ff:19:
         e4:8d:48:98:30:9b:f0:37:03:32:4c:c6:af:8c:12:0d:6a:d3:
         09:a8:47:40
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUP+JVE9YqXMqluwkOxTdN8zUrVQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNDA3MjMxMzIwNDZaFw0yNTA3MjIxMzI1NDZaMDMxMTAvBgNV
BAMTKDEwNDUwRTgxN0EwNzUzRDEzMDJBMUI4NjFCMjMwNEEzRDE5QjFGNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6pcIDWAVQ7kWjgMkrxhhtuq5
oFnYz3blOCVSiS0EDYre78Q58toyIrvx3BmUvHeAHFe/UO+rL09+TYcSv8bTXNUn
/2Pd+nMrUzjbpr1uQSpM11UD7tb05D0Imj0xdzbwV3T7xE3WQX0eVfw0aHbTdYC0
G5q61YbskWt407lG4VkQGqDqSUWBTBLP0H/yVpQadPM/cHyJYMnPfGtTjwClfGWk
zoheWGu7yYvoNxRIhjXkvEq9FD9SaqVMG6dePtOYM2KS0oF5b/pVr5uzl2woHaSV
p/hKn5Gd4YEhxxdtGxk+kEwMqwH9kkTWmdqKLbOtsA9IWKKUuVELHirsN3qbAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUEEUOgXoHU9EwKhuGGyMEo9GbH1gwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzI2MTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZKgMA0GCSqGSIb3DQEBCwUAA4IBAQCz
jVyONWvn34TxLXCfvKdx3kfcP6C8NOdEXwTu/yoUOdaAta4vsKUD81N5ys9/klDC
zp0DGwfyEUGcKdir35JlwlYjQLR5Mqr6llxfs/V+okz/g8VKPBfUZF/A5O5Sim7H
iMG3y127JHOcyzpLpZDam5s77MRKiQ8uVkDfCRD+t3yh5YVbQk5sr588nWNwMAa7
1+C/g0nFKhPGuT3lYZo0c8hgO7akjjCGMeJVK67ujrkmNvff3OGTo4F6WhBDfUDY
MUEwaJdHVXrxuMWlXQnkc7FS7lhTtj1n3b8kBwk/cHrbk96CIsfg/xnkjUiYMJvw
NwMyTMavjBINatMJqEdA
-----END CERTIFICATE-----