Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/98826bce-854a-48c6-86af-93cf28393576/1/326131343a373538303a346630303a3a2f34302d3430203d3e20323132353136.roa
File:                     326131343a373538303a346630303a3a2f34302d3430203d3e20323132353136.roa (raw, json)
Hash identifier:          VUV3m8Zhofw333vuETnt4DSTD9lAxosAm4DU0tglNzc=
Subject key identifier:   6F:89:08:B4:A4:8D:DC:5A:28:6E:AC:40:CB:2E:F2:A8:B8:94:70:F9
Certificate issuer:       /CN=5D86A1FAB8C19115720081D417D39278074047FB
Certificate serial:       3987AB2689A3C269F45923DBE27B3868B12361FE
Authority key identifier: 5D:86:A1:FA:B8:C1:91:15:72:00:81:D4:17:D3:92:78:07:40:47:FB
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/5D86A1FAB8C19115720081D417D39278074047FB.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/98826bce-854a-48c6-86af-93cf28393576/1/326131343a373538303a346630303a3a2f34302d3430203d3e20323132353136.roa
Signing time:             Thu 22 Aug 2024 15:55:59 +0000
ROA not before:           Thu 22 Aug 2024 15:50:59 +0000
ROA not after:            Thu 21 Aug 2025 15:55:59 +0000
asID:                     212516
IP address blocks:        2a14:7580:4f00::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:87:ab:26:89:a3:c2:69:f4:59:23:db:e2:7b:38:68:b1:23:61:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D86A1FAB8C19115720081D417D39278074047FB
        Validity
            Not Before: Aug 22 15:50:59 2024 GMT
            Not After : Aug 21 15:55:59 2025 GMT
        Subject: CN=6F8908B4A48DDC5A286EAC40CB2EF2A8B89470F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:49:77:64:49:f2:87:02:65:b4:7e:f2:02:a0:
                    47:02:02:bb:21:14:04:5d:e7:2e:91:c5:6c:5a:f6:
                    49:91:3c:b5:5e:a4:b8:c0:43:29:54:e6:5b:53:01:
                    97:c2:b1:c0:24:e4:92:fd:82:4b:71:22:56:25:a9:
                    88:b3:bd:6b:da:1f:f5:66:6c:8e:7b:1c:f1:f0:48:
                    f7:16:2d:b6:9c:cb:e8:4d:53:c5:3b:4a:0e:cb:a3:
                    e4:d1:41:19:7c:84:47:b7:c1:4d:97:00:b7:65:27:
                    d9:c3:c5:f8:10:94:81:0c:e7:17:a6:cb:cd:b6:e9:
                    2e:e6:61:a6:a1:0e:b2:54:9c:da:05:dd:92:a3:b4:
                    02:60:3e:9d:01:d1:b8:3d:fc:18:cd:9e:14:c0:1a:
                    a6:a9:25:1f:9c:75:f4:e9:00:c7:35:aa:01:0d:4a:
                    d9:0a:09:38:fe:45:46:32:3b:ae:f6:fc:f2:23:82:
                    93:40:c0:d4:2c:dd:57:cc:2f:df:d5:be:5d:21:5f:
                    53:65:a4:8a:47:d8:36:34:b1:31:e4:1c:f7:2a:1a:
                    5a:3a:9c:24:ea:21:f9:1a:db:2c:34:2f:43:ef:fc:
                    99:76:a7:60:9b:2d:a1:8b:8e:b6:c6:55:da:c1:bd:
                    74:31:87:62:94:8d:74:7c:de:54:7e:6f:dc:16:74:
                    66:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:89:08:B4:A4:8D:DC:5A:28:6E:AC:40:CB:2E:F2:A8:B8:94:70:F9
            X509v3 Authority Key Identifier:
                keyid:5D:86:A1:FA:B8:C1:91:15:72:00:81:D4:17:D3:92:78:07:40:47:FB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/98826bce-854a-48c6-86af-93cf28393576/1/5D86A1FAB8C19115720081D417D39278074047FB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/5D86A1FAB8C19115720081D417D39278074047FB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/98826bce-854a-48c6-86af-93cf28393576/1/326131343a373538303a346630303a3a2f34302d3430203d3e20323132353136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580:4f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         6f:6b:20:89:8a:9c:a4:c6:ad:d2:18:c9:0e:d6:81:a5:2a:3e:
         60:74:1b:f2:1e:cd:aa:5b:3d:27:0b:96:f7:98:c2:71:9c:f3:
         df:48:2e:d0:25:84:48:bb:e3:06:e1:8b:14:62:98:8a:02:88:
         38:56:f9:ec:07:e0:2e:3d:62:ae:8f:35:f4:22:06:ba:5b:da:
         da:c9:a0:12:80:40:be:24:50:7f:37:41:2d:79:03:ec:c8:ea:
         0d:45:22:02:3b:bc:6b:bf:7f:3e:c7:dd:96:bd:dd:77:fe:00:
         2e:ed:b5:9b:ca:0e:f9:46:ec:0a:28:0b:15:92:64:d8:44:0c:
         80:41:d3:9f:f4:29:f5:35:9c:c8:0b:a4:0b:e0:f9:9a:38:3c:
         32:0f:2b:95:b3:d4:08:4f:88:89:a6:4c:ab:60:55:a6:d2:e3:
         58:9c:52:f3:9f:72:b9:e3:a5:94:6b:67:95:40:50:ed:77:f1:
         80:94:0f:7e:f4:b9:11:5b:e6:fd:90:96:29:77:00:1d:85:17:
         76:2b:16:07:3c:5d:57:74:bf:72:13:75:cc:36:f8:13:01:7e:
         6b:5a:9b:55:f5:a9:d8:8d:d3:8d:7d:16:5f:d0:52:3d:ac:a6:
         55:4f:19:e1:3d:28:5e:10:6b:d0:c6:fc:20:30:de:d3:78:8c:
         09:96:a9:c4
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUOYerJomjwmn0WSPb4ns4aLEjYf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUQ4NkExRkFCOEMxOTExNTcyMDA4MUQ0MTdEMzkyNzgw
NzQwNDdGQjAeFw0yNDA4MjIxNTUwNTlaFw0yNTA4MjExNTU1NTlaMDMxMTAvBgNV
BAMTKDZGODkwOEI0QTQ4RERDNUEyODZFQUM0MENCMkVGMkE4Qjg5NDcwRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkSXdkSfKHAmW0fvICoEcCArsh
FARd5y6RxWxa9kmRPLVepLjAQylU5ltTAZfCscAk5JL9gktxIlYlqYizvWvaH/Vm
bI57HPHwSPcWLbacy+hNU8U7Sg7Lo+TRQRl8hEe3wU2XALdlJ9nDxfgQlIEM5xem
y8226S7mYaahDrJUnNoF3ZKjtAJgPp0B0bg9/BjNnhTAGqapJR+cdfTpAMc1qgEN
StkKCTj+RUYyO672/PIjgpNAwNQs3VfML9/Vvl0hX1NlpIpH2DY0sTHkHPcqGlo6
nCTqIfka2yw0L0Pv/Jl2p2CbLaGLjrbGVdrBvXQxh2KUjXR83lR+b9wWdGYvAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUb4kItKSN3FoobqxAyy7yqLiUcPkwHwYDVR0j
BBgwFoAUXYah+rjBkRVyAIHUF9OSeAdAR/swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTg4MjZiY2UtODU0YS00OGM2LTg2YWYtOTNjZjI4Mzkz
NTc2LzEvNUQ4NkExRkFCOEMxOTExNTcyMDA4MUQ0MTdEMzkyNzgwNzQwNDdGQi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC81RDg2QTFGQUI4QzE5MTE1NzIwMDgxRDQx
N0QzOTI3ODA3NDA0N0ZCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85ODgyNmJjZS04NTRhLTQ4YzYtODZhZi05M2NmMjgzOTM1NzYvMS8zMjYxMzEz
NDNhMzczNTM4MzAzYTM0NjYzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTMyMzUzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gE8wDQYJKoZIhvcNAQELBQADggEBAG9r
IImKnKTGrdIYyQ7WgaUqPmB0G/IezapbPScLlveYwnGc899ILtAlhEi74wbhixRi
mIoCiDhW+ewH4C49Yq6PNfQiBrpb2trJoBKAQL4kUH83QS15A+zI6g1FIgI7vGu/
fz7H3Za93Xf+AC7ttZvKDvlG7AooCxWSZNhEDIBB05/0KfU1nMgLpAvg+Zo4PDIP
K5Wz1AhPiImmTKtgVabS41icUvOfcrnjpZRrZ5VAUO138YCUD370uRFb5v2Qlil3
AB2FF3YrFgc8XVd0v3ITdcw2+BMBfmtam1X1qdiN0419Fl/QUj2splVPGeE9KF4Q
a9DG/CAw3tN4jAmWqcQ=
-----END CERTIFICATE-----