Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa
File:                     326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa (raw, json)
Hash identifier:          qH56+JuOcxy6imv53qXK3cs4RJCz3TF1ltwJcKjbU38=
Subject key identifier:   4B:1A:EB:6A:1D:52:3A:A9:02:46:E1:7D:BE:E7:36:F8:19:12:0D:E0
Certificate issuer:       /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial:       0809BDDA2A4C13ACF84EFE288F8F606630AF880C
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa
Signing time:             Sat 13 Apr 2024 22:53:45 +0000
ROA not before:           Sat 13 Apr 2024 22:48:45 +0000
ROA not after:            Sat 12 Apr 2025 22:53:45 +0000
asID:                     215124
IP address blocks:        2a0f:85c1:7f1::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:09:bd:da:2a:4c:13:ac:f8:4e:fe:28:8f:8f:60:66:30:af:88:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
        Validity
            Not Before: Apr 13 22:48:45 2024 GMT
            Not After : Apr 12 22:53:45 2025 GMT
        Subject: CN=4B1AEB6A1D523AA90246E17DBEE736F819120DE0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d9:a9:4d:eb:d1:d0:24:41:83:4f:28:ce:53:
                    3f:1f:18:19:ab:69:b1:3e:51:de:06:b4:e0:69:70:
                    0e:01:19:32:b9:c3:f0:bf:b2:d9:96:66:bd:48:a0:
                    6e:bf:de:13:2a:81:71:22:75:c5:2c:5b:70:23:71:
                    97:66:bd:97:45:31:a0:f6:19:cf:19:fc:2e:5d:dc:
                    d1:27:26:f5:5c:7e:6a:4c:f6:cd:d8:3d:c1:d6:9a:
                    f2:a6:bc:cc:48:ad:fe:88:5d:c5:eb:64:45:a0:0a:
                    ba:6f:44:a1:0e:37:cc:d7:23:f9:7e:c9:af:f9:6f:
                    40:75:04:62:24:e7:0c:bd:6a:8b:a8:be:e9:42:90:
                    33:a1:00:ca:36:d6:a9:c6:ca:de:69:94:0d:de:ea:
                    5f:a1:1a:93:f1:1b:33:06:7b:d8:3d:b5:30:bd:87:
                    31:26:83:94:ac:01:cd:c6:03:16:3d:84:7c:54:95:
                    37:99:aa:34:79:a6:2b:47:12:06:e8:a7:e0:2d:2e:
                    c0:85:0d:e0:80:f7:26:54:6e:4f:85:0e:e4:7e:72:
                    db:f4:dd:9e:b4:95:7e:50:30:42:84:91:e8:c4:62:
                    87:e1:1e:42:f2:6d:74:1f:02:f1:01:ad:61:09:ec:
                    fd:3c:fe:81:1c:00:17:c4:ab:53:58:56:12:00:f2:
                    d9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:1A:EB:6A:1D:52:3A:A9:02:46:E1:7D:BE:E7:36:F8:19:12:0D:E0
            X509v3 Authority Key Identifier:
                keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:7f1::/48

    Signature Algorithm: sha256WithRSAEncryption
         ac:d9:be:64:50:26:7e:f4:9c:2f:08:bc:4d:1a:4c:28:23:e6:
         3d:a7:d0:70:d4:9b:6e:89:4e:54:0f:48:97:6b:04:61:8f:9b:
         a8:d7:0a:ec:40:84:f4:74:6c:59:ef:09:e4:e4:7c:5a:4e:a0:
         dc:fe:32:11:a3:67:ea:68:2f:35:d4:c6:22:b2:d9:9f:0f:1d:
         b9:3c:c5:91:c5:46:98:ff:ce:cc:ca:d6:19:b2:c6:37:25:37:
         9f:68:3e:dc:0f:7e:dc:ce:92:10:f4:16:93:e3:df:58:bf:75:
         6b:a7:c9:21:08:29:46:41:5d:74:8f:c5:f9:88:2b:e4:6d:a7:
         d0:a7:6f:40:eb:15:db:5c:76:f2:82:0a:f0:f2:e8:92:05:54:
         15:7b:5c:78:84:fd:3b:f3:cd:e3:47:bd:16:0b:e4:87:d4:f7:
         7c:d9:8f:85:cf:ca:74:ba:b6:3f:85:75:71:3a:4a:b8:18:85:
         f2:0f:17:a1:d8:07:df:2c:e6:c1:7b:f5:67:7b:d3:a0:82:68:
         dd:1c:cd:01:29:56:0b:e7:42:f6:a7:9a:c1:fb:34:6a:be:e6:
         1e:0a:9c:59:70:48:c0:71:a8:3e:68:52:cb:18:ef:3a:ee:86:
         16:fe:5f:92:1b:77:d5:df:a8:0d:72:0f:f2:5b:41:cb:64:da:
         5a:2f:1f:eb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUCAm92ipME6z4Tv4oj49gZjCviAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNDA0MTMyMjQ4NDVaFw0yNTA0MTIyMjUzNDVaMDMxMTAvBgNV
BAMTKDRCMUFFQjZBMUQ1MjNBQTkwMjQ2RTE3REJFRTczNkY4MTkxMjBERTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC2alN69HQJEGDTyjOUz8fGBmr
abE+Ud4GtOBpcA4BGTK5w/C/stmWZr1IoG6/3hMqgXEidcUsW3AjcZdmvZdFMaD2
Gc8Z/C5d3NEnJvVcfmpM9s3YPcHWmvKmvMxIrf6IXcXrZEWgCrpvRKEON8zXI/l+
ya/5b0B1BGIk5wy9aouovulCkDOhAMo21qnGyt5plA3e6l+hGpPxGzMGe9g9tTC9
hzEmg5SsAc3GAxY9hHxUlTeZqjR5pitHEgbop+AtLsCFDeCA9yZUbk+FDuR+ctv0
3Z60lX5QMEKEkejEYofhHkLybXQfAvEBrWEJ7P08/oEcABfEq1NYVhIA8tnlAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUSxrrah1SOqkCRuF9vuc2+BkSDeAwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTMxMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8TANBgkqhkiG9w0BAQsFAAOCAQEArNm+
ZFAmfvScLwi8TRpMKCPmPafQcNSbbolOVA9Il2sEYY+bqNcK7ECE9HRsWe8J5OR8
Wk6g3P4yEaNn6mgvNdTGIrLZnw8duTzFkcVGmP/OzMrWGbLGNyU3n2g+3A9+3M6S
EPQWk+PfWL91a6fJIQgpRkFddI/F+Ygr5G2n0KdvQOsV21x28oIK8PLokgVUFXtc
eIT9O/PN40e9Fgvkh9T3fNmPhc/KdLq2P4V1cTpKuBiF8g8XodgH3yzmwXv1Z3vT
oIJo3RzNASlWC+dC9qeawfs0ar7mHgqcWXBIwHGoPmhSyxjvOu6GFv5fkht31d+o
DXIP8ltBy2TaWi8f6w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:51 2024 by rpki-client on console-fra.rpki-client.org