Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393130303a3a2f34302d3438203d3e20323136323939.roa
File:                     326131343a373538303a393130303a3a2f34302d3438203d3e20323136323939.roa (raw, json)
Hash identifier:          c4wfh1kOphA8Axvw6+dnj3lAut4b1kpMpQW/rZEnV+o=
Subject key identifier:   9D:17:79:BC:E4:04:BD:ED:04:B4:0A:2F:05:48:D9:3C:22:C7:C6:8A
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       11A216605B1FF7B88504196D3635027930B7567C
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393130303a3a2f34302d3438203d3e20323136323939.roa
Signing time:             Mon 14 Oct 2024 14:57:24 +0000
ROA not before:           Mon 14 Oct 2024 14:52:24 +0000
ROA not after:            Mon 13 Oct 2025 14:57:24 +0000
asID:                     216299
IP address blocks:        2a14:7580:9100::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:a2:16:60:5b:1f:f7:b8:85:04:19:6d:36:35:02:79:30:b7:56:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Oct 14 14:52:24 2024 GMT
            Not After : Oct 13 14:57:24 2025 GMT
        Subject: CN=9D1779BCE404BDED04B40A2F0548D93C22C7C68A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:5a:0f:25:05:f7:4e:71:ca:4f:40:ed:2a:65:
                    2e:2f:5b:63:23:1e:b2:b1:6f:28:95:12:bf:06:c3:
                    e4:1a:d2:a1:af:84:f3:e9:76:99:64:3d:7f:9e:7b:
                    91:4b:19:0b:cf:a9:02:01:86:89:69:8e:af:67:c8:
                    1a:46:7d:ce:8b:c7:9a:60:06:70:39:47:de:ed:8d:
                    50:ad:a8:9f:32:9a:25:c2:78:3b:af:64:7e:69:99:
                    5a:6a:84:4f:dc:0a:68:74:cf:85:85:b2:72:21:3a:
                    a7:83:bf:69:07:30:98:a6:f2:f2:46:94:29:44:f3:
                    96:7a:2c:08:44:84:fd:19:50:de:67:71:7d:86:93:
                    65:74:6d:a4:00:94:62:2a:8f:2b:01:bd:1c:cb:dd:
                    d0:c3:4a:af:f3:95:df:4f:6a:19:bf:4c:a3:9b:46:
                    0e:70:41:ba:ae:9e:1e:42:85:ce:d7:3c:da:e3:3d:
                    b7:1e:d8:61:cf:60:6b:73:21:f5:1a:96:e7:e5:a9:
                    8c:3c:38:09:b3:3c:52:f5:ae:02:44:69:83:e0:e2:
                    be:b3:b6:9e:bf:7a:a2:aa:f3:26:85:4d:79:59:36:
                    54:6e:5e:e2:79:4f:aa:5e:af:e1:8f:a4:6a:e3:9a:
                    47:04:5f:05:ff:d5:94:0a:44:63:6b:33:ef:97:6d:
                    9d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:17:79:BC:E4:04:BD:ED:04:B4:0A:2F:05:48:D9:3C:22:C7:C6:8A
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538303a393130303a3a2f34302d3438203d3e20323136323939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580:9100::/40

    Signature Algorithm: sha256WithRSAEncryption
         ca:b4:98:9e:13:96:b0:a1:69:21:9e:2e:bb:8e:45:38:5b:98:
         f4:27:55:55:82:d9:d1:c0:16:3e:f1:b5:ce:c0:d1:18:28:c1:
         0a:81:6e:7b:a5:ad:f4:f2:26:eb:e2:29:46:71:98:e5:d8:e9:
         5a:fc:d0:f4:df:89:2e:bd:61:3e:fb:76:3e:e1:77:41:dc:72:
         8a:ab:0e:41:32:4a:e6:dd:69:c6:61:1a:c6:da:9c:e8:14:0b:
         be:6f:2b:5c:2a:6d:83:49:07:e1:a2:ad:e7:21:bd:13:96:1e:
         af:52:ba:5f:9b:3e:95:8b:fb:ab:af:95:bb:ea:c1:5e:2a:49:
         b6:bf:72:77:94:c7:11:99:03:d9:ff:1d:83:6d:bc:02:10:bf:
         a4:c5:51:53:7f:bc:e0:7a:0e:d5:7f:61:9c:31:bb:03:bb:7b:
         10:c8:9e:7f:16:38:0c:e6:19:7d:3c:93:73:5f:94:b1:7f:d2:
         a7:d6:90:aa:ac:23:8f:d3:01:aa:aa:e0:3b:3f:69:d2:7f:b8:
         d0:d4:be:50:88:6c:a1:5a:8a:3b:0a:ac:0a:d9:fd:b5:e6:15:
         4c:8d:68:82:61:44:2b:6f:12:83:d3:e8:3b:6e:ac:6f:f7:69:
         58:41:90:42:c7:67:11:1f:c3:ac:49:93:c2:36:2e:20:76:ee:
         7e:27:95:56
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUEaIWYFsf97iFBBltNjUCeTC3VnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDEwMTQxNDUyMjRaFw0yNTEwMTMxNDU3MjRaMDMxMTAvBgNV
BAMTKDlEMTc3OUJDRTQwNEJERUQwNEI0MEEyRjA1NDhEOTNDMjJDN0M2OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Wg8lBfdOccpPQO0qZS4vW2Mj
HrKxbyiVEr8Gw+Qa0qGvhPPpdplkPX+ee5FLGQvPqQIBholpjq9nyBpGfc6Lx5pg
BnA5R97tjVCtqJ8ymiXCeDuvZH5pmVpqhE/cCmh0z4WFsnIhOqeDv2kHMJim8vJG
lClE85Z6LAhEhP0ZUN5ncX2Gk2V0baQAlGIqjysBvRzL3dDDSq/zld9Pahm/TKOb
Rg5wQbqunh5Chc7XPNrjPbce2GHPYGtzIfUaluflqYw8OAmzPFL1rgJEaYPg4r6z
tp6/eqKq8yaFTXlZNlRuXuJ5T6per+GPpGrjmkcEXwX/1ZQKRGNrM++XbZ3xAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUnRd5vOQEve0EtAovBUjZPCLHxoowHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzAzYTM5MzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz
MTM2MzIzOTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1gJEwDQYJKoZIhvcNAQELBQADggEBAMq0
mJ4TlrChaSGeLruORThbmPQnVVWC2dHAFj7xtc7A0RgowQqBbnulrfTyJuviKUZx
mOXY6Vr80PTfiS69YT77dj7hd0HccoqrDkEySubdacZhGsbanOgUC75vK1wqbYNJ
B+GirechvROWHq9Sul+bPpWL+6uvlbvqwV4qSba/cneUxxGZA9n/HYNtvAIQv6TF
UVN/vOB6DtV/YZwxuwO7exDInn8WOAzmGX08k3NflLF/0qfWkKqsI4/TAaqq4Ds/
adJ/uNDUvlCIbKFaijsKrArZ/bXmFUyNaIJhRCtvEoPT6DturG/3aVhBkELHZxEf
w6xJk8I2LiB27n4nlVY=
-----END CERTIFICATE-----