Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343230303a3a2f34302d3430203d3e20313939353138.roa
File:                     326130373a353463313a343230303a3a2f34302d3430203d3e20313939353138.roa (raw, json)
Hash identifier:          q03Pj7BB4FvQqVgWTNPLCqf6FWIvUGBqto+KCXVBKFQ=
Subject key identifier:   F8:22:72:88:6A:0D:52:A0:56:48:8A:BC:5E:C9:28:F0:8C:58:0A:89
Certificate issuer:       /CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
Certificate serial:       0CCF5E1701E8BE9A9AE9C9D4CEA4546A5783BCD2
Authority key identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343230303a3a2f34302d3430203d3e20313939353138.roa
Signing time:             Mon 28 Oct 2024 19:02:55 +0000
ROA not before:           Mon 28 Oct 2024 18:57:55 +0000
ROA not after:            Mon 27 Oct 2025 19:02:55 +0000
asID:                     199518
IP address blocks:        2a07:54c1:4200::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:cf:5e:17:01:e8:be:9a:9a:e9:c9:d4:ce:a4:54:6a:57:83:bc:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
        Validity
            Not Before: Oct 28 18:57:55 2024 GMT
            Not After : Oct 27 19:02:55 2025 GMT
        Subject: CN=F82272886A0D52A056488ABC5EC928F08C580A89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:62:b1:82:a7:90:35:b4:dc:fb:67:b0:74:
                    48:81:6a:ab:d6:5b:fb:ff:e6:c5:6f:ee:a9:f9:7e:
                    ef:c1:55:da:bb:59:4b:8c:4a:04:15:24:71:6a:de:
                    19:6e:24:ef:3a:05:a6:8c:0e:4a:1d:88:c5:57:a5:
                    ec:8c:b5:e9:66:75:83:22:e7:cf:d7:6b:74:f1:10:
                    10:3e:24:4a:0b:7b:38:0d:29:51:22:83:03:fc:3c:
                    42:20:20:52:1d:96:10:f8:cf:b0:df:a6:c6:42:36:
                    93:9e:34:0a:f8:2c:38:86:15:da:45:31:4f:36:64:
                    f0:cb:5b:4e:ac:2b:1d:11:96:82:bd:3a:3a:0d:2a:
                    fe:7d:c1:6d:dd:98:9e:67:2b:4f:42:f5:db:1a:34:
                    72:2a:04:2c:5c:0a:7d:96:aa:f5:2a:a3:d2:0a:0a:
                    18:53:a1:23:6d:2c:8c:ed:85:8b:d3:49:b2:d0:ee:
                    01:3f:a9:9f:1f:5a:0b:40:b4:c9:48:47:fa:48:5f:
                    6d:29:d1:a6:74:a4:da:bc:9a:4c:cf:c4:9d:c9:31:
                    9c:b3:8e:ff:d1:f5:54:08:ec:e0:18:90:66:22:a8:
                    17:69:ac:ae:a2:81:04:16:94:59:54:25:a4:82:f8:
                    14:05:b0:4a:fb:78:d3:80:2b:cd:c4:c1:e8:87:ab:
                    e8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:22:72:88:6A:0D:52:A0:56:48:8A:BC:5E:C9:28:F0:8C:58:0A:89
            X509v3 Authority Key Identifier:
                keyid:09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343230303a3a2f34302d3430203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c1:4200::/40

    Signature Algorithm: sha256WithRSAEncryption
         24:46:c9:e7:e5:7d:07:63:4c:3f:4f:ce:7c:1c:ef:57:24:41:
         fa:84:0b:04:4f:23:50:28:2c:ce:45:8f:6a:a1:1e:6b:74:3f:
         0e:fa:10:2a:34:ed:79:92:5b:1a:86:6f:df:f5:d3:e9:c7:68:
         d7:c4:18:3e:e8:43:ac:4b:f3:c1:7c:8b:2c:bc:20:c4:c5:76:
         d3:d1:f3:01:ac:9c:6b:d7:cd:d7:f9:5e:35:2c:7c:7a:04:6e:
         7d:ab:c5:01:b3:2e:bc:57:77:48:6c:81:57:78:34:51:96:88:
         79:71:15:e5:23:47:e5:ae:0b:57:70:de:c2:43:0c:70:07:74:
         5a:d7:04:94:da:25:01:98:44:cf:cc:f8:1e:bb:89:3c:77:10:
         49:f3:da:5c:0a:3f:d6:c9:16:c2:cc:74:f3:a0:c4:90:c8:52:
         fe:e8:3e:f3:f4:46:08:23:c0:ad:7a:b2:d4:6c:aa:7b:f8:a4:
         bc:45:2a:8f:6d:a2:93:e7:99:5f:e3:fc:34:2f:0a:5d:a7:61:
         5f:17:b9:63:c7:88:fa:fc:33:4c:69:73:69:65:4d:1b:5e:8b:
         27:2c:cd:d3:68:5a:ac:c3:6a:d0:fc:03:5c:92:8a:ba:d3:5a:
         7f:f3:63:d9:cc:5b:f5:d6:5b:08:47:99:ac:46:50:7d:d1:23:
         a1:3c:5d:99
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUDM9eFwHovpqa6cnUzqRUaleDvNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1
Mzg0QjFFMTAeFw0yNDEwMjgxODU3NTVaFw0yNTEwMjcxOTAyNTVaMDMxMTAvBgNV
BAMTKEY4MjI3Mjg4NkEwRDUyQTA1NjQ4OEFCQzVFQzkyOEYwOEM1ODBBODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhWKxgqeQNbTc+2ewdEiBaqvW
W/v/5sVv7qn5fu/BVdq7WUuMSgQVJHFq3hluJO86BaaMDkodiMVXpeyMtelmdYMi
58/Xa3TxEBA+JEoLezgNKVEigwP8PEIgIFIdlhD4z7DfpsZCNpOeNAr4LDiGFdpF
MU82ZPDLW06sKx0RloK9OjoNKv59wW3dmJ5nK09C9dsaNHIqBCxcCn2WqvUqo9IK
ChhToSNtLIzthYvTSbLQ7gE/qZ8fWgtAtMlIR/pIX20p0aZ0pNq8mkzPxJ3JMZyz
jv/R9VQI7OAYkGYiqBdprK6igQQWlFlUJaSC+BQFsEr7eNOAK83EweiHq+gvAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU+CJyiGoNUqBWSIq8Xsko8IxYCokwHwYDVR0j
BBgwFoAUCQ/95AtgKc1/4xpu20Z+GlOEseEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzUvMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1Mzg0QjFFMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC8wOTBGRkRFNDBCNjAyOUNEN0ZFMzFBNkVE
QjQ2N0UxQTUzODRCMUUxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kZTdkNTVmNy1lZTYwLTQwMDUtYmFkNy1iNDI4MThjZjUwZTgvNS8zMjYxMzAz
NzNhMzUzNDYzMzEzYTM0MzIzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEz
OTM5MzUzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdUwUIwDQYJKoZIhvcNAQELBQADggEBACRG
yeflfQdjTD9Pznwc71ckQfqECwRPI1AoLM5Fj2qhHmt0Pw76ECo07XmSWxqGb9/1
0+nHaNfEGD7oQ6xL88F8iyy8IMTFdtPR8wGsnGvXzdf5XjUsfHoEbn2rxQGzLrxX
d0hsgVd4NFGWiHlxFeUjR+WuC1dw3sJDDHAHdFrXBJTaJQGYRM/M+B67iTx3EEnz
2lwKP9bJFsLMdPOgxJDIUv7oPvP0RggjwK16stRsqnv4pLxFKo9topPnmV/j/DQv
Cl2nYV8XuWPHiPr8M0xpc2llTRteiycszdNoWqzDatD8A1ySirrTWn/zY9nMW/XW
WwhHmaxGUH3RI6E8XZk=
-----END CERTIFICATE-----