Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343234323a3a2f34382d3438203d3e20313939353138.roa
File:                     326130373a353463313a343234323a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          QnZhS/jyMu2GcYAJct7dnCIK9fFoWaGlnE/9lHFVCZk=
Subject key identifier:   6F:7A:E2:AC:2A:CA:CE:3E:F8:D7:A7:70:3D:1E:95:1E:12:6E:BA:8A
Certificate issuer:       /CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
Certificate serial:       226C47A6AA4C80C8EE0FFF5B17212B2E2C84B119
Authority key identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343234323a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Mon 28 Oct 2024 20:02:57 +0000
ROA not before:           Mon 28 Oct 2024 19:57:57 +0000
ROA not after:            Mon 27 Oct 2025 20:02:57 +0000
asID:                     199518
IP address blocks:        2a07:54c1:4242::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:6c:47:a6:aa:4c:80:c8:ee:0f:ff:5b:17:21:2b:2e:2c:84:b1:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
        Validity
            Not Before: Oct 28 19:57:57 2024 GMT
            Not After : Oct 27 20:02:57 2025 GMT
        Subject: CN=6F7AE2AC2ACACE3EF8D7A7703D1E951E126EBA8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a4:ff:ac:c1:db:47:9a:12:a3:2e:b2:87:c6:
                    26:9d:62:e5:e9:d7:37:d9:a1:a8:e9:f6:4a:be:3c:
                    79:a6:7d:e9:1d:65:93:3a:df:92:6a:eb:c7:27:9c:
                    31:15:67:cd:ed:79:02:11:5a:be:bc:20:47:59:f6:
                    b1:5c:58:88:51:b8:30:0f:d8:1d:90:0f:53:6d:ab:
                    6a:f5:bf:8d:45:03:02:a1:4e:b7:1b:91:7b:93:bc:
                    6b:0e:c7:45:c4:8f:c5:12:10:77:37:b7:7e:e4:7b:
                    88:03:88:eb:7f:13:50:b8:8f:c6:07:a5:dc:28:ed:
                    d8:f3:a2:11:b0:5f:56:64:2d:32:10:77:51:b8:ce:
                    05:60:57:ef:7c:ec:b6:a7:d4:bc:63:18:1d:44:23:
                    41:dd:e8:3d:da:e3:a3:46:a2:6f:d5:0c:f1:03:82:
                    be:23:03:bc:78:1e:42:ce:2c:0f:a0:5f:22:10:bb:
                    f9:6f:8b:ac:96:45:34:07:04:31:99:0d:da:c1:d6:
                    f0:86:48:6e:84:fa:ab:0b:ba:a3:f7:8d:04:b6:a5:
                    09:73:90:31:6e:25:cd:fc:0e:90:52:cd:aa:63:c0:
                    39:e7:ef:4e:a0:a4:1c:3d:63:99:4c:d4:c6:40:8d:
                    00:25:37:9d:bf:54:83:66:12:49:4f:5f:1e:2c:f1:
                    c8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:7A:E2:AC:2A:CA:CE:3E:F8:D7:A7:70:3D:1E:95:1E:12:6E:BA:8A
            X509v3 Authority Key Identifier:
                keyid:09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343234323a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c1:4242::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:02:89:65:5e:7e:1d:7f:64:14:52:2d:a6:f6:51:f4:9a:b9:
         60:b6:95:f1:17:81:22:a4:db:fa:54:71:b1:0a:f2:ec:7b:b9:
         bf:3c:7c:79:07:cc:c6:d8:97:73:d9:f6:62:f6:d4:61:19:b5:
         3b:97:74:ed:b3:cb:90:b0:43:73:8b:b8:3e:08:5c:f9:d4:7e:
         52:65:8a:72:5a:71:19:78:06:db:54:df:af:7b:7b:b1:a8:82:
         40:74:90:43:48:8f:f1:ce:bc:cb:fc:bb:a2:1a:34:7a:00:e4:
         9a:06:7f:c7:0a:9c:dc:0e:16:b8:9c:d2:90:4a:b9:99:f1:86:
         a9:01:c3:39:a1:dc:1c:c0:53:df:9d:e1:66:c0:cd:60:35:2b:
         71:b6:c3:a9:ab:f8:38:35:d8:24:17:0b:fe:ff:ef:e2:2c:fc:
         0e:95:be:e1:7e:3b:01:49:86:c9:b8:46:bd:6a:10:2d:43:e0:
         e5:c3:11:8a:2c:52:19:06:be:4f:a5:34:21:5d:97:35:3a:0b:
         76:09:2e:90:63:c1:5e:e9:fa:61:84:37:16:f3:cb:2f:13:81:
         d2:44:e4:64:cf:d3:e4:77:c6:96:d5:f4:dc:3a:37:81:5d:0c:
         84:87:82:ea:92:96:6d:06:5d:b7:c5:12:96:ed:6f:ee:df:9d:
         a9:b6:b7:62
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUImxHpqpMgMjuD/9bFyErLiyEsRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1
Mzg0QjFFMTAeFw0yNDEwMjgxOTU3NTdaFw0yNTEwMjcyMDAyNTdaMDMxMTAvBgNV
BAMTKDZGN0FFMkFDMkFDQUNFM0VGOEQ3QTc3MDNEMUU5NTFFMTI2RUJBOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOpP+swdtHmhKjLrKHxiadYuXp
1zfZoajp9kq+PHmmfekdZZM635Jq68cnnDEVZ83teQIRWr68IEdZ9rFcWIhRuDAP
2B2QD1Ntq2r1v41FAwKhTrcbkXuTvGsOx0XEj8USEHc3t37ke4gDiOt/E1C4j8YH
pdwo7djzohGwX1ZkLTIQd1G4zgVgV+987Lan1LxjGB1EI0Hd6D3a46NGom/VDPED
gr4jA7x4HkLOLA+gXyIQu/lvi6yWRTQHBDGZDdrB1vCGSG6E+qsLuqP3jQS2pQlz
kDFuJc38DpBSzapjwDnn706gpBw9Y5lM1MZAjQAlN52/VINmEklPXx4s8ch3AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUb3rirCrKzj7416dwPR6VHhJuuoowHwYDVR0j
BBgwFoAUCQ/95AtgKc1/4xpu20Z+GlOEseEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzUvMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1Mzg0QjFFMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC8wOTBGRkRFNDBCNjAyOUNEN0ZFMzFBNkVE
QjQ2N0UxQTUzODRCMUUxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kZTdkNTVmNy1lZTYwLTQwMDUtYmFkNy1iNDI4MThjZjUwZTgvNS8zMjYxMzAz
NzNhMzUzNDYzMzEzYTM0MzIzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
OTM5MzUzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgdUwUJCMA0GCSqGSIb3DQEBCwUAA4IBAQCW
AollXn4df2QUUi2m9lH0mrlgtpXxF4EipNv6VHGxCvLse7m/PHx5B8zG2Jdz2fZi
9tRhGbU7l3Tts8uQsENzi7g+CFz51H5SZYpyWnEZeAbbVN+ve3uxqIJAdJBDSI/x
zrzL/LuiGjR6AOSaBn/HCpzcDha4nNKQSrmZ8YapAcM5odwcwFPfneFmwM1gNStx
tsOpq/g4NdgkFwv+/+/iLPwOlb7hfjsBSYbJuEa9ahAtQ+DlwxGKLFIZBr5PpTQh
XZc1Ogt2CS6QY8Fe6fphhDcW88svE4HSRORkz9Pkd8aW1fTcOjeBXQyEh4LqkpZt
Bl23xRKW7W/u352ptrdi
-----END CERTIFICATE-----