Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343236313a3a2f34382d3438203d3e203436373636.roa
File:                     326130373a353463313a343236313a3a2f34382d3438203d3e203436373636.roa (raw, json)
Hash identifier:          JTZ2kGdERi3x7YRf0uNux1d/BSMy9hym6sHhRS3lDNw=
Subject key identifier:   47:27:7B:81:DF:80:5D:3C:94:E1:45:43:22:2F:9E:44:B7:F2:5F:FE
Certificate issuer:       /CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
Certificate serial:       4410568F285705EFD12A105740C938B8203D21CD
Authority key identifier: 09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1
Authority info access:    rsync://rpki.zappiehost.com/repo/NORTHLAYER_UID_13864/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343236313a3a2f34382d3438203d3e203436373636.roa
Signing time:             Thu 18 Apr 2024 23:23:04 +0000
ROA not before:           Thu 18 Apr 2024 23:18:04 +0000
ROA not after:            Thu 17 Apr 2025 23:23:04 +0000
asID:                     46766
IP address blocks:        2a07:54c1:4261::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:10:56:8f:28:57:05:ef:d1:2a:10:57:40:c9:38:b8:20:3d:21:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1
        Validity
            Not Before: Apr 18 23:18:04 2024 GMT
            Not After : Apr 17 23:23:04 2025 GMT
        Subject: CN=47277B81DF805D3C94E14543222F9E44B7F25FFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:41:13:aa:77:9c:b8:f0:bd:86:67:ae:31:95:
                    e8:23:c8:1d:fd:79:be:57:17:1c:f0:0f:5e:ee:89:
                    75:c0:d5:47:72:80:e5:2b:81:ec:a3:bf:7d:02:fb:
                    50:f0:4d:bc:01:08:be:08:2c:11:e9:6c:97:57:26:
                    ec:ee:3f:a7:ec:3e:da:5b:01:4d:aa:b0:5b:af:4c:
                    a0:59:49:2a:37:74:e2:00:ef:7f:4b:87:e5:80:fb:
                    28:e7:11:5f:89:68:30:3a:86:76:85:e4:56:b5:37:
                    7c:df:58:57:18:b6:20:e2:a4:a1:fa:ca:b1:19:fb:
                    8a:58:47:39:6e:b3:8f:82:8e:bb:ef:07:c7:ba:da:
                    e1:62:da:1d:ae:99:cd:20:a0:37:33:74:98:b5:1c:
                    6e:8e:6a:8d:dd:1a:10:c7:a7:de:ab:77:29:8c:7a:
                    83:1b:8b:5d:2f:7a:5f:7d:3b:3d:f8:dc:16:88:59:
                    95:2a:7f:22:d2:b5:35:f5:78:eb:88:cc:b3:e8:25:
                    69:47:2b:b4:aa:d9:40:23:5c:62:43:83:7e:1c:6f:
                    64:74:c2:da:c4:ae:3a:12:4b:87:db:71:fe:0c:4e:
                    ec:f4:73:e3:e9:95:36:21:d0:cb:70:bc:71:cf:cb:
                    01:4b:b9:87:24:ee:b1:bf:06:67:a3:30:ab:9e:f2:
                    7f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:27:7B:81:DF:80:5D:3C:94:E1:45:43:22:2F:9E:44:B7:F2:5F:FE
            X509v3 Authority Key Identifier:
                keyid:09:0F:FD:E4:0B:60:29:CD:7F:E3:1A:6E:DB:46:7E:1A:53:84:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.zappiehost.com/repo/NORTHLAYER_UID_13864/0/090FFDE40B6029CD7FE31A6EDB467E1A5384B1E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/5/326130373a353463313a343236313a3a2f34382d3438203d3e203436373636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c1:4261::/48

    Signature Algorithm: sha256WithRSAEncryption
         18:72:71:9f:a8:42:07:39:0b:59:96:8e:3c:93:29:d2:d5:11:
         69:9e:63:99:0b:ee:ca:da:2e:c1:2f:20:0e:ed:6e:93:23:ab:
         77:3f:8b:03:e3:43:1a:c1:72:72:a1:8a:95:41:63:54:52:07:
         a9:8a:d0:f5:49:b7:6c:43:ef:fe:6a:ab:cc:86:1f:eb:64:57:
         f5:8f:d5:8e:a9:be:5a:75:f9:3f:67:53:d6:1b:21:b2:be:e7:
         0e:d6:51:d0:d0:f3:09:7c:36:1d:e2:07:c9:e2:ed:63:f1:e4:
         6a:2d:e8:10:63:8e:a3:90:b9:c1:12:06:09:cd:a8:13:4f:a0:
         43:c4:20:7e:04:de:97:3a:c0:bb:41:b3:0a:34:65:94:38:96:
         44:82:3c:14:4d:c8:13:2e:7f:32:3d:b5:ec:9c:81:a1:14:4c:
         1f:bf:31:22:88:20:4b:7d:3c:44:6a:26:3c:08:90:57:43:de:
         a3:42:12:08:b2:41:a2:df:46:b6:7d:7f:87:3c:a0:74:a5:b2:
         fe:ad:5f:83:c6:ff:44:0d:33:41:37:d4:93:e0:3e:9c:51:39:
         08:25:7e:d2:e2:2b:21:44:a6:20:c0:a4:08:e9:35:16:48:55:
         8d:91:0c:a0:8e:1d:e2:3d:0b:05:b2:80:67:19:d6:8f:bb:2b:
         66:5a:ab:05
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIURBBWjyhXBe/RKhBXQMk4uCA9Ic0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1
Mzg0QjFFMTAeFw0yNDA0MTgyMzE4MDRaFw0yNTA0MTcyMzIzMDRaMDMxMTAvBgNV
BAMTKDQ3Mjc3QjgxREY4MDVEM0M5NEUxNDU0MzIyMkY5RTQ0QjdGMjVGRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvQROqd5y48L2GZ64xlegjyB39
eb5XFxzwD17uiXXA1UdygOUrgeyjv30C+1DwTbwBCL4ILBHpbJdXJuzuP6fsPtpb
AU2qsFuvTKBZSSo3dOIA739Lh+WA+yjnEV+JaDA6hnaF5Fa1N3zfWFcYtiDipKH6
yrEZ+4pYRzlus4+CjrvvB8e62uFi2h2umc0goDczdJi1HG6Oao3dGhDHp96rdymM
eoMbi10vel99Oz343BaIWZUqfyLStTX1eOuIzLPoJWlHK7Sq2UAjXGJDg34cb2R0
wtrErjoSS4fbcf4MTuz0c+PplTYh0MtwvHHPywFLuYck7rG/BmejMKue8n8XAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQURyd7gd+AXTyU4UVDIi+eRLfyX/4wHwYDVR0j
BBgwFoAUCQ/95AtgKc1/4xpu20Z+GlOEseEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzUvMDkwRkZERTQwQjYwMjlDRDdGRTMxQTZFREI0NjdFMUE1Mzg0QjFFMS5j
cmwwgYAGCCsGAQUFBwEBBHQwcjBwBggrBgEFBQcwAoZkcnN5bmM6Ly9ycGtpLnph
cHBpZWhvc3QuY29tL3JlcG8vTk9SVEhMQVlFUl9VSURfMTM4NjQvMC8wOTBGRkRF
NDBCNjAyOUNEN0ZFMzFBNkVEQjQ2N0UxQTUzODRCMUUxLmNlcjCBtQYIKwYBBQUH
AQsEgagwgaUwgaIGCCsGAQUFBzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9kZTdkNTVmNy1lZTYwLTQwMDUtYmFkNy1iNDI4
MThjZjUwZTgvNS8zMjYxMzAzNzNhMzUzNDYzMzEzYTM0MzIzNjMxM2EzYTJmMzQz
ODJkMzQzODIwM2QzZTIwMzQzNjM3MzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoHVMFCYTANBgkq
hkiG9w0BAQsFAAOCAQEAGHJxn6hCBzkLWZaOPJMp0tURaZ5jmQvuytouwS8gDu1u
kyOrdz+LA+NDGsFycqGKlUFjVFIHqYrQ9Um3bEPv/mqrzIYf62RX9Y/Vjqm+WnX5
P2dT1hshsr7nDtZR0NDzCXw2HeIHyeLtY/Hkai3oEGOOo5C5wRIGCc2oE0+gQ8Qg
fgTelzrAu0GzCjRllDiWRII8FE3IEy5/Mj217JyBoRRMH78xIoggS308RGomPAiQ
V0Peo0ISCLJBot9Gtn1/hzygdKWy/q1fg8b/RA0zQTfUk+A+nFE5CCV+0uIrIUSm
IMCkCOk1FkhVjZEMoI4d4j0LBbKAZxnWj7srZlqrBQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:52 2024 by rpki-client on console-fra.rpki-client.org