Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fb30d3de-e574-4a23-a1bd-5f1fa05c53be/0/326130623a346530343a333333333a3a2f34382d3438203d3e20323135373531.roa
File:                     326130623a346530343a333333333a3a2f34382d3438203d3e20323135373531.roa (raw, json)
Hash identifier:          SlcnOZPP/T52hH+Qrtn5nNJpSlujjzE5H26YLWbyCY8=
Subject key identifier:   1C:C7:B9:18:89:3A:71:A9:BA:44:6C:91:7D:77:BF:08:84:C0:F7:1B
Certificate issuer:       /CN=fc59950e49df88985ab0727278320c684d2074be
Certificate serial:       7A8FB332B1891618B6F5A2184A23F887DDEB1729
Authority key identifier: FC:59:95:0E:49:DF:88:98:5A:B0:72:72:78:32:0C:68:4D:20:74:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_FmVDknfiJhasHJyeDIMaE0gdL4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fb30d3de-e574-4a23-a1bd-5f1fa05c53be/0/326130623a346530343a333333333a3a2f34382d3438203d3e20323135373531.roa
Signing time:             Sat 27 Apr 2024 15:41:51 +0000
ROA not before:           Sat 27 Apr 2024 15:36:51 +0000
ROA not after:            Sat 26 Apr 2025 15:41:51 +0000
asID:                     215751
IP address blocks:        2a0b:4e04:3333::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:8f:b3:32:b1:89:16:18:b6:f5:a2:18:4a:23:f8:87:dd:eb:17:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc59950e49df88985ab0727278320c684d2074be
        Validity
            Not Before: Apr 27 15:36:51 2024 GMT
            Not After : Apr 26 15:41:51 2025 GMT
        Subject: CN=1CC7B918893A71A9BA446C917D77BF0884C0F71B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:b7:e2:a6:f1:73:89:e5:84:6c:7d:74:9b:80:
                    a3:11:c5:c0:48:a7:ba:d4:31:6e:29:6c:4f:ec:97:
                    bd:46:41:17:69:56:bc:ed:6e:dc:f1:c1:40:11:31:
                    c4:a5:e3:26:03:29:e2:e4:4d:f6:9a:f4:48:d7:ef:
                    2f:46:0b:53:17:cb:8b:92:82:1a:71:21:64:0d:03:
                    ef:99:8d:b9:a0:24:29:1d:b7:61:ec:8c:4b:60:79:
                    ef:85:7a:37:7a:b6:89:a5:af:e0:38:d8:f2:a1:95:
                    d8:75:e9:42:fc:8a:1c:2f:ee:1a:e6:02:8d:c8:3e:
                    b2:97:ee:e7:45:d2:76:65:88:32:2f:f4:fa:6c:cc:
                    45:85:7f:78:70:4c:36:33:22:db:aa:d1:b9:82:9d:
                    a6:da:de:91:bf:ce:f1:10:a3:0b:38:b0:ff:9d:e9:
                    7b:b8:d3:d6:bd:1e:13:43:cf:a5:09:eb:89:10:c8:
                    ed:76:15:41:93:6a:ba:37:45:6d:44:5a:c9:3a:ee:
                    9f:7a:20:28:d7:05:76:ab:3f:6a:5b:10:e3:d4:4b:
                    d7:d4:c2:8f:50:b0:54:5a:27:3b:6c:d5:f0:d5:e9:
                    0c:48:c4:d8:94:58:80:26:ce:80:5e:ae:d1:91:d0:
                    92:f9:8b:d8:42:db:99:26:2c:2f:f3:34:96:35:f5:
                    bd:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C7:B9:18:89:3A:71:A9:BA:44:6C:91:7D:77:BF:08:84:C0:F7:1B
            X509v3 Authority Key Identifier:
                keyid:FC:59:95:0E:49:DF:88:98:5A:B0:72:72:78:32:0C:68:4D:20:74:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fb30d3de-e574-4a23-a1bd-5f1fa05c53be/0/FC59950E49DF88985AB0727278320C684D2074BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FmVDknfiJhasHJyeDIMaE0gdL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fb30d3de-e574-4a23-a1bd-5f1fa05c53be/0/326130623a346530343a333333333a3a2f34382d3438203d3e20323135373531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e04:3333::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:0c:bb:0a:72:91:78:65:7c:5a:24:9a:6e:3e:aa:49:a2:24:
         ed:df:6e:7c:73:fa:8d:69:d1:19:67:36:be:39:a1:c7:08:5b:
         26:fe:c9:40:56:22:42:69:da:d9:01:39:33:c0:e4:45:f2:a5:
         29:df:03:80:c6:31:93:b6:6d:d9:e0:bf:eb:bc:2a:2d:0e:67:
         cb:fe:b4:81:50:cc:1b:15:b7:03:80:78:f5:65:fe:c0:c1:64:
         50:66:dd:33:2d:8b:f1:2f:ff:c7:d6:42:ba:5f:f8:c0:c0:b8:
         73:d0:cc:1b:1a:f0:0c:99:c8:6e:52:eb:01:d6:7d:d7:7a:05:
         0a:d0:13:ec:fb:3f:84:b9:56:6f:9d:33:10:25:81:92:10:23:
         7d:10:7b:51:4f:8b:48:ad:a2:c7:65:20:10:f3:8c:02:e9:f7:
         2a:47:9c:1e:a1:29:0a:be:d5:9d:e5:e9:29:51:fe:16:cb:c4:
         ff:34:10:c7:2e:5a:16:18:33:e7:78:0c:60:5b:c3:f4:a7:86:
         3e:9c:15:f0:94:c2:8e:c6:b5:81:5f:38:0c:32:82:93:59:bf:
         e9:fc:f4:4d:6f:5e:f4:a4:fe:05:67:2d:e1:0b:dc:9e:f2:9d:
         89:78:53:5c:94:3b:80:52:e8:11:80:d2:95:26:03:a5:15:5a:
         55:90:5c:06
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUeo+zMrGJFhi29aIYSiP4h93rFykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmM1OTk1MGU0OWRmODg5ODVhYjA3MjcyNzgzMjBjNjg0
ZDIwNzRiZTAeFw0yNDA0MjcxNTM2NTFaFw0yNTA0MjYxNTQxNTFaMDMxMTAvBgNV
BAMTKDFDQzdCOTE4ODkzQTcxQTlCQTQ0NkM5MTdENzdCRjA4ODRDMEY3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxt+Km8XOJ5YRsfXSbgKMRxcBI
p7rUMW4pbE/sl71GQRdpVrztbtzxwUARMcSl4yYDKeLkTfaa9EjX7y9GC1MXy4uS
ghpxIWQNA++ZjbmgJCkdt2HsjEtgee+Fejd6tomlr+A42PKhldh16UL8ihwv7hrm
Ao3IPrKX7udF0nZliDIv9PpszEWFf3hwTDYzItuq0bmCnaba3pG/zvEQows4sP+d
6Xu409a9HhNDz6UJ64kQyO12FUGTaro3RW1EWsk67p96ICjXBXarP2pbEOPUS9fU
wo9QsFRaJzts1fDV6QxIxNiUWIAmzoBertGR0JL5i9hC25kmLC/zNJY19b0dAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUHMe5GIk6cam6RGyRfXe/CITA9xswHwYDVR0j
BBgwFoAU/FmVDknfiJhasHJyeDIMaE0gdL4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmIzMGQzZGUtZTU3NC00YTIzLWExYmQtNWYxZmEwNWM1
M2JlLzAvRkM1OTk1MEU0OURGODg5ODVBQjA3MjcyNzgzMjBDNjg0RDIwNzRCRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19GbVZEa25maUpoYXNISnllRElNYUUw
Z2RMNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmIzMGQzZGUt
ZTU3NC00YTIzLWExYmQtNWYxZmEwNWM1M2JlLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzMzMzMzMzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM3MzUzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoLTgQzMzANBgkqhkiG9w0BAQsFAAOCAQEAGwy7CnKReGV8WiSa
bj6qSaIk7d9ufHP6jWnRGWc2vjmhxwhbJv7JQFYiQmna2QE5M8DkRfKlKd8DgMYx
k7Zt2eC/67wqLQ5ny/60gVDMGxW3A4B49WX+wMFkUGbdMy2L8S//x9ZCul/4wMC4
c9DMGxrwDJnIblLrAdZ913oFCtAT7Ps/hLlWb50zECWBkhAjfRB7UU+LSK2ix2Ug
EPOMAun3KkecHqEpCr7VneXpKVH+FsvE/zQQxy5aFhgz53gMYFvD9KeGPpwV8JTC
jsa1gV84DDKCk1m/6fz0TW9e9KT+BWct4QvcnvKdiXhTXJQ7gFLoEYDSlSYDpRVa
VZBcBg==
-----END CERTIFICATE-----
Generated at Tue Jun 11 05:06:49 2024 by rpki-client on console-fra.rpki-client.org