Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc615ebd-5c28-4334-8d2c-ec3158afdc8c/0/326130613a363034343a613531633a3a2f34362d3438203d3e20323135393536.roa
File:                     326130613a363034343a613531633a3a2f34362d3438203d3e20323135393536.roa (raw, json)
Hash identifier:          R6DMdqxKM0NGHLCukoZuI61XlGyFV5IlGm6WPX9M8/E=
Subject key identifier:   88:67:99:9C:23:92:80:5D:A3:C6:44:D2:96:EB:AB:4C:18:FE:18:2D
Certificate issuer:       /CN=D7D838DED871774D2E875C9CB99B810DC1B38301
Certificate serial:       1DDE3D9C52E0755D13AD109607B3DF39A3000EC5
Authority key identifier: D7:D8:38:DE:D8:71:77:4D:2E:87:5C:9C:B9:9B:81:0D:C1:B3:83:01
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/D7D838DED871774D2E875C9CB99B810DC1B38301.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc615ebd-5c28-4334-8d2c-ec3158afdc8c/0/326130613a363034343a613531633a3a2f34362d3438203d3e20323135393536.roa
Signing time:             Sun 28 Apr 2024 23:15:16 +0000
ROA not before:           Sun 28 Apr 2024 23:10:16 +0000
ROA not after:            Sun 27 Apr 2025 23:15:16 +0000
asID:                     215956
IP address blocks:        2a0a:6044:a51c::/46 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:de:3d:9c:52:e0:75:5d:13:ad:10:96:07:b3:df:39:a3:00:0e:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D7D838DED871774D2E875C9CB99B810DC1B38301
        Validity
            Not Before: Apr 28 23:10:16 2024 GMT
            Not After : Apr 27 23:15:16 2025 GMT
        Subject: CN=8867999C2392805DA3C644D296EBAB4C18FE182D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e4:06:b4:65:c1:c9:48:7a:89:7c:80:8b:b2:
                    ea:fb:d7:cc:ca:c9:e2:9b:d3:53:05:f2:1d:41:0b:
                    7c:ac:09:94:38:3f:75:df:01:d9:a1:46:4f:73:ba:
                    c5:51:85:d1:7a:41:95:a4:34:31:f0:83:0e:50:68:
                    ff:3a:3d:29:79:bb:83:d1:9d:09:10:f4:75:57:d1:
                    82:1f:2f:df:e8:46:8c:a5:85:ec:de:f8:d0:45:61:
                    79:b1:5b:96:c6:6f:76:3e:62:fe:e3:3e:a3:97:3d:
                    35:68:40:e2:8a:6c:10:10:31:38:8c:fd:1c:55:79:
                    50:00:6a:af:df:7e:ae:d1:8c:9d:9f:ea:75:40:dd:
                    f6:aa:af:00:8d:0f:cd:20:e2:b1:11:7a:b3:94:56:
                    73:46:ec:8d:d6:11:ad:ee:36:e8:03:89:cc:85:25:
                    f7:89:05:84:b4:d6:dc:45:ba:7a:19:fd:ac:39:7d:
                    d8:2e:b1:89:31:bd:e6:ee:7c:b1:ad:46:a6:f2:81:
                    85:0f:42:29:95:ee:1a:cd:58:93:59:ae:bd:c2:8c:
                    50:43:d7:4c:d0:8c:05:57:a8:fe:8c:b8:3d:f5:f8:
                    12:b2:00:5a:c5:3a:7d:2c:1a:2d:d1:c5:ef:05:cf:
                    27:dc:a9:66:7c:bd:ab:ab:ec:9c:e9:4f:6f:72:a8:
                    62:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:67:99:9C:23:92:80:5D:A3:C6:44:D2:96:EB:AB:4C:18:FE:18:2D
            X509v3 Authority Key Identifier:
                keyid:D7:D8:38:DE:D8:71:77:4D:2E:87:5C:9C:B9:9B:81:0D:C1:B3:83:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc615ebd-5c28-4334-8d2c-ec3158afdc8c/0/D7D838DED871774D2E875C9CB99B810DC1B38301.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/D7D838DED871774D2E875C9CB99B810DC1B38301.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc615ebd-5c28-4334-8d2c-ec3158afdc8c/0/326130613a363034343a613531633a3a2f34362d3438203d3e20323135393536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a51c::/46

    Signature Algorithm: sha256WithRSAEncryption
         62:59:28:16:1d:e2:eb:e6:8d:78:76:5a:de:a1:9e:47:35:33:
         86:ba:72:13:eb:c1:56:f4:a3:cd:db:aa:f9:f5:a3:20:f3:a9:
         3f:62:50:1e:11:c5:54:bf:c7:df:e8:54:ce:08:e1:f1:85:b1:
         bb:fa:e9:14:66:f9:9e:bc:3b:fb:8d:e3:da:92:fb:0c:4a:f2:
         86:54:64:7e:f5:3a:a4:51:db:9a:b5:55:6d:f1:72:76:c4:2d:
         a5:e6:ac:27:80:b3:9c:7e:9f:ed:91:15:8f:2f:e6:a7:07:95:
         a4:3b:2b:b0:fe:00:39:be:b9:9f:5f:09:14:b4:57:54:d2:86:
         e8:73:2b:ad:43:d1:87:74:56:19:1d:7f:e4:91:33:1b:39:80:
         9b:07:1c:df:f4:86:60:e9:a2:88:a9:ae:8f:51:3b:06:36:b6:
         33:11:1b:32:83:4c:8a:2d:12:50:35:3d:d3:e5:03:bc:a4:d8:
         44:86:e1:09:6b:02:82:dc:da:b2:16:09:56:02:34:fc:da:98:
         62:7a:f1:a6:3e:a8:4a:84:3d:e3:44:25:12:6d:fd:a2:95:5a:
         5a:c9:0a:62:53:fb:db:a2:cc:7f:59:b8:0f:c7:c1:b6:ff:e6:
         1a:97:01:e5:63:be:b5:3a:71:cd:22:b1:ee:fc:49:3b:3d:59:
         b8:eb:7a:42
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUHd49nFLgdV0TrRCWB7PfOaMADsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDdEODM4REVEODcxNzc0RDJFODc1QzlDQjk5QjgxMERD
MUIzODMwMTAeFw0yNDA0MjgyMzEwMTZaFw0yNTA0MjcyMzE1MTZaMDMxMTAvBgNV
BAMTKDg4Njc5OTlDMjM5MjgwNURBM0M2NDREMjk2RUJBQjRDMThGRTE4MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC05Aa0ZcHJSHqJfICLsur718zK
yeKb01MF8h1BC3ysCZQ4P3XfAdmhRk9zusVRhdF6QZWkNDHwgw5QaP86PSl5u4PR
nQkQ9HVX0YIfL9/oRoylheze+NBFYXmxW5bGb3Y+Yv7jPqOXPTVoQOKKbBAQMTiM
/RxVeVAAaq/ffq7RjJ2f6nVA3faqrwCND80g4rERerOUVnNG7I3WEa3uNugDicyF
JfeJBYS01txFunoZ/aw5fdgusYkxvebufLGtRqbygYUPQimV7hrNWJNZrr3CjFBD
10zQjAVXqP6MuD31+BKyAFrFOn0sGi3Rxe8FzyfcqWZ8vaur7JzpT29yqGJTAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUiGeZnCOSgF2jxkTSluurTBj+GC0wHwYDVR0j
BBgwFoAU19g43thxd00uh1ycuZuBDcGzgwEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmM2MTVlYmQtNWMyOC00MzM0LThkMmMtZWMzMTU4YWZk
YzhjLzAvRDdEODM4REVEODcxNzc0RDJFODc1QzlDQjk5QjgxMERDMUIzODMwMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC9EN0Q4MzhERUQ4NzE3NzREMkU4NzVDOUNC
OTlCODEwREMxQjM4MzAxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mYzYxNWViZC01YzI4LTQzMzQtOGQyYy1lYzMxNThhZmRjOGMvMC8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYxMzUzMTYzM2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzIz
MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcCKgpgRKUcMA0GCSqGSIb3DQEBCwUAA4IBAQBi
WSgWHeLr5o14dlreoZ5HNTOGunIT68FW9KPN26r59aMg86k/YlAeEcVUv8ff6FTO
COHxhbG7+ukUZvmevDv7jePakvsMSvKGVGR+9TqkUduatVVt8XJ2xC2l5qwngLOc
fp/tkRWPL+anB5WkOyuw/gA5vrmfXwkUtFdU0obocyutQ9GHdFYZHX/kkTMbOYCb
Bxzf9IZg6aKIqa6PUTsGNrYzERsyg0yKLRJQNT3T5QO8pNhEhuEJawKC3NqyFglW
AjT82phievGmPqhKhD3jRCUSbf2ilVpayQpiU/vbosx/WbgPx8G2/+YalwHlY761
OnHNIrHu/Ek7PVm463pC
-----END CERTIFICATE-----