Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fecbc404-ac43-449b-8c7e-8f1e99d9ac49/2/326130613a363034343a376530303a3a2f34302d3438203d3e20323134343836.roa
File:                     326130613a363034343a376530303a3a2f34302d3438203d3e20323134343836.roa (raw, json)
Hash identifier:          GViZfHMCVcNIucTv4+7C3lATwPTkTgeprUKS+i8yn+k=
Subject key identifier:   33:F3:54:7C:E4:95:45:F5:9C:88:A2:BE:43:A7:9D:31:64:A9:29:2F
Certificate issuer:       /CN=27E0DB0E84DF3DBAF7755243E114FDBDA524FFD4
Certificate serial:       48BEA843D008CD800D2E24026EE5AAD6005D9677
Authority key identifier: 27:E0:DB:0E:84:DF:3D:BA:F7:75:52:43:E1:14:FD:BD:A5:24:FF:D4
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/27E0DB0E84DF3DBAF7755243E114FDBDA524FFD4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fecbc404-ac43-449b-8c7e-8f1e99d9ac49/2/326130613a363034343a376530303a3a2f34302d3438203d3e20323134343836.roa
Signing time:             Thu 16 Jan 2025 20:39:42 +0000
ROA not before:           Thu 16 Jan 2025 20:34:42 +0000
ROA not after:            Thu 15 Jan 2026 20:39:42 +0000
asID:                     214486
IP address blocks:        2a0a:6044:7e00::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:be:a8:43:d0:08:cd:80:0d:2e:24:02:6e:e5:aa:d6:00:5d:96:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27E0DB0E84DF3DBAF7755243E114FDBDA524FFD4
        Validity
            Not Before: Jan 16 20:34:42 2025 GMT
            Not After : Jan 15 20:39:42 2026 GMT
        Subject: CN=33F3547CE49545F59C88A2BE43A79D3164A9292F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:25:33:a6:4e:0a:db:5e:d8:e7:9e:cc:82:2e:
                    f2:65:ef:9e:bf:70:d6:70:14:2a:11:01:de:70:aa:
                    6b:90:f3:4b:4d:63:ff:e5:f3:67:31:ef:d0:87:de:
                    7a:f5:5b:b6:b6:e7:ba:04:f5:a9:f5:78:d3:16:7c:
                    b6:1c:76:e2:1e:a4:a7:63:36:1e:8e:d5:f2:b0:bc:
                    40:fc:b9:26:04:e9:cd:ad:c0:25:cf:7a:d7:59:6a:
                    6f:1a:85:c9:de:6e:f7:8b:bf:a0:ef:bf:ff:71:3b:
                    c9:d3:a8:83:69:19:c2:ea:c3:a1:2b:d2:89:67:7c:
                    fc:36:ad:fc:ac:65:b7:36:44:c9:aa:eb:01:88:3f:
                    5a:d1:1d:7b:70:ae:1f:28:ff:75:bf:57:7a:1b:1e:
                    15:1b:3c:b7:3c:d2:3d:cc:45:1c:39:d8:7b:1b:34:
                    ea:c7:9b:64:fb:4f:90:fa:03:90:c4:19:35:85:41:
                    db:ec:39:71:2b:40:ec:42:e6:f4:f2:b7:59:4d:1a:
                    35:03:51:0f:42:bd:5e:07:bd:9f:ec:8f:a3:14:c4:
                    fe:72:2d:28:e3:49:50:1e:e2:03:d4:0c:14:0c:9a:
                    33:e3:ae:3b:02:8c:20:56:53:70:0b:eb:49:3c:04:
                    91:28:54:79:56:b3:1c:8b:e9:38:ff:fc:6a:f8:f3:
                    f9:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F3:54:7C:E4:95:45:F5:9C:88:A2:BE:43:A7:9D:31:64:A9:29:2F
            X509v3 Authority Key Identifier:
                keyid:27:E0:DB:0E:84:DF:3D:BA:F7:75:52:43:E1:14:FD:BD:A5:24:FF:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fecbc404-ac43-449b-8c7e-8f1e99d9ac49/2/27E0DB0E84DF3DBAF7755243E114FDBDA524FFD4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/27E0DB0E84DF3DBAF7755243E114FDBDA524FFD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fecbc404-ac43-449b-8c7e-8f1e99d9ac49/2/326130613a363034343a376530303a3a2f34302d3438203d3e20323134343836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:7e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         85:18:c9:32:a2:a9:96:78:55:a6:9e:b2:1e:82:53:67:5d:bc:
         de:51:0c:ac:83:2b:d1:56:3b:e8:21:f7:b7:70:d1:22:bb:2f:
         3c:eb:a3:6b:cf:b3:20:ab:1c:ae:d5:fa:3e:ab:df:c1:8c:90:
         4e:f5:cb:6a:24:29:e6:77:f3:bc:58:fe:a2:0f:ef:8a:82:af:
         63:03:6e:7c:c2:2f:e7:59:8a:57:92:f7:24:9f:bf:ad:75:00:
         0f:15:e2:7e:3c:9c:bb:21:f6:f0:7d:08:a8:d8:e5:b2:e3:ee:
         bf:4f:e6:29:43:82:2b:08:86:3d:66:dc:63:e8:dc:b1:4e:0a:
         fe:cb:be:60:88:c0:73:3f:c5:02:56:87:f2:77:63:e1:78:c6:
         c6:33:cc:1b:d3:38:6e:d0:53:05:35:3c:df:06:27:10:4e:a4:
         5a:16:f9:d1:f7:91:86:d1:5f:b3:34:32:e6:35:fc:7c:d1:7d:
         ba:53:48:f2:db:ce:66:a5:45:d0:dd:6e:ed:a3:a2:46:6c:36:
         0b:91:90:9f:17:0f:0a:44:78:bb:0f:40:25:92:c1:a1:4d:96:
         4d:1a:ab:55:5f:dc:1d:55:1f:60:aa:19:8a:4a:08:a0:7f:06:
         a8:c5:5c:fe:43:9a:20:9a:ce:4e:68:cb:36:8a:2a:4d:7b:91:
         38:9c:4b:58
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUSL6oQ9AIzYANLiQCbuWq1gBdlncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjdFMERCMEU4NERGM0RCQUY3NzU1MjQzRTExNEZEQkRB
NTI0RkZENDAeFw0yNTAxMTYyMDM0NDJaFw0yNjAxMTUyMDM5NDJaMDMxMTAvBgNV
BAMTKDMzRjM1NDdDRTQ5NTQ1RjU5Qzg4QTJCRTQzQTc5RDMxNjRBOTI5MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdJTOmTgrbXtjnnsyCLvJl756/
cNZwFCoRAd5wqmuQ80tNY//l82cx79CH3nr1W7a257oE9an1eNMWfLYcduIepKdj
Nh6O1fKwvED8uSYE6c2twCXPetdZam8ahcnebveLv6Dvv/9xO8nTqINpGcLqw6Er
0olnfPw2rfysZbc2RMmq6wGIP1rRHXtwrh8o/3W/V3obHhUbPLc80j3MRRw52Hsb
NOrHm2T7T5D6A5DEGTWFQdvsOXErQOxC5vTyt1lNGjUDUQ9CvV4HvZ/sj6MUxP5y
LSjjSVAe4gPUDBQMmjPjrjsCjCBWU3AL60k8BJEoVHlWsxyL6Tj//Gr48/nTAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUM/NUfOSVRfWciKK+Q6edMWSpKS8wHwYDVR0j
BBgwFoAUJ+DbDoTfPbr3dVJD4RT9vaUk/9QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmVjYmM0MDQtYWM0My00NDliLThjN2UtOGYxZTk5ZDlh
YzQ5LzIvMjdFMERCMEU4NERGM0RCQUY3NzU1MjQzRTExNEZEQkRBNTI0RkZENC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC8yN0UwREIwRTg0REYzREJBRjc3NTUyNDNF
MTE0RkRCREE1MjRGRkQ0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mZWNiYzQwNC1hYzQzLTQ0OWItOGM3ZS04ZjFlOTlkOWFjNDkvMi8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM3NjUzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz
MTM0MzQzODM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgRH4wDQYJKoZIhvcNAQELBQADggEBAIUY
yTKiqZZ4Vaaesh6CU2ddvN5RDKyDK9FWO+gh97dw0SK7Lzzro2vPsyCrHK7V+j6r
38GMkE71y2okKeZ387xY/qIP74qCr2MDbnzCL+dZileS9ySfv611AA8V4n48nLsh
9vB9CKjY5bLj7r9P5ilDgisIhj1m3GPo3LFOCv7LvmCIwHM/xQJWh/J3Y+F4xsYz
zBvTOG7QUwU1PN8GJxBOpFoW+dH3kYbRX7M0MuY1/HzRfbpTSPLbzmalRdDdbu2j
okZsNguRkJ8XDwpEeLsPQCWSwaFNlk0aq1Vf3B1VH2CqGYpKCKB/BqjFXP5DmiCa
zk5oyzaKKk17kTicS1g=
-----END CERTIFICATE-----