Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa
File:                     21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa (raw, json)
Hash identifier:          xTGMsdkzPf1IQ2eIJ8/z/dnTDEpqJUKjDL88yOJAZVQ=
Subject key identifier:   09:1D:2F:8D:DE:41:9E:EA:6A:45:4C:62:A6:A6:79:CB:6D:12:3C:A2
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       04CBC930B52D887071BCFE74D737878F4B15B9CC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:f0c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:cb:c9:30:b5:2d:88:70:71:bc:fe:74:d7:37:87:8f:4b:15:b9:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=18ef807f6d7bd71c64a967afda11419634e80466ab76c780fc3bcb6ae4cc0f30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:21:a9:6a:bb:de:8f:41:a6:30:c1:af:d3:d3:
                    df:61:7c:04:ce:e9:47:e5:9a:3b:10:23:61:50:2a:
                    30:48:20:54:07:c2:ca:a3:59:16:b9:fc:f6:74:9b:
                    9d:4a:81:03:20:2f:89:c7:07:8c:26:2f:58:a6:e6:
                    a2:37:90:44:d5:26:6b:8b:33:cf:0d:21:63:68:1b:
                    c3:07:c0:e2:c9:42:2f:c2:57:27:2d:77:3f:9a:19:
                    60:ad:03:7a:90:25:12:93:be:3e:5c:ab:98:23:b1:
                    a1:3e:34:ea:4e:3b:30:a7:8b:b0:55:68:1c:99:66:
                    9a:12:15:e6:ab:11:c9:16:9b:62:82:21:0c:ab:d5:
                    38:d7:c3:9b:57:66:41:77:6f:f2:99:95:4a:84:19:
                    a1:10:b7:30:90:73:b5:cb:dd:af:09:de:4d:a0:77:
                    d3:77:c3:0b:60:ce:54:ad:ca:73:0c:1b:86:4e:de:
                    0b:96:43:93:7c:a3:4f:1e:3b:b5:0e:e7:b5:80:e0:
                    02:1a:e5:ad:2b:7f:75:60:0c:90:26:e2:63:f8:8d:
                    3a:1f:93:86:62:ad:8e:df:14:08:45:e2:a2:1c:d2:
                    55:ce:77:b2:93:e6:17:da:f6:c8:f4:e8:3e:1e:12:
                    ad:4e:9b:71:ec:4b:e2:10:0a:42:fc:ab:73:82:2e:
                    6b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:1D:2F:8D:DE:41:9E:EA:6A:45:4C:62:A6:A6:79:CB:6D:12:3C:A2
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:f0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         a5:d4:41:17:c7:69:89:6f:69:1b:5a:6c:f2:74:12:a4:73:2e:
         d3:2a:ff:52:28:ae:e9:0e:38:fc:0e:14:f1:ce:b9:8f:2e:1f:
         aa:2f:f7:89:8e:a7:eb:e8:79:15:1f:42:78:07:1c:3c:fd:72:
         13:d7:b2:73:ff:da:06:10:d0:df:db:b2:16:05:21:23:af:47:
         40:f7:79:94:59:55:ca:ad:8a:1e:cc:ea:f9:ac:44:b2:26:6f:
         b5:ea:72:7e:30:e9:cd:2e:38:2e:59:e8:cd:74:19:da:28:84:
         85:ce:63:76:aa:40:81:ed:23:b2:ce:65:b8:3a:55:9c:75:c2:
         15:fa:b9:26:6b:ae:95:46:67:3f:99:73:01:9e:54:b2:2b:de:
         ee:18:ed:98:aa:c2:23:c8:5f:69:2f:50:eb:c4:54:1a:23:5e:
         76:e7:49:4c:6e:31:6f:ae:81:78:63:b5:31:09:20:81:6e:e7:
         9a:63:40:81:ef:3b:63:6d:1f:7b:95:75:68:c6:d1:f7:85:39:
         4c:00:40:74:1a:a9:3b:ac:b5:31:d1:fe:a2:1f:99:a5:7f:72:
         0a:eb:1c:cb:72:4f:0c:8f:e6:b0:7a:d3:e6:38:cc:f9:cc:31:
         64:3d:1a:e9:21:78:25:6d:27:fa:bc:30:19:31:ee:21:49:22:
         1e:a1:8b:a2
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUBMvJMLUtiHBxvP501zeHj0sVucwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMThlZjgwN2Y2ZDdiZDcxYzY0YTk2
N2FmZGExMTQxOTYzNGU4MDQ2NmFiNzZjNzgwZmMzYmNiNmFlNGNjMGYzMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCGparvej0GmMMGv09PfYXwEzulH
5Zo7ECNhUCowSCBUB8LKo1kWufz2dJudSoEDIC+JxweMJi9YpuaiN5BE1SZrizPP
DSFjaBvDB8DiyUIvwlcnLXc/mhlgrQN6kCUSk74+XKuYI7GhPjTqTjswp4uwVWgc
mWaaEhXmqxHJFptigiEMq9U418ObV2ZBd2/ymZVKhBmhELcwkHO1y92vCd5NoHfT
d8MLYM5UrcpzDBuGTt4LlkOTfKNPHju1Due1gOACGuWtK391YAyQJuJj+I06H5OG
Yq2O3xQIReKiHNJVzneyk+YX2vbI9Og+HhKtTptx7EviEApC/Ktzgi5rBQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAkdL43eQZ7qakVMYqamecttEjyiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzIxYzA4YzVkLTBlZjYtNGFhZS1iNDEwLWJmZjJiN2RjNGQ5NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9/DAMA0GCSqGSIb3DQEBCwUAA4IBAQCl1EEXx2mJb2kbWmzy
dBKkcy7TKv9SKK7pDjj8DhTxzrmPLh+qL/eJjqfr6HkVH0J4Bxw8/XIT17Jz/9oG
ENDf27IWBSEjr0dA93mUWVXKrYoezOr5rESyJm+16nJ+MOnNLjguWejNdBnaKISF
zmN2qkCB7SOyzmW4OlWcdcIV+rkma66VRmc/mXMBnlSyK97uGO2YqsIjyF9pL1Dr
xFQaI15250lMbjFvroF4Y7UxCSCBbueaY0CB7ztjbR97lXVoxtH3hTlMAEB0Gqk7
rLUx0f6iH5mlf3IK6xzLck8Mj+awetPmOMz5zDFkPRrpIXglbSf6vDAZMe4hSSIe
oYui
-----END CERTIFICATE-----
Generated at Fri May 9 13:30:06 2025 by rpki-client