Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
File:                     fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa (raw, json)
Hash identifier:          cBrgc0ZlCtbIqNXet8z+waYv6+bZyOoiM6/qpRr10CU=
Subject key identifier:   DF:01:53:22:3A:B6:3C:6C:6E:6A:1F:D3:10:2F:37:D7:BB:67:90:FE
Certificate issuer:       /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial:       6AC74763B1B213457D18D41582816A698459A824
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2a05:d07b:6000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:c7:47:63:b1:b2:13:45:7d:18:d4:15:82:81:6a:69:84:59:a8:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=4bb1d1973a9d64f5185eedde2fc220aea71d22aaa5ffd613aa61fa1ed8b448f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d4:b6:89:ab:21:50:25:d6:b6:39:80:21:61:
                    f1:10:78:c7:03:ca:12:30:7a:16:ee:0c:37:55:f3:
                    0d:63:d6:39:7f:b0:92:2b:e9:8e:7c:75:2d:2b:74:
                    1c:2e:49:8e:ab:05:4d:a7:f6:3f:6a:22:bf:2f:9c:
                    b0:60:5b:bd:fd:97:2f:e8:87:cf:89:09:11:7b:be:
                    19:60:58:fb:d0:cb:b4:0e:6f:b4:24:7b:e0:6f:08:
                    10:b6:5e:d5:25:72:76:13:29:c2:12:b4:71:7a:00:
                    46:94:94:24:f4:13:a4:af:2f:41:1e:2a:1c:f4:9a:
                    6c:43:9f:c5:46:89:b6:69:f4:2c:87:69:77:8b:44:
                    b0:78:1c:a2:6e:c7:63:59:48:ee:4b:5d:64:eb:92:
                    72:d0:75:db:c5:cf:26:aa:82:24:57:ae:0b:84:44:
                    7e:1e:bd:29:a0:cb:22:ed:e6:4e:aa:12:41:a0:b2:
                    a8:8a:85:e9:9a:e7:71:b4:fd:4e:6f:72:2b:91:52:
                    13:17:31:83:1d:ec:14:4f:13:56:49:0a:d5:be:b9:
                    c5:04:5f:ce:19:00:92:40:81:61:e9:1f:58:f2:1f:
                    f8:4b:2a:30:be:3b:11:a4:9a:1e:91:75:7a:be:1e:
                    b7:fb:4d:b6:01:50:ed:ad:0c:b2:3c:4b:66:17:e9:
                    ea:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:01:53:22:3A:B6:3C:6C:6E:6A:1F:D3:10:2F:37:D7:BB:67:90:FE
            X509v3 Authority Key Identifier:
                keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:d07b:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         43:e7:66:f9:a6:ce:44:56:23:ea:a9:75:9e:3d:cc:33:1f:4c:
         da:8c:59:7e:f6:b5:90:4f:c2:2c:96:4d:f3:58:ca:fa:01:43:
         d3:71:12:e4:74:99:89:83:05:e1:0f:ad:c9:08:12:b2:22:78:
         a6:1e:6b:4c:4b:3e:ad:41:e3:1b:5f:2d:3b:24:8d:30:98:df:
         7c:d9:c7:69:5b:74:0e:aa:68:f8:16:d0:ce:7d:d3:c9:cf:b2:
         dd:ae:54:27:c5:9c:01:ee:93:38:69:02:b4:36:18:fe:37:54:
         c4:d0:b8:ee:ea:89:73:1f:0d:24:ef:23:7b:58:f8:38:1f:b1:
         6d:8f:47:3f:90:a9:f2:5c:ab:9e:44:ea:54:af:0d:38:a5:39:
         3a:d6:5a:50:ea:75:35:ec:48:d9:62:86:95:dd:65:9c:e6:5c:
         02:30:f3:ad:91:48:0c:6d:51:ec:33:73:2a:51:fc:16:66:3d:
         ee:a9:8a:77:a4:17:88:7f:28:cc:90:36:1a:9a:2e:75:88:48:
         9e:34:b2:14:e5:a2:e6:d6:9f:ec:27:63:82:cc:2b:0f:03:24:
         ca:cb:2d:9b:e9:47:68:7d:c5:1a:1f:b9:29:75:23:0a:5e:60:
         77:19:60:af:b1:a5:4f:15:67:08:70:b8:24:84:26:13:bc:1e:
         e2:da:f2:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUasdHY7GyE0V9GNQVgoFqaYRZqCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjFkMTk3M2E5ZDY0ZjUxODVlZWRkZTJmYzIyMGFlYTcxZDIyYWFhNWZm
ZDYxM2FhNjFmYTFlZDhiNDQ4ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLUtomrIVAl1rY5gCFh8RB4xwPKEjB6Fu4MN1XzDWPWOX+wkivpjnx1LSt0
HC5JjqsFTaf2P2oivy+csGBbvf2XL+iHz4kJEXu+GWBY+9DLtA5vtCR74G8IELZe
1SVydhMpwhK0cXoARpSUJPQTpK8vQR4qHPSabEOfxUaJtmn0LIdpd4tEsHgcom7H
Y1lI7ktdZOuSctB128XPJqqCJFeuC4REfh69KaDLIu3mTqoSQaCyqIqF6ZrncbT9
Tm9yK5FSExcxgx3sFE8TVkkK1b65xQRfzhkAkkCBYekfWPIf+EsqML47EaSaHpF1
er4et/tNtgFQ7a0MsjxLZhfp6isCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfAVMi
OrY8bG5qH9MQLzfXu2eQ/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4YjFiMTktODg2OC00M2E0LThkODQtNGMwYjk5MjAyYTBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQBD52b5ps5EViPqqXWePcwzH0zajFl+9rWQT8Is
lk3zWMr6AUPTcRLkdJmJgwXhD63JCBKyInimHmtMSz6tQeMbXy07JI0wmN982cdp
W3QOqmj4FtDOfdPJz7LdrlQnxZwB7pM4aQK0Nhj+N1TE0Lju6olzHw0k7yN7WPg4
H7Ftj0c/kKnyXKueROpUrw04pTk61lpQ6nU17EjZYoaV3WWc5lwCMPOtkUgMbVHs
M3MqUfwWZj3uqYp3pBeIfyjMkDYami51iEieNLIU5aLm1p/sJ2OCzCsPAyTKyy2b
6UdofcUaH7kpdSMKXmB3GWCvsaVPFWcIcLgkhCYTvB7i2vIe
-----END CERTIFICATE-----
Generated at Fri May 2 18:46:51 2025 by rpki-client