Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14cf9082-2955-413b-a473-12f3b4acb6a6.roa
File:                     14cf9082-2955-413b-a473-12f3b4acb6a6.roa (raw, json)
Hash identifier:          DuUxGLZgV1Q7KZ2s13HKsg5uCPTfdp3dmDQieypGBm4=
Subject key identifier:   29:03:12:F9:C1:B9:91:14:B4:73:0B:35:D8:20:87:08:48:83:B8:F8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5DE331200ABDB866AD3656137E8518E0063D54B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14cf9082-2955-413b-a473-12f3b4acb6a6.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f24:c000::/36 maxlen: 36
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:e3:31:20:0a:bd:b8:66:ad:36:56:13:7e:85:18:e0:06:3d:54:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=92401faa1ff4d640c822bff038545f213cfaec455dfb5e840517dbf926ac73c9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f3:94:0a:ba:f9:e4:d0:10:9d:8f:ee:3c:e1:
                    ef:eb:e0:00:ab:1e:8c:0f:47:09:1d:07:94:1c:9d:
                    60:eb:8c:f9:62:60:c0:66:83:9b:23:7e:6f:9e:a0:
                    fb:40:53:14:f0:e2:10:bb:84:59:7c:93:b9:ca:7a:
                    6e:c4:ee:38:54:58:b8:76:3e:5a:19:92:93:9d:68:
                    85:4d:49:94:d0:e0:59:0e:9c:2f:ee:e8:86:07:e8:
                    ad:f2:19:fb:73:47:f3:7e:c3:61:f4:e0:65:48:cc:
                    88:aa:09:e7:34:94:01:cd:25:2d:bb:03:15:cc:1c:
                    d5:90:ab:f5:8a:27:49:13:f2:12:f7:56:98:c5:2e:
                    02:17:0e:d5:a4:f4:42:82:36:7c:d0:3a:87:9f:25:
                    63:11:79:7f:e5:cc:f8:cc:5f:e1:85:93:2b:ad:af:
                    04:ec:b6:64:09:85:4b:eb:05:dc:34:72:e5:ca:88:
                    0f:27:f4:6d:60:cd:17:7f:84:09:63:04:f7:22:57:
                    ec:f7:61:0c:e2:94:8b:c9:3c:4d:9c:49:92:0e:4a:
                    2d:58:73:65:78:49:a5:7d:11:a9:3a:33:62:a5:a4:
                    3d:95:a8:32:ec:bf:16:fb:b1:08:5b:5f:e2:d5:e9:
                    5e:d3:4e:56:0f:8a:1b:b3:85:20:53:a9:1b:6a:51:
                    df:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:03:12:F9:C1:B9:91:14:B4:73:0B:35:D8:20:87:08:48:83:B8:F8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14cf9082-2955-413b-a473-12f3b4acb6a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f24:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         55:5a:33:7e:60:19:e5:c0:c7:df:3c:d1:1f:3a:55:31:26:b9:
         8f:22:50:c6:c9:2c:ca:43:87:6a:db:c2:93:9c:eb:7e:55:95:
         0f:83:5c:51:a8:6e:0b:33:5f:25:b7:de:35:90:88:53:24:9a:
         97:80:63:a5:b6:01:7d:10:f1:58:ac:9b:74:e4:22:d0:4a:fe:
         55:78:3c:64:89:83:3f:8e:df:e1:e9:8a:f5:33:f1:82:2a:0a:
         db:bd:40:32:f6:3b:38:86:49:75:cb:73:be:47:54:7f:e4:f0:
         52:76:9a:d6:2e:17:b8:40:bb:84:78:fb:18:a2:d5:df:22:36:
         7a:9b:ec:ae:18:68:b6:5c:08:25:53:db:43:f7:e0:23:03:e0:
         81:3e:f1:bd:18:f1:37:f9:17:8a:9d:29:40:5b:7e:b8:53:6e:
         07:e8:e9:0c:e0:75:0b:af:07:3b:da:b5:fd:a0:41:6c:a9:16:
         bb:e4:83:90:89:f5:fe:7f:f6:44:f8:ce:d6:e0:1d:de:d5:ef:
         91:12:dc:86:e2:c5:b1:00:24:34:3f:ab:f3:e6:db:14:21:df:
         7b:a2:b5:b6:57:aa:8a:73:0c:5e:66:a7:97:51:f7:3b:1b:0c:
         07:1a:33:e6:e9:cc:6b:dc:1e:c4:32:bc:71:9d:47:1b:f5:97:
         91:65:9a:4b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXeMxIAq9uGatNlYTfoUY4AY9VLUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjQwMWZhYTFmZjRkNjQwYzgyMmJmZjAzODU0NWYyMTNj
ZmFlYzQ1NWRmYjVlODQwNTE3ZGJmOTI2YWM3M2M5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDS85QKuvnk0BCdj+484e/r4ACrHowPRwkdB5QcnWDrjPli
YMBmg5sjfm+eoPtAUxTw4hC7hFl8k7nKem7E7jhUWLh2PloZkpOdaIVNSZTQ4FkO
nC/u6IYH6K3yGftzR/N+w2H04GVIzIiqCec0lAHNJS27AxXMHNWQq/WKJ0kT8hL3
VpjFLgIXDtWk9EKCNnzQOoefJWMReX/lzPjMX+GFkyutrwTstmQJhUvrBdw0cuXK
iA8n9G1gzRd/hAljBPciV+z3YQzilIvJPE2cSZIOSi1Yc2V4SaV9Eak6M2KlpD2V
qDLsvxb7sQhbX+LV6V7TTlYPihuzhSBTqRtqUd9TAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUKQMS+cG5kRS0cws12CCHCEiDuPgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE0Y2Y5MDgyLTI5NTUtNDEzYi1hNDczLTEyZjNiNGFjYjZhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8kwDANBgkqhkiG9w0BAQsFAAOCAQEAVVozfmAZ5cDH3zzRHzpVMSa5
jyJQxsksykOHatvCk5zrflWVD4NcUahuCzNfJbfeNZCIUySal4BjpbYBfRDxWKyb
dOQi0Er+VXg8ZImDP47f4emK9TPxgioK271AMvY7OIZJdctzvkdUf+TwUnaa1i4X
uEC7hHj7GKLV3yI2epvsrhhotlwIJVPbQ/fgIwPggT7xvRjxN/kXip0pQFt+uFNu
B+jpDOB1C68HO9q1/aBBbKkWu+SDkIn1/n/2RPjO1uAd3tXvkRLchuLFsQAkND+r
8+bbFCHfe6K1tleqinMMXmanl1H3OxsMBxoz5unMa9wexDK8cZ1HG/WXkWWaSw==
-----END CERTIFICATE-----