Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22478e61-69b1-43c8-9d97-aedb4afd8d04.roa
File:                     22478e61-69b1-43c8-9d97-aedb4afd8d04.roa (raw, json)
Hash identifier:          5BpwipP5pwgYkVI+VbaH1x+59WoYfD4rgj17zIMQBm4=
Subject key identifier:   CE:A2:D6:4C:87:D2:19:E1:AE:CC:E3:D8:67:44:25:AB:41:AA:02:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       524038F3E88FCD7FFAA4D8816F239EC6E5A9EE8F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22478e61-69b1-43c8-9d97-aedb4afd8d04.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f11:800::/38 maxlen: 38
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:40:38:f3:e8:8f:cd:7f:fa:a4:d8:81:6f:23:9e:c6:e5:a9:ee:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=93024fd25eb89e28b94271079ee53535b35fa712f57a803f59b189168e1bd1a9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:db:15:51:48:d5:32:c2:e3:88:30:69:b9:3f:
                    2a:60:ee:3a:e0:35:38:18:c6:8a:f2:ab:7b:cd:c6:
                    bf:54:06:ec:74:10:51:d3:46:83:9b:93:8e:26:0b:
                    a8:bc:35:85:03:70:07:a0:c0:49:12:3c:c8:a2:f4:
                    63:35:db:37:3a:61:f9:68:af:55:f2:0b:58:ee:f8:
                    59:47:a1:25:f3:4f:73:5d:ce:3a:66:2e:a9:a2:e8:
                    24:6e:85:c3:46:2e:8f:f2:92:cd:cd:e2:64:e2:bf:
                    0f:e5:f0:3f:6e:28:cb:27:73:e9:a7:b3:35:e5:32:
                    6c:c8:42:f2:f0:d8:e7:96:b8:45:cb:ad:5e:49:c2:
                    a1:8a:9d:40:2d:b1:fb:07:34:17:7f:c9:ed:75:61:
                    9e:37:58:b6:85:54:a9:36:b1:75:6f:c9:7f:64:52:
                    02:fd:3b:95:19:32:d4:fc:d6:81:6f:c5:04:37:10:
                    c0:d3:fc:ac:45:30:7d:2c:76:e9:3d:85:69:e6:e1:
                    a8:22:8f:74:bf:55:4f:be:b3:43:8d:04:4b:9e:5f:
                    ed:c0:93:0e:52:6c:a9:e4:b1:1a:f3:10:84:f8:04:
                    31:ef:4c:69:f1:81:28:0c:c2:ca:ed:9f:ca:de:95:
                    f7:e3:87:20:46:a0:37:6e:42:14:3c:53:01:1a:ca:
                    c1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A2:D6:4C:87:D2:19:E1:AE:CC:E3:D8:67:44:25:AB:41:AA:02:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22478e61-69b1-43c8-9d97-aedb4afd8d04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f11:800::/38

    Signature Algorithm: sha256WithRSAEncryption
         3e:a6:7f:d1:e1:3b:75:bc:5b:af:b4:48:fd:c6:7e:bf:eb:94:
         2f:f7:73:de:89:e5:ce:c6:04:0e:a6:26:0d:38:66:22:e1:54:
         77:61:bb:d9:db:23:ad:01:cb:b1:c9:70:f3:d5:93:6f:4c:50:
         03:c3:57:cf:de:d0:f4:c8:f1:d7:e6:8f:c3:de:03:dd:ec:dd:
         cc:fc:b3:ce:30:c4:93:62:65:3c:f5:3b:9d:ee:a8:bf:63:46:
         c9:c2:22:63:1e:8c:7b:fe:dc:01:53:ef:76:5e:35:76:ef:1d:
         26:88:f0:4b:01:15:d7:83:32:e1:97:25:e0:b4:8e:5d:ea:07:
         b3:84:84:6c:1b:9f:76:6f:09:de:bd:d6:7d:21:5c:3a:7e:b6:
         9b:32:35:c0:d3:a7:64:14:3b:87:ea:76:2e:49:bd:a8:c2:de:
         e0:9e:f0:a2:5e:b2:3d:13:08:1d:04:2b:49:02:93:46:68:9a:
         d6:b0:1c:5e:23:61:bf:fc:e8:7c:25:0a:48:9f:24:d5:e1:88:
         fb:04:03:0e:bc:3e:dd:27:84:65:7f:a3:10:0d:3c:5b:01:e4:
         7f:7a:89:f2:a1:d4:92:00:1f:91:9c:2c:be:c9:b5:db:c2:d1:
         39:99:3d:38:d9:e4:b7:db:5a:62:df:9b:91:fc:62:c5:5b:d8:
         c7:01:d9:98
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUkA48+iPzX/6pNiBbyOexuWp7o8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzAyNGZkMjVlYjg5ZTI4Yjk0MjcxMDc5ZWU1MzUzNWIz
NWZhNzEyZjU3YTgwM2Y1OWIxODkxNjhlMWJkMWE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ2xVRSNUywuOIMGm5Pypg7jrgNTgYxoryq3vNxr9UBux0
EFHTRoObk44mC6i8NYUDcAegwEkSPMii9GM12zc6Yflor1XyC1ju+FlHoSXzT3Nd
zjpmLqmi6CRuhcNGLo/yks3N4mTivw/l8D9uKMsnc+mnszXlMmzIQvLw2OeWuEXL
rV5JwqGKnUAtsfsHNBd/ye11YZ43WLaFVKk2sXVvyX9kUgL9O5UZMtT81oFvxQQ3
EMDT/KxFMH0sduk9hWnm4agij3S/VU++s0ONBEueX+3Akw5SbKnksRrzEIT4BDHv
TGnxgSgMwsrtn8relffjhyBGoDduQhQ8UwEaysExAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUzqLWTIfSGeGuzOPYZ0Qlq0GqAl0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyNDc4ZTYxLTY5YjEtNDNjOC05ZDk3LWFlZGI0YWZkOGQwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8RCDANBgkqhkiG9w0BAQsFAAOCAQEAPqZ/0eE7dbxbr7RI/cZ+v+uU
L/dz3onlzsYEDqYmDThmIuFUd2G72dsjrQHLsclw89WTb0xQA8NXz97Q9Mjx1+aP
w94D3ezdzPyzzjDEk2JlPPU7ne6ov2NGycIiYx6Me/7cAVPvdl41du8dJojwSwEV
14My4Zcl4LSOXeoHs4SEbBufdm8J3r3WfSFcOn62mzI1wNOnZBQ7h+p2Lkm9qMLe
4J7wol6yPRMIHQQrSQKTRmia1rAcXiNhv/zofCUKSJ8k1eGI+wQDDrw+3SeEZX+j
EA08WwHkf3qJ8qHUkgAfkZwsvsm128LROZk9ONnkt9taYt+bkfxixVvYxwHZmA==
-----END CERTIFICATE-----