Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/355eabfb-2870-47f8-af1a-edd8cbb23311.roa
File:                     355eabfb-2870-47f8-af1a-edd8cbb23311.roa (raw, json)
Hash identifier:          1RQTw8EYy0rpifcXucEJtIccPLBJK2++dYOp6ssrF7U=
Subject key identifier:   51:81:06:96:BD:FD:03:67:48:55:4C:29:8C:CD:D7:73:7F:BA:02:E7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1A9C1704CD35208BFBF010492F4FFFF8C8AAD8D7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/355eabfb-2870-47f8-af1a-edd8cbb23311.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f23:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:9c:17:04:cd:35:20:8b:fb:f0:10:49:2f:4f:ff:f8:c8:aa:d8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=5548e8e77ed052fa75f97838b010a699a49f62f9b895b400c23933322e7aac19, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:30:e0:cd:46:26:43:be:ea:46:92:fe:7f:8c:
                    6b:ac:83:be:19:8c:24:46:54:e6:d0:83:aa:98:e3:
                    18:d8:09:1f:9a:41:9b:c6:7b:e6:0e:df:14:12:20:
                    4c:44:a2:43:a8:5c:44:98:7c:c7:3a:30:37:7d:5c:
                    07:7b:47:ef:63:37:9b:03:e0:38:05:c9:86:63:99:
                    6e:29:e1:3c:fa:82:1d:4b:70:4d:2d:4d:61:14:d0:
                    1e:91:b6:e8:21:b1:a7:5d:ac:eb:18:ef:05:48:f7:
                    2f:2b:50:77:43:0c:16:eb:77:9c:3c:c7:d6:48:84:
                    d3:3d:5b:e6:90:46:e3:a5:b9:c8:bf:41:20:d8:d2:
                    99:64:8e:75:6c:bd:60:18:65:97:fc:c9:b1:02:8a:
                    1e:40:8d:8e:37:f9:85:98:28:c9:d8:66:02:54:bd:
                    51:91:87:9b:d0:56:22:ec:fb:5d:a3:ea:02:2e:73:
                    17:5a:80:27:19:2f:ac:36:ae:ce:c9:e1:49:2e:16:
                    f7:4c:ad:79:d4:bb:26:ee:2f:5d:b8:ce:5d:c9:19:
                    81:1e:b0:71:a0:e5:55:57:d2:06:3e:73:56:bd:61:
                    8d:74:09:ca:08:2e:6a:53:50:5b:2c:62:ab:57:cd:
                    cb:69:64:81:18:ec:47:93:64:ef:9d:7a:8e:a7:d1:
                    90:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:81:06:96:BD:FD:03:67:48:55:4C:29:8C:CD:D7:73:7F:BA:02:E7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/355eabfb-2870-47f8-af1a-edd8cbb23311.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f23:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         92:67:95:8f:fc:88:d2:24:38:e3:02:66:b1:63:e2:41:df:be:
         2a:bf:68:80:36:ce:6b:8d:16:34:13:38:92:67:e4:d7:c3:42:
         a9:38:20:f0:af:4d:3d:74:24:74:fa:8e:fc:41:ad:cf:ff:71:
         73:98:28:4b:37:80:6f:53:a4:62:9e:5e:05:9b:71:b0:b4:b0:
         95:45:9c:ac:73:29:cd:b5:3f:5e:d2:ff:c0:69:64:06:0a:dd:
         e4:bb:8c:74:32:16:1e:b6:b4:7e:62:87:8a:0e:dc:c6:cc:dd:
         9f:89:aa:0b:5b:08:04:01:79:17:18:20:e8:e6:5a:fe:0a:d2:
         27:be:f4:bc:21:3c:27:ef:fd:56:1b:65:46:91:38:a7:93:0c:
         49:78:6e:dc:65:4e:84:c4:eb:e0:be:d7:c4:41:bd:ac:5a:6b:
         81:11:b4:bc:eb:88:dc:74:2f:82:cb:32:1d:f0:1f:62:ca:01:
         ad:8e:56:63:88:6b:7f:05:7f:39:e0:18:cc:2d:5f:b0:fe:04:
         9a:38:15:89:48:2f:67:9a:48:8a:ea:04:47:b2:13:85:fd:61:
         88:e4:6a:79:5c:bb:78:76:3a:20:75:54:81:57:a1:ce:45:67:
         f7:f2:d5:f0:22:06:d3:ec:9d:32:e8:2a:a3:9f:e3:74:e0:4e:
         be:53:81:d7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGpwXBM01IIv78BBJL0//+Miq2NcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NTQ4ZThlNzdlZDA1MmZhNzVmOTc4MzhiMDEwYTY5OWE0
OWY2MmY5Yjg5NWI0MDBjMjM5MzMzMjJlN2FhYzE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTMODNRiZDvupGkv5/jGusg74ZjCRGVObQg6qY4xjYCR+a
QZvGe+YO3xQSIExEokOoXESYfMc6MDd9XAd7R+9jN5sD4DgFyYZjmW4p4Tz6gh1L
cE0tTWEU0B6RtughsaddrOsY7wVI9y8rUHdDDBbrd5w8x9ZIhNM9W+aQRuOluci/
QSDY0plkjnVsvWAYZZf8ybECih5AjY43+YWYKMnYZgJUvVGRh5vQViLs+12j6gIu
cxdagCcZL6w2rs7J4UkuFvdMrXnUuybuL124zl3JGYEesHGg5VVX0gY+c1a9YY10
CcoILmpTUFssYqtXzctpZIEY7EeTZO+deo6n0ZATAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUYEGlr39A2dIVUwpjM3Xc3+6AucwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1NWVhYmZiLTI4NzAtNDdmOC1hZjFhLWVkZDhjYmIyMzMxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8jgDANBgkqhkiG9w0BAQsFAAOCAQEAkmeVj/yI0iQ44wJmsWPiQd++
Kr9ogDbOa40WNBM4kmfk18NCqTgg8K9NPXQkdPqO/EGtz/9xc5goSzeAb1OkYp5e
BZtxsLSwlUWcrHMpzbU/XtL/wGlkBgrd5LuMdDIWHra0fmKHig7cxszdn4mqC1sI
BAF5Fxgg6OZa/grSJ770vCE8J+/9VhtlRpE4p5MMSXhu3GVOhMTr4L7XxEG9rFpr
gRG0vOuI3HQvgssyHfAfYsoBrY5WY4hrfwV/OeAYzC1fsP4EmjgViUgvZ5pIiuoE
R7IThf1hiORqeVy7eHY6IHVUgVehzkVn9/LV8CIG0+ydMugqo5/jdOBOvlOB1w==
-----END CERTIFICATE-----