Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa
File:                     4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa (raw, json)
Hash identifier:          Nq84VsIOOGGpDM4Q5Qs3X3vS/NsQLsiOc6tgrLQYWm4=
Subject key identifier:   35:36:D4:57:4E:7C:78:E6:F5:33:F3:AD:F3:50:E6:63:F3:EF:AD:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E868FF3FB2AFBBDEBCD98D7D5C591587BDC9A92
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f10:4000::/36 maxlen: 36
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:86:8f:f3:fb:2a:fb:bd:eb:cd:98:d7:d5:c5:91:58:7b:dc:9a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=f919ec04fad65c2dab153637fdfd223bb67aaf56afc1d95c4699685ff2047ee0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a1:d4:19:05:53:cd:fe:8e:aa:c7:64:c0:f6:
                    92:8a:c8:9d:12:23:ca:60:28:09:ee:86:e5:42:1b:
                    e1:c5:10:2e:de:12:0b:71:be:ac:67:90:a0:70:a7:
                    b2:22:53:52:0b:77:6b:cd:86:1e:e5:7a:1e:95:e8:
                    5d:61:fe:21:e6:13:36:7e:16:8f:c6:97:17:dc:cb:
                    0b:2b:6a:54:2d:e7:a0:58:72:00:3c:69:bf:eb:c4:
                    9b:4d:1e:e6:60:39:86:f4:2d:a8:d1:bb:1d:71:15:
                    c2:40:cc:f7:a8:b1:07:e6:27:35:55:b8:f9:26:16:
                    15:eb:48:47:f4:4f:5a:a7:b8:c7:04:ac:45:d2:69:
                    9c:11:7c:73:2e:2b:15:9c:09:d1:a3:8f:6f:83:f0:
                    7d:45:4d:94:97:81:a4:69:c7:b0:b1:95:35:16:39:
                    2f:41:ca:7f:07:d4:87:91:5c:f2:0c:ab:26:22:bc:
                    04:28:f9:2b:b8:58:70:46:a0:b5:c8:ea:d4:61:a2:
                    4e:49:9c:96:98:6b:6f:e3:20:2c:97:11:31:4b:52:
                    2d:73:ae:02:2e:40:bc:05:72:35:e8:bb:93:ab:18:
                    af:94:16:e6:38:b2:60:f0:0b:95:14:1b:9c:30:09:
                    2e:ac:4b:47:1c:80:b0:4e:b4:f3:6a:9b:c9:70:38:
                    47:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:36:D4:57:4E:7C:78:E6:F5:33:F3:AD:F3:50:E6:63:F3:EF:AD:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f10:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         69:7e:20:7a:df:c7:c0:9f:b9:4a:e9:4c:b1:05:55:ca:44:c6:
         68:db:34:dd:b0:6b:d1:fc:89:0d:21:a2:38:a7:1b:7d:74:ff:
         d0:6c:81:0a:2a:c4:66:5a:39:b0:c0:de:d9:ee:77:04:2b:3f:
         74:b0:3e:bc:41:ee:51:ba:06:ae:ca:db:77:bd:59:87:ae:f2:
         84:f2:02:2b:09:21:dc:bd:19:cf:4c:e7:39:79:92:a1:b5:b8:
         2b:d0:27:11:88:d1:03:75:99:81:cc:9c:8b:bd:21:d3:a7:31:
         62:97:2b:ec:2c:90:44:f1:e0:c3:6a:70:be:ee:19:2e:f5:f4:
         21:7d:e0:6f:e1:cf:72:9a:b5:e7:4a:4a:00:88:50:18:66:64:
         eb:1a:72:f4:4d:fa:cf:7e:b1:d3:ed:b0:37:df:d6:60:55:c3:
         0b:ed:09:3e:8e:46:68:08:bf:19:58:cb:9e:09:19:a4:b6:2a:
         73:e4:6d:d5:13:d4:ff:ea:cd:5f:a9:ee:80:95:c7:73:9c:d2:
         08:14:1c:08:94:b7:76:eb:d7:c5:07:86:72:b4:96:f8:62:9b:
         22:63:33:38:c3:90:49:55:cd:88:dd:b8:69:b7:28:1f:15:99:
         66:3d:39:3f:b3:d9:d1:ed:05:8c:14:55:2d:ff:73:88:3c:88:
         6d:f8:f5:c7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDoaP8/sq+73rzZjX1cWRWHvcmpIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOTE5ZWMwNGZhZDY1YzJkYWIxNTM2MzdmZGZkMjIzYmI2
N2FhZjU2YWZjMWQ5NWM0Njk5Njg1ZmYyMDQ3ZWUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLodQZBVPN/o6qx2TA9pKKyJ0SI8pgKAnuhuVCG+HFEC7e
EgtxvqxnkKBwp7IiU1ILd2vNhh7leh6V6F1h/iHmEzZ+Fo/GlxfcywsralQt56BY
cgA8ab/rxJtNHuZgOYb0LajRux1xFcJAzPeosQfmJzVVuPkmFhXrSEf0T1qnuMcE
rEXSaZwRfHMuKxWcCdGjj2+D8H1FTZSXgaRpx7CxlTUWOS9Byn8H1IeRXPIMqyYi
vAQo+Su4WHBGoLXI6tRhok5JnJaYa2/jICyXETFLUi1zrgIuQLwFcjXou5OrGK+U
FuY4smDwC5UUG5wwCS6sS0ccgLBOtPNqm8lwOEcpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUNTbUV058eOb1M/Ot81DmY/PvrX8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjZDJjYzliLTc4ZjAtNDk3MS1hMTcwLWE5MGNhMDhiOTMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8QQDANBgkqhkiG9w0BAQsFAAOCAQEAaX4get/HwJ+5SulMsQVVykTG
aNs03bBr0fyJDSGiOKcbfXT/0GyBCirEZlo5sMDe2e53BCs/dLA+vEHuUboGrsrb
d71Zh67yhPICKwkh3L0Zz0znOXmSobW4K9AnEYjRA3WZgcyci70h06cxYpcr7CyQ
RPHgw2pwvu4ZLvX0IX3gb+HPcpq150pKAIhQGGZk6xpy9E36z36x0+2wN9/WYFXD
C+0JPo5GaAi/GVjLngkZpLYqc+Rt1RPU/+rNX6nugJXHc5zSCBQcCJS3duvXxQeG
crSW+GKbImMzOMOQSVXNiN24abcoHxWZZj05P7PZ0e0FjBRVLf9ziDyIbfj1xw==
-----END CERTIFICATE-----