Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa
File:                     6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa (raw, json)
Hash identifier:          ew9mO5rf80Ze8gql5KhOlW6H/vNlxwxaQBor6vIlFyo=
Subject key identifier:   54:98:CB:08:84:C4:1F:E0:10:B1:20:2A:F4:16:B0:68:37:2F:5F:E1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7E6467159FFA921B489640CB1AE7436CF5C5D609
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f38:80a0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:64:67:15:9f:fa:92:1b:48:96:40:cb:1a:e7:43:6c:f5:c5:d6:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=96fbf54a2a4770979dc06ba6bf26efdf0925f9ddd7aa69335f8eed918f4b14e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:03:04:58:31:09:36:7f:4d:cc:a3:f6:5b:de:
                    6c:78:8e:0a:3a:74:c8:4b:d4:8d:ec:32:fb:c7:9f:
                    bd:83:65:b9:18:ab:92:66:b3:b6:67:7e:45:e6:84:
                    53:e5:5c:a4:a7:59:e5:93:8c:29:45:96:07:1b:cf:
                    4d:06:aa:e9:6b:f3:51:0d:4e:3a:38:7e:56:a3:38:
                    f3:8d:0a:29:a1:48:03:dc:1a:d2:e9:bb:4a:64:7b:
                    a2:21:2a:1c:a3:45:b8:b1:90:38:bf:d5:d8:17:ef:
                    d7:ea:24:5e:08:6d:c7:d4:9c:fe:02:2e:a3:2f:06:
                    00:40:1e:95:20:29:9f:71:30:44:d4:0e:97:47:f7:
                    f6:8a:dd:dc:5b:75:cc:bd:71:3b:6b:73:d8:ba:42:
                    58:b5:9c:be:fe:5f:7c:6c:51:a4:e1:fc:e5:f6:35:
                    d2:bb:d8:10:4d:49:57:4b:08:5c:4c:f7:27:a4:da:
                    f4:ff:00:ed:d5:68:eb:e1:7c:17:6a:09:43:65:00:
                    53:6c:97:d0:90:5d:30:e4:3e:39:46:6d:fb:b6:70:
                    c5:3e:7b:33:e4:95:01:55:85:8a:33:84:5f:dc:2a:
                    f9:ad:24:cd:c2:5d:53:cb:c5:22:73:ef:8a:10:73:
                    a2:f0:fd:3d:e0:97:75:6c:75:f3:43:f6:95:5b:b2:
                    31:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:98:CB:08:84:C4:1F:E0:10:B1:20:2A:F4:16:B0:68:37:2F:5F:E1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:80a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         cc:33:d4:f8:13:aa:49:1e:86:d4:d1:0c:f1:84:25:4f:78:ba:
         dd:8f:e2:c7:7e:af:be:61:59:3a:f5:8b:e1:a2:e2:20:7f:a0:
         92:d7:0f:80:53:fc:22:2a:cd:16:3c:f4:c1:d4:b9:99:2f:83:
         21:fe:d1:a9:6e:c5:3b:a7:fb:77:72:87:76:33:04:e2:d9:d3:
         c4:7c:62:d4:ef:15:a9:a6:7c:92:e7:e2:47:cc:86:c7:c4:90:
         cd:e3:7e:d6:f2:73:0d:ae:cc:84:7b:b6:5d:d9:dd:3e:a9:ba:
         bb:26:01:3a:38:67:c5:43:4a:a1:50:cc:ca:76:5f:8a:50:64:
         c6:9c:06:db:b7:12:90:f2:80:4b:aa:2d:12:68:f8:4c:57:22:
         ac:a2:37:05:2e:c3:ab:c9:00:f5:f0:d9:ee:51:d0:c5:8c:26:
         34:2a:4c:1d:c6:f2:bf:2f:26:0f:83:60:6b:a4:c1:19:47:47:
         65:8e:25:db:64:f4:59:94:fd:89:0c:b2:fd:7f:fd:1e:f2:c5:
         0d:71:e0:97:8f:2a:a9:23:aa:11:36:b4:62:59:44:9c:cd:73:
         cb:cd:fa:e7:c3:23:12:78:90:6e:f6:b2:4f:ef:1c:6d:17:a4:
         d0:20:5c:da:86:f2:92:83:10:d9:7d:0c:c5:aa:87:28:fa:d5:
         34:7f:cb:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfmRnFZ/6khtIlkDLGudDbPXF1gkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NmZiZjU0YTJhNDc3MDk3OWRjMDZiYTZiZjI2ZWZkZjA5
MjVmOWRkZDdhYTY5MzM1ZjhlZWQ5MThmNGIxNGU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1AwRYMQk2f03Mo/Zb3mx4jgo6dMhL1I3sMvvHn72DZbkY
q5Jms7ZnfkXmhFPlXKSnWeWTjClFlgcbz00Gqulr81ENTjo4flajOPONCimhSAPc
GtLpu0pke6IhKhyjRbixkDi/1dgX79fqJF4IbcfUnP4CLqMvBgBAHpUgKZ9xMETU
DpdH9/aK3dxbdcy9cTtrc9i6Qli1nL7+X3xsUaTh/OX2NdK72BBNSVdLCFxM9yek
2vT/AO3VaOvhfBdqCUNlAFNsl9CQXTDkPjlGbfu2cMU+ezPklQFVhYozhF/cKvmt
JM3CXVPLxSJz74oQc6Lw/T3gl3VsdfND9pVbsjF/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVJjLCITEH+AQsSAq9BawaDcvX+EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4ODg2MTNjLWY3YWUtNGI3Mi04YmE4LWU0NGJiMWFhNjY5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gKAwDQYJKoZIhvcNAQELBQADggEBAMwz1PgTqkkehtTRDPGEJU94
ut2P4sd+r75hWTr1i+Gi4iB/oJLXD4BT/CIqzRY89MHUuZkvgyH+0aluxTun+3dy
h3YzBOLZ08R8YtTvFammfJLn4kfMhsfEkM3jftbycw2uzIR7tl3Z3T6pursmATo4
Z8VDSqFQzMp2X4pQZMacBtu3EpDygEuqLRJo+ExXIqyiNwUuw6vJAPXw2e5R0MWM
JjQqTB3G8r8vJg+DYGukwRlHR2WOJdtk9FmU/YkMsv1//R7yxQ1x4JePKqkjqhE2
tGJZRJzNc8vN+ufDIxJ4kG72sk/vHG0XpNAgXNqG8pKDENl9DMWqhyj61TR/y1A=
-----END CERTIFICATE-----