Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74a60e67-a460-4b24-b4ff-3e3adb9ae7c1.roa
File:                     74a60e67-a460-4b24-b4ff-3e3adb9ae7c1.roa (raw, json)
Hash identifier:          MXgj6j+jQAD48cn9NXCt7Y2IcJW9ZBXX4rqXZHZ/9eY=
Subject key identifier:   69:F6:90:2A:A6:09:90:2D:A4:B4:F0:6F:A8:F5:C2:3D:B2:4C:AD:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12CBB8A537E06D7EF7D551C95494917C5902ED99
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74a60e67-a460-4b24-b4ff-3e3adb9ae7c1.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff6:5000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:cb:b8:a5:37:e0:6d:7e:f7:d5:51:c9:54:94:91:7c:59:02:ed:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=06f4d9b4520d702af96705bb9d9bc16233910df704639236bd7c269f21e3c45e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:14:39:6f:df:61:3e:87:1c:74:bd:2c:13:5f:
                    6c:3a:88:6c:d5:0f:cb:3d:df:b7:62:65:cf:02:98:
                    c0:4e:ae:5f:7e:88:51:7f:3a:66:5b:f2:fb:9e:0a:
                    de:79:40:1d:2b:a4:7b:11:39:31:de:2e:aa:15:8f:
                    2d:da:fc:e6:6d:8c:0e:53:c7:93:61:7a:0b:5b:b5:
                    73:72:5b:0c:2d:af:4b:32:e6:2b:76:99:cd:c3:67:
                    c2:3f:0d:d8:08:c4:d1:0a:5f:d4:1e:c8:e6:4f:dc:
                    bb:9d:e4:af:17:6f:12:ca:e0:c5:9b:dd:0d:5b:a1:
                    dc:78:9c:07:c3:42:04:86:68:eb:e8:b5:a7:31:e2:
                    d9:59:b1:e4:84:75:58:9c:e5:49:6c:00:05:9e:77:
                    61:b5:91:4d:5e:e5:cd:d2:71:a1:26:fb:cb:8a:64:
                    fc:bb:8f:62:ed:35:b2:ea:f1:29:5a:a2:5c:38:e8:
                    6b:86:2d:a1:15:d2:0b:6c:6c:80:7e:90:31:39:20:
                    df:1a:43:a0:b8:22:d8:cc:a4:e5:ad:64:d8:ab:e6:
                    4e:3c:e8:72:b2:89:03:df:dd:fe:3a:db:7d:69:0e:
                    70:bd:a4:d8:4d:93:10:42:32:fb:1a:d8:cf:56:76:
                    99:1c:f3:35:9a:03:44:db:4e:03:b8:4b:43:2f:f6:
                    31:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F6:90:2A:A6:09:90:2D:A4:B4:F0:6F:A8:F5:C2:3D:B2:4C:AD:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74a60e67-a460-4b24-b4ff-3e3adb9ae7c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff6:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         16:74:51:28:d9:b7:95:92:29:74:13:66:51:02:51:a8:c1:35:
         08:9c:10:5d:11:b9:ed:a1:db:86:7a:59:d4:47:f1:26:a7:ca:
         c3:14:a0:7c:33:9c:2a:d2:02:0b:c0:27:2e:7a:f0:8a:d2:01:
         cd:4a:d9:be:f3:24:55:1a:ef:bc:94:b9:dd:4f:96:7c:c6:9b:
         17:78:97:91:d6:f8:4c:a6:c5:31:59:47:d9:51:22:a8:66:fa:
         96:4a:65:43:a4:d2:d6:30:30:d1:35:2e:39:ec:40:2c:64:98:
         0a:57:b3:46:14:c7:06:61:a1:58:b2:78:54:63:de:7c:81:91:
         74:33:5f:38:b8:77:f7:78:18:51:c2:c0:ed:90:ad:89:3c:1c:
         c1:ad:47:00:30:5a:4d:80:ef:a0:ec:c3:dd:de:85:b7:e9:9b:
         6b:c6:94:93:4d:6c:d7:ac:2d:67:ff:fb:d8:20:c4:0b:ed:e4:
         50:2f:47:bb:b8:4e:a4:69:04:62:ea:61:45:e5:46:a7:31:c3:
         a3:fc:11:be:3d:52:fa:de:d5:6e:5e:9f:86:64:ca:cb:c3:3d:
         bc:22:cb:d1:29:fc:4b:2b:a4:87:5a:7e:33:50:bc:c3:59:71:
         e8:e6:ee:ed:d4:75:55:be:99:e5:52:0b:3d:bd:7b:2c:d4:84:
         9c:f8:d2:5c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEsu4pTfgbX731VHJVJSRfFkC7ZkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNmY0ZDliNDUyMGQ3MDJhZjk2NzA1YmI5ZDliYzE2MjMz
OTEwZGY3MDQ2MzkyMzZiZDdjMjY5ZjIxZTNjNDVlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKFDlv32E+hxx0vSwTX2w6iGzVD8s937diZc8CmMBOrl9+
iFF/OmZb8vueCt55QB0rpHsROTHeLqoVjy3a/OZtjA5Tx5NhegtbtXNyWwwtr0sy
5it2mc3DZ8I/DdgIxNEKX9QeyOZP3Lud5K8XbxLK4MWb3Q1bodx4nAfDQgSGaOvo
tacx4tlZseSEdVic5UlsAAWed2G1kU1e5c3ScaEm+8uKZPy7j2LtNbLq8Slaolw4
6GuGLaEV0gtsbIB+kDE5IN8aQ6C4ItjMpOWtZNir5k486HKyiQPf3f46231pDnC9
pNhNkxBCMvsa2M9Wdpkc8zWaA0TbTgO4S0Mv9jErAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUafaQKqYJkC2ktPBvqPXCPbJMrZswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc0YTYwZTY3LWE0NjAtNGIyNC1iNGZmLTNlM2FkYjlhZTdjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/2UDANBgkqhkiG9w0BAQsFAAOCAQEAFnRRKNm3lZIpdBNmUQJRqME1
CJwQXRG57aHbhnpZ1EfxJqfKwxSgfDOcKtICC8AnLnrwitIBzUrZvvMkVRrvvJS5
3U+WfMabF3iXkdb4TKbFMVlH2VEiqGb6lkplQ6TS1jAw0TUuOexALGSYClezRhTH
BmGhWLJ4VGPefIGRdDNfOLh393gYUcLA7ZCtiTwcwa1HADBaTYDvoOzD3d6Ft+mb
a8aUk01s16wtZ//72CDEC+3kUC9Hu7hOpGkEYuphReVGpzHDo/wRvj1S+t7Vbl6f
hmTKy8M9vCLL0Sn8Syukh1p+M1C8w1lx6Obu7dR1Vb6Z5VILPb17LNSEnPjSXA==
-----END CERTIFICATE-----