Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
File:                     82d434d3-74fc-47a3-89ec-ed37a23ae562.roa (raw, json)
Hash identifier:          7xLo2paHzy4oFLw7Vj1BG6/1M35s4/arS4fIy9yulGo=
Subject key identifier:   20:A7:5B:C8:69:FE:26:A7:8A:9D:73:C9:71:4D:8E:3B:5C:4B:05:0D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       266685617731A3827CFFFC43426A5E754C182787
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f22:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:66:85:61:77:31:a3:82:7c:ff:fc:43:42:6a:5e:75:4c:18:27:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: serialNumber=6d7b3c70119d19c5699e0a080886b443ce48ff618da820e487d8f33c70b2ab8f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f5:85:a7:75:22:65:c8:59:00:c4:5c:1f:a5:
                    16:54:e4:ff:32:c0:a8:5f:67:59:27:3f:6b:a7:3f:
                    97:e7:c4:6a:4d:90:8d:d6:55:78:95:7f:87:0f:b8:
                    59:d5:d8:4c:f4:2b:11:bd:25:e0:b1:55:f9:ce:ed:
                    a2:bb:c3:de:77:65:d6:6a:14:5d:0c:a4:04:28:80:
                    d5:19:b4:c9:e9:77:14:6b:70:f9:b9:b2:d0:55:32:
                    a0:06:40:2a:ad:50:b6:cb:30:98:06:44:99:be:85:
                    00:44:3d:66:68:2c:47:1c:e6:57:89:09:22:7c:d8:
                    44:b9:db:ae:17:dc:51:30:13:71:50:6d:a1:d5:e2:
                    9b:fc:8d:60:aa:b9:65:5c:b6:da:e3:3a:4c:38:ad:
                    e4:b3:8b:00:26:f7:1c:fb:0d:bc:ec:88:50:57:f9:
                    fb:f9:6e:d1:f6:c6:55:ff:26:ee:ca:e4:14:eb:df:
                    97:76:62:d5:ad:c9:02:f6:70:28:c3:52:18:4b:b4:
                    90:0a:55:35:0c:5c:6a:a2:42:f6:6b:d6:a3:81:ae:
                    c9:26:32:4f:83:bd:1a:7e:b2:48:42:6c:1f:61:ec:
                    62:80:16:0f:6d:19:00:ae:f7:07:4a:da:3b:bb:92:
                    50:01:77:49:d6:b1:c5:ee:ec:3f:73:7d:b8:6d:a3:
                    1c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:A7:5B:C8:69:FE:26:A7:8A:9D:73:C9:71:4D:8E:3B:5C:4B:05:0D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f22:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         d5:1d:71:04:07:5e:a9:ca:87:22:cd:d4:ef:ad:89:d2:44:a5:
         cc:d2:ca:1a:8d:25:b2:03:23:a4:01:ac:91:2a:cf:c5:f2:a3:
         45:99:43:3f:dd:25:f5:0a:1c:a7:57:33:2f:0d:43:b4:33:fd:
         cb:f5:44:ee:97:ae:d3:26:15:7b:30:99:9c:fb:0e:d0:e6:df:
         8a:54:c6:e1:21:b6:ac:f9:48:8b:91:bc:2f:52:07:93:61:44:
         32:bf:98:de:8d:fb:e4:f4:b8:90:b6:6e:0b:93:e7:96:8c:de:
         bb:94:54:19:de:35:a7:6a:b2:b9:b3:ca:f9:20:54:7d:2d:15:
         2c:05:a4:6b:bd:6c:c6:6e:b5:66:8d:71:4f:f9:78:7e:95:48:
         8a:e2:61:bc:3f:8b:24:94:a5:5d:fa:da:a8:42:c6:28:79:12:
         0a:ef:be:9e:12:76:86:9b:93:ae:7a:e5:1a:e8:08:49:a2:2e:
         4c:dd:d2:a1:63:2b:b2:55:ab:5c:4b:7b:0e:c5:03:18:d4:8b:
         ef:e1:e2:ac:4b:52:0b:6b:de:d5:5c:68:4f:79:96:e8:5b:4c:
         64:30:64:b6:e6:74:25:73:65:c9:8a:b4:07:9e:11:f4:6c:b5:
         93:78:37:4d:48:5a:32:49:f2:eb:a6:c0:b3:92:2b:61:0f:4b:
         ae:03:98:dd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJmaFYXcxo4J8//xDQmpedUwYJ4cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDdiM2M3MDExOWQxOWM1Njk5ZTBhMDgwODg2YjQ0M2Nl
NDhmZjYxOGRhODIwZTQ4N2Q4ZjMzYzcwYjJhYjhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq9YWndSJlyFkAxFwfpRZU5P8ywKhfZ1knP2unP5fnxGpN
kI3WVXiVf4cPuFnV2Ez0KxG9JeCxVfnO7aK7w953ZdZqFF0MpAQogNUZtMnpdxRr
cPm5stBVMqAGQCqtULbLMJgGRJm+hQBEPWZoLEcc5leJCSJ82ES5264X3FEwE3FQ
baHV4pv8jWCquWVcttrjOkw4reSziwAm9xz7DbzsiFBX+fv5btH2xlX/Ju7K5BTr
35d2YtWtyQL2cCjDUhhLtJAKVTUMXGqiQvZr1qOBrskmMk+DvRp+skhCbB9h7GKA
Fg9tGQCu9wdK2ju7klABd0nWscXu7D9zfbhtoxwTAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIKdbyGn+JqeKnXPJcU2OO1xLBQ0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZDQzNGQzLTc0ZmMtNDdhMy04OWVjLWVkMzdhMjNhZTU2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8igDANBgkqhkiG9w0BAQsFAAOCAQEA1R1xBAdeqcqHIs3U762J0kSl
zNLKGo0lsgMjpAGskSrPxfKjRZlDP90l9Qocp1czLw1DtDP9y/VE7peu0yYVezCZ
nPsO0ObfilTG4SG2rPlIi5G8L1IHk2FEMr+Y3o375PS4kLZuC5Pnlozeu5RUGd41
p2qyubPK+SBUfS0VLAWka71sxm61Zo1xT/l4fpVIiuJhvD+LJJSlXfraqELGKHkS
Cu++nhJ2hpuTrnrlGugISaIuTN3SoWMrslWrXEt7DsUDGNSL7+HirEtSC2ve1Vxo
T3mW6FtMZDBktuZ0JXNlyYq0B54R9Gy1k3g3TUhaMkny66bAs5IrYQ9LrgOY3Q==
-----END CERTIFICATE-----