Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d02d8df-f85d-453f-9362-f93296547074.roa
File:                     8d02d8df-f85d-453f-9362-f93296547074.roa (raw, json)
Hash identifier:          FcMwGxEWjahCRfrh6aOieXibH1/9Vm+iljSgwwX7J0g=
Subject key identifier:   AC:EF:A7:91:A9:36:A2:29:14:C7:80:A4:0D:5C:E1:B4:1A:E9:E8:DC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       786828CB3BCAFE3AB0D5651400BF5AF82A2D3C0B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d02d8df-f85d-453f-9362-f93296547074.roa
Signing time:             Fri 17 Jan 2025 00:00:00 +0000
ROA not before:           Fri 17 Jan 2025 00:00:00 +0000
ROA not after:            Fri 21 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:40c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:68:28:cb:3b:ca:fe:3a:b0:d5:65:14:00:bf:5a:f8:2a:2d:3c:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 17 00:00:00 2025 GMT
            Not After : Feb 21 23:59:59 2025 GMT
        Subject: serialNumber=e1fabfc7248f9ea5378eddc041d1b48d14c0cb2acce38f5fc4de2dc16dbb9ab9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:46:40:4c:71:f9:3e:b3:8f:a1:ec:bf:78:da:
                    07:05:0d:c7:ac:43:36:cd:64:23:f5:fc:12:0c:a9:
                    bd:f5:de:27:a7:5a:80:d6:b6:f2:93:c9:79:21:93:
                    c6:6e:fe:fd:71:46:bd:b4:4e:4d:a9:ca:f3:b6:c7:
                    f7:c0:c0:da:0c:4f:7b:e1:4d:34:d8:ae:e3:fd:e9:
                    7d:72:57:1c:cd:f5:63:84:b6:05:fa:e9:44:c8:ac:
                    f3:a9:02:e1:45:64:7d:c7:e2:fc:0a:d4:ec:c6:f8:
                    8d:90:a8:71:a7:80:b8:4e:50:ab:d1:f0:7d:ca:45:
                    eb:12:c7:9a:dd:eb:35:53:ef:c5:34:5f:8d:3a:0f:
                    1f:b4:4e:06:76:57:a9:43:e4:a1:4a:97:19:47:3d:
                    3e:ff:6d:1d:20:ac:23:19:03:b2:5c:5e:15:ff:57:
                    b0:52:1e:80:a4:ad:a0:44:2c:52:e5:5d:38:88:7f:
                    46:b3:d2:14:d6:72:50:3c:ca:b2:09:10:3d:e6:af:
                    9b:51:b9:4c:bb:24:bf:71:59:e0:00:12:ea:83:41:
                    78:d7:12:e7:74:d6:d9:7c:b4:60:ac:4f:bb:a2:35:
                    2d:5d:72:9a:88:a5:48:17:d8:7a:b3:c6:18:c7:97:
                    e4:77:d5:d3:76:4f:02:5e:da:f8:cd:44:1f:9f:23:
                    ab:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:EF:A7:91:A9:36:A2:29:14:C7:80:A4:0D:5C:E1:B4:1A:E9:E8:DC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d02d8df-f85d-453f-9362-f93296547074.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:40c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:30:da:be:25:c1:35:ca:57:a8:5d:83:ee:14:e7:90:84:0e:
         aa:1b:c9:18:6d:4b:82:63:5c:be:fc:ca:0d:a6:95:9f:ef:88:
         07:99:0a:59:0c:ab:8f:86:71:36:21:4b:80:3f:0f:f8:c6:0d:
         5d:41:4f:b6:2d:5a:4f:01:e0:49:38:3c:b5:0c:69:63:c2:7e:
         9d:d5:51:49:85:4e:bd:fe:de:58:30:c4:1d:97:a3:f0:1e:4e:
         a3:51:d9:f0:b7:66:00:a3:ce:13:a7:5a:19:7e:08:ae:6c:79:
         de:e2:a5:71:cd:6e:8a:b5:e0:f6:da:82:78:90:fb:5d:69:fe:
         cd:6c:68:8d:0c:8d:f3:52:ca:b8:38:a6:aa:1e:9d:f4:e6:f6:
         c6:10:49:dd:6d:31:80:d2:93:0f:98:37:dc:61:15:3f:25:21:
         a3:ca:1c:1e:a8:99:32:e6:ee:aa:df:44:78:b5:e2:1b:e2:ff:
         86:68:47:23:67:3e:d8:81:49:35:51:a0:10:57:0e:74:b8:ad:
         70:51:d8:7f:f4:51:c6:f9:4d:cf:e2:46:f0:ec:79:d2:af:e7:
         6e:56:ef:fb:28:ed:e3:49:14:82:ab:bc:59:13:21:e1:d1:86:
         f1:c1:3f:0e:88:65:6c:45:2a:7d:56:47:8b:ce:cc:c2:63:ab:
         fa:c7:34:29
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeGgoyzvK/jqw1WUUAL9a+CotPAswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE3MDAwMDAwWhcNMjUwMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMWZhYmZjNzI0OGY5ZWE1Mzc4ZWRkYzA0MWQxYjQ4ZDE0
YzBjYjJhY2NlMzhmNWZjNGRlMmRjMTZkYmI5YWI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpRkBMcfk+s4+h7L942gcFDcesQzbNZCP1/BIMqb313ien
WoDWtvKTyXkhk8Zu/v1xRr20Tk2pyvO2x/fAwNoMT3vhTTTYruP96X1yVxzN9WOE
tgX66UTIrPOpAuFFZH3H4vwK1OzG+I2QqHGngLhOUKvR8H3KResSx5rd6zVT78U0
X406Dx+0TgZ2V6lD5KFKlxlHPT7/bR0grCMZA7JcXhX/V7BSHoCkraBELFLlXTiI
f0az0hTWclA8yrIJED3mr5tRuUy7JL9xWeAAEuqDQXjXEud01tl8tGCsT7uiNS1d
cpqIpUgX2HqzxhjHl+R31dN2TwJe2vjNRB+fI6shAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUrO+nkak2oikUx4CkDVzhtBrp6NwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkMDJkOGRmLWY4NWQtNDUzZi05MzYyLWY5MzI5NjU0NzA3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9gQMAwDQYJKoZIhvcNAQELBQADggEBAHow2r4lwTXKV6hdg+4U55CE
DqobyRhtS4JjXL78yg2mlZ/viAeZClkMq4+GcTYhS4A/D/jGDV1BT7YtWk8B4Ek4
PLUMaWPCfp3VUUmFTr3+3lgwxB2Xo/AeTqNR2fC3ZgCjzhOnWhl+CK5sed7ipXHN
boq14PbagniQ+11p/s1saI0MjfNSyrg4pqoenfTm9sYQSd1tMYDSkw+YN9xhFT8l
IaPKHB6omTLm7qrfRHi14hvi/4ZoRyNnPtiBSTVRoBBXDnS4rXBR2H/0Ucb5Tc/i
RvDsedKv525W7/so7eNJFIKrvFkTIeHRhvHBPw6IZWxFKn1WR4vOzMJjq/rHNCk=
-----END CERTIFICATE-----