Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a538ac50-f057-4d9b-8fec-ab97bac5700f.roa
File:                     a538ac50-f057-4d9b-8fec-ab97bac5700f.roa (raw, json)
Hash identifier:          RMf2t++otzT3vyjdOekCZnJAGdjneYbO4DpEBJAjmMA=
Subject key identifier:   C0:E1:A4:8B:50:B4:F0:45:BE:F1:AF:1B:3E:F0:A0:33:6A:FC:3B:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       31CF8B5D3B7EF9605596D7C1EF70F1D9A55CF29F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a538ac50-f057-4d9b-8fec-ab97bac5700f.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f69:8080::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:cf:8b:5d:3b:7e:f9:60:55:96:d7:c1:ef:70:f1:d9:a5:5c:f2:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=99e5b5569421de736fdba685d6b381dc92ff5dfede5298a0930e67eb6e5ee2a4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b6:e6:47:d1:0e:9b:93:22:a1:2f:53:ba:9c:
                    94:dc:76:2b:bf:99:1e:d8:82:81:46:fa:ec:88:bf:
                    1e:1d:d1:fb:bc:77:7a:08:fb:c8:92:e6:e0:c8:ec:
                    08:f8:9a:3f:6f:56:c8:23:20:2b:00:89:64:bf:1c:
                    a7:57:47:7f:49:76:0a:34:76:b2:2c:c2:e6:e9:30:
                    d9:ff:e1:d8:0c:1a:c7:f8:41:d2:a9:e3:be:f0:b2:
                    a0:84:73:9a:2f:88:2c:f1:46:90:fa:01:01:f2:f1:
                    5f:99:18:70:6e:52:f9:e8:22:fd:68:e0:b5:d8:9f:
                    19:3c:55:6e:07:62:73:75:c6:aa:b1:c6:24:44:fe:
                    ee:88:b1:85:1a:c3:1c:6e:6b:23:28:6d:3a:c3:6d:
                    be:f0:ec:9d:62:91:02:32:11:cb:9c:e5:63:a7:75:
                    0a:66:9d:75:a7:e5:f3:b4:25:e6:e1:e0:d6:73:4a:
                    c2:1a:a4:99:e8:38:57:fc:d2:64:fb:b1:f2:63:0a:
                    77:1d:dd:5b:8f:e3:e7:27:86:2d:35:e6:91:97:3c:
                    92:e0:29:44:bc:c4:35:17:72:f4:a1:ab:18:2a:c4:
                    00:1e:00:a5:d9:8d:ae:c3:6a:28:88:ed:0d:da:6f:
                    bc:ae:9e:7b:ca:ac:d6:4f:cf:73:36:a8:73:a8:f7:
                    88:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:E1:A4:8B:50:B4:F0:45:BE:F1:AF:1B:3E:F0:A0:33:6A:FC:3B:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a538ac50-f057-4d9b-8fec-ab97bac5700f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:8080::/46

    Signature Algorithm: sha256WithRSAEncryption
         48:46:5d:19:27:96:ab:fe:93:60:0f:2d:3c:4a:62:47:b5:09:
         88:06:9d:4f:25:38:d0:00:be:54:5e:77:23:c9:35:52:91:84:
         8a:c2:2c:2d:d8:ee:00:34:a0:c3:cc:3e:ba:46:9a:6b:b3:b7:
         48:a6:2a:64:de:80:b0:ed:de:ea:fa:4a:23:3d:d2:40:dc:76:
         6e:77:3e:b8:09:e5:09:5e:ba:01:a2:87:bc:5e:42:6f:3c:b2:
         71:45:c8:91:83:9d:56:16:f0:75:e1:de:0c:b4:95:4e:22:2f:
         7e:2e:be:1f:09:50:a7:c9:8e:f1:1b:ee:38:0a:bc:b0:1a:38:
         ee:aa:31:36:3e:5c:4d:3c:3c:3d:7b:a1:1d:aa:94:04:fd:bd:
         4d:5e:1d:1e:c1:d3:95:56:0c:94:da:7b:10:d4:29:b7:47:0d:
         69:4c:e1:be:b4:2e:eb:55:ba:d2:73:82:68:ba:84:25:1c:a5:
         96:55:f1:a1:f1:f9:d7:4c:16:9d:d9:1b:d2:8a:93:ef:8f:a3:
         34:6a:d8:e8:6e:e2:a0:90:36:c3:17:7b:df:1d:4d:57:d3:a8:
         f9:5f:6f:cd:b2:8f:a1:0e:01:f6:5a:a9:75:67:37:ae:9e:10:
         b8:bc:67:b6:e9:a4:0a:e8:0b:fa:e8:7e:89:24:7c:e3:37:ac:
         ca:f9:d4:f6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMc+LXTt++WBVltfB73Dx2aVc8p8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5OWU1YjU1Njk0MjFkZTczNmZkYmE2ODVkNmIzODFkYzky
ZmY1ZGZlZGU1Mjk4YTA5MzBlNjdlYjZlNWVlMmE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7tuZH0Q6bkyKhL1O6nJTcdiu/mR7YgoFG+uyIvx4d0fu8
d3oI+8iS5uDI7Aj4mj9vVsgjICsAiWS/HKdXR39Jdgo0drIswubpMNn/4dgMGsf4
QdKp477wsqCEc5oviCzxRpD6AQHy8V+ZGHBuUvnoIv1o4LXYnxk8VW4HYnN1xqqx
xiRE/u6IsYUawxxuayMobTrDbb7w7J1ikQIyEcuc5WOndQpmnXWn5fO0Jebh4NZz
SsIapJnoOFf80mT7sfJjCncd3VuP4+cnhi015pGXPJLgKUS8xDUXcvShqxgqxAAe
AKXZja7DaiiI7Q3ab7yunnvKrNZPz3M2qHOo94j5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwOGki1C08EW+8a8bPvCgM2r8O2owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1MzhhYzUwLWYwNTctNGQ5Yi04ZmVjLWFiOTdiYWM1NzAwZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9pgIAwDQYJKoZIhvcNAQELBQADggEBAEhGXRknlqv+k2APLTxKYke1
CYgGnU8lONAAvlRedyPJNVKRhIrCLC3Y7gA0oMPMPrpGmmuzt0imKmTegLDt3ur6
SiM90kDcdm53PrgJ5QleugGih7xeQm88snFFyJGDnVYW8HXh3gy0lU4iL34uvh8J
UKfJjvEb7jgKvLAaOO6qMTY+XE08PD17oR2qlAT9vU1eHR7B05VWDJTaexDUKbdH
DWlM4b60LutVutJzgmi6hCUcpZZV8aHx+ddMFp3ZG9KKk++PozRq2Ohu4qCQNsMX
e98dTVfTqPlfb82yj6EOAfZaqXVnN66eELi8Z7bppAroC/rofokkfOM3rMr51PY=
-----END CERTIFICATE-----