Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0d2bc8a-d348-4bbe-97f1-8cd1466b6176.roa
File:                     b0d2bc8a-d348-4bbe-97f1-8cd1466b6176.roa (raw, json)
Hash identifier:          xW9UF27KFqW+xr7Hdi5Qu41saGgnel/k0zlsy08AWBM=
Subject key identifier:   4D:5F:1B:0F:17:98:56:EB:B8:58:03:10:E8:73:AD:B1:03:C7:20:37
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       397F2CF047636C0C600F27E35847C4418AA19E01
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0d2bc8a-d348-4bbe-97f1-8cd1466b6176.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f10:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:7f:2c:f0:47:63:6c:0c:60:0f:27:e3:58:47:c4:41:8a:a1:9e:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=af2874455bb8d00b1f4ab3397457fdc5ed5f5fa9907d3c1a9003baa93e229b4c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c1:32:96:73:16:67:03:3b:11:27:23:a0:e0:
                    c0:5e:c2:93:97:cf:f4:63:ce:63:0e:25:71:92:3d:
                    94:08:d4:29:b1:d6:b9:07:e7:39:fa:11:31:c2:d8:
                    db:b1:b9:03:45:f5:66:0c:3b:ad:2e:a9:2a:3f:21:
                    61:53:29:92:d5:61:09:7d:a9:92:ce:91:03:d8:9e:
                    f0:4d:24:c0:a0:c8:3a:32:2e:02:93:80:7c:2f:a3:
                    b9:ac:45:e2:9b:22:c5:3b:90:70:15:a8:e0:ab:47:
                    99:9c:91:24:e3:55:ff:a2:59:d2:d2:64:66:08:a1:
                    97:a6:98:af:9c:43:db:c4:4e:c2:ea:9b:06:eb:b8:
                    61:27:34:44:c1:87:06:e7:e3:b8:7f:22:70:a4:19:
                    8c:6e:5e:8b:19:09:81:72:51:7f:77:40:6d:8d:87:
                    a5:77:04:16:bf:70:3b:6b:e7:4a:ad:f5:2a:32:99:
                    ea:b2:e0:44:2e:24:f5:1e:be:28:44:50:5d:c1:8f:
                    49:5e:46:d6:98:c5:9e:e8:ef:91:c2:72:c6:4a:d0:
                    13:23:8b:d9:50:82:cc:51:91:cb:50:f1:b8:05:b0:
                    1f:d6:60:ac:f9:51:0b:97:54:8d:b6:d7:49:11:26:
                    41:0f:77:d1:b0:73:c8:2f:18:8a:bc:fb:a2:76:89:
                    39:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:5F:1B:0F:17:98:56:EB:B8:58:03:10:E8:73:AD:B1:03:C7:20:37
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0d2bc8a-d348-4bbe-97f1-8cd1466b6176.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f10:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         4a:9c:80:e0:4a:79:dc:9d:ae:5f:69:12:29:87:68:6b:bf:19:
         a4:30:f0:cf:9c:f4:5b:c3:72:59:b7:ac:dc:06:4b:15:5e:a1:
         c0:14:30:b9:bb:96:f2:87:45:ab:d0:52:02:3c:0f:15:9d:12:
         77:cc:ae:92:e5:4f:49:e3:98:53:ae:c4:f0:30:17:69:b6:5c:
         a3:37:de:7e:ef:92:e0:43:c7:d0:db:c8:2e:0a:91:49:21:b5:
         7e:0a:5f:ff:03:dc:88:dd:3c:82:ee:03:a0:37:f8:d6:c1:07:
         9b:db:7c:7d:b5:8c:00:83:67:25:df:3d:00:e8:3d:df:56:5d:
         4e:9c:65:07:88:c1:f8:e9:ce:c9:e8:07:47:50:e7:54:af:a6:
         4b:35:f4:6e:37:4a:ad:d6:99:3e:d6:54:75:7e:24:57:55:55:
         b9:d4:2c:73:13:99:54:92:cd:6b:57:a4:37:e8:8d:94:7b:3e:
         ef:c8:cb:db:ac:d3:53:69:32:01:0c:c7:ac:cb:25:a4:3d:62:
         93:60:c5:a3:b3:da:fe:23:a7:02:cf:1a:a2:d7:78:04:12:e8:
         e9:4e:89:94:ff:50:f3:37:9a:d7:0b:7b:54:66:c5:1a:70:0c:
         cd:0f:a6:0e:78:ae:d8:ae:24:46:38:47:14:3b:8c:c0:9d:72:
         5a:04:af:e8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOX8s8EdjbAxgDyfjWEfEQYqhngEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjI4NzQ0NTViYjhkMDBiMWY0YWIzMzk3NDU3ZmRjNWVk
NWY1ZmE5OTA3ZDNjMWE5MDAzYmFhOTNlMjI5YjRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMwTKWcxZnAzsRJyOg4MBewpOXz/RjzmMOJXGSPZQI1Cmx
1rkH5zn6ETHC2NuxuQNF9WYMO60uqSo/IWFTKZLVYQl9qZLOkQPYnvBNJMCgyDoy
LgKTgHwvo7msReKbIsU7kHAVqOCrR5mckSTjVf+iWdLSZGYIoZemmK+cQ9vETsLq
mwbruGEnNETBhwbn47h/InCkGYxuXosZCYFyUX93QG2Nh6V3BBa/cDtr50qt9Soy
meqy4EQuJPUevihEUF3Bj0leRtaYxZ7o75HCcsZK0BMji9lQgsxRkctQ8bgFsB/W
YKz5UQuXVI2210kRJkEPd9Gwc8gvGIq8+6J2iTnHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUTV8bDxeYVuu4WAMQ6HOtsQPHIDcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IwZDJiYzhhLWQzNDgtNGJiZS05N2YxLThjZDE0NjZiNjE3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8QgDANBgkqhkiG9w0BAQsFAAOCAQEASpyA4Ep53J2uX2kSKYdoa78Z
pDDwz5z0W8NyWbes3AZLFV6hwBQwubuW8odFq9BSAjwPFZ0Sd8yukuVPSeOYU67E
8DAXabZcozfefu+S4EPH0NvILgqRSSG1fgpf/wPciN08gu4DoDf41sEHm9t8fbWM
AINnJd89AOg931ZdTpxlB4jB+OnOyegHR1DnVK+mSzX0bjdKrdaZPtZUdX4kV1VV
udQscxOZVJLNa1ekN+iNlHs+78jL26zTU2kyAQzHrMslpD1ik2DFo7Pa/iOnAs8a
otd4BBLo6U6JlP9Q8zea1wt7VGbFGnAMzQ+mDniu2K4kRjhHFDuMwJ1yWgSv6A==
-----END CERTIFICATE-----