Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba1287aa-91c5-4550-bf04-c7c8d393b8f2.roa
File:                     ba1287aa-91c5-4550-bf04-c7c8d393b8f2.roa (raw, json)
Hash identifier:          hI3AYqX106obO2Hx+9DisDcNkMwi7RFuvSjN936cnFM=
Subject key identifier:   2D:7E:A9:A2:A9:9D:68:A6:D0:B9:69:CD:E6:D7:E7:E5:41:FF:AF:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       55FBF0DCD551689C39FA58D902FAF4B80AE7CE2F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba1287aa-91c5-4550-bf04-c7c8d393b8f2.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:4070::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:fb:f0:dc:d5:51:68:9c:39:fa:58:d9:02:fa:f4:b8:0a:e7:ce:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=b0492096d8d9acab9092e50119074f8eca050f5d16d36086882d86524d99f908, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ec:f9:45:a0:27:e6:c5:16:c7:0e:48:40:1d:
                    79:62:22:3c:e4:77:07:da:16:66:85:85:d7:40:93:
                    1a:83:d6:6f:97:ac:d2:e3:d6:bc:23:50:34:7d:00:
                    c4:64:bb:1d:b1:98:47:6e:15:29:df:c5:70:2c:5c:
                    c8:c1:8d:28:1b:f8:96:ab:9c:5d:fc:bb:32:0a:bd:
                    78:dc:29:66:4f:91:6d:a7:da:97:54:f3:bb:f1:11:
                    b7:9a:3f:15:9a:69:09:a5:2c:53:03:a0:e3:cb:28:
                    e0:31:07:45:6b:d0:a2:a5:5c:93:35:ae:81:e9:48:
                    15:0d:89:7b:c4:09:4c:db:9b:58:27:7d:d2:23:fa:
                    00:fb:a3:45:f9:9d:6f:32:34:59:31:f9:27:6a:53:
                    4e:d3:dc:05:f1:86:7e:38:ce:17:d7:74:64:bd:cf:
                    1f:49:24:41:35:90:f2:a4:b7:30:d8:60:2b:11:2a:
                    bf:41:7d:51:3f:6b:df:41:59:c7:96:b1:26:c0:d4:
                    b2:6b:89:57:60:bf:56:fb:54:e6:31:8e:1f:21:40:
                    26:3b:3f:0d:57:cd:80:30:01:d4:74:dd:ee:d0:2f:
                    47:50:e1:4b:75:7f:12:31:d2:fd:80:f4:1c:bf:99:
                    6d:35:2c:50:62:15:16:15:a4:26:58:62:a6:0e:c0:
                    07:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:7E:A9:A2:A9:9D:68:A6:D0:B9:69:CD:E6:D7:E7:E5:41:FF:AF:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba1287aa-91c5-4550-bf04-c7c8d393b8f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:4070::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:ba:0d:f4:59:0e:00:d5:a8:8d:b3:6b:55:eb:3c:94:8f:c2:
         de:de:34:ca:56:10:e9:39:76:7c:4e:c2:77:79:f2:90:3e:c5:
         c6:89:d4:82:ee:8e:db:5d:44:16:39:3a:c7:6a:32:93:69:8d:
         2c:de:9e:37:fa:19:fd:4f:37:fe:9c:01:cc:54:91:18:22:81:
         41:b5:a1:cf:35:63:8d:47:53:1c:87:df:53:06:05:f7:ef:d5:
         59:25:4c:5e:98:f2:2a:d0:17:a4:93:14:9e:eb:63:23:32:25:
         f1:8b:e8:9f:f9:0d:d3:80:d0:6f:4c:a0:ec:b0:6a:c0:e1:9b:
         4b:96:af:18:cc:15:90:07:e5:bf:00:a3:1f:4d:84:b3:99:1d:
         42:77:94:51:1d:01:a6:1c:e7:98:88:15:0b:ac:61:b7:bf:e0:
         77:52:b7:44:83:69:b9:87:12:22:fe:73:99:e8:fa:eb:27:17:
         cf:38:83:d1:39:37:11:ae:30:1c:91:96:85:28:cf:c1:1f:bf:
         7b:a0:2d:e2:e2:1c:4f:a2:97:2f:42:08:d8:0b:f9:ff:f5:2b:
         d6:c3:f0:df:4b:87:98:86:84:31:f1:46:97:f7:28:bd:91:34:
         c7:b0:db:d7:53:59:3e:7a:0b:80:86:d4:3c:e7:23:c6:12:59:
         79:d0:7d:9b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUVfvw3NVRaJw5+ljZAvr0uArnzi8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMDQ5MjA5NmQ4ZDlhY2FiOTA5MmU1MDExOTA3NGY4ZWNh
MDUwZjVkMTZkMzYwODY4ODJkODY1MjRkOTlmOTA4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC17PlFoCfmxRbHDkhAHXliIjzkdwfaFmaFhddAkxqD1m+X
rNLj1rwjUDR9AMRkux2xmEduFSnfxXAsXMjBjSgb+JarnF38uzIKvXjcKWZPkW2n
2pdU87vxEbeaPxWaaQmlLFMDoOPLKOAxB0Vr0KKlXJM1roHpSBUNiXvECUzbm1gn
fdIj+gD7o0X5nW8yNFkx+SdqU07T3AXxhn44zhfXdGS9zx9JJEE1kPKktzDYYCsR
Kr9BfVE/a99BWceWsSbA1LJriVdgv1b7VOYxjh8hQCY7Pw1XzYAwAdR03e7QL0dQ
4Ut1fxIx0v2A9By/mW01LFBiFRYVpCZYYqYOwAdjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULX6poqmdaKbQuWnN5tfn5UH/r5swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhMTI4N2FhLTkxYzUtNDU1MC1iZjA0LWM3YzhkMzkzYjhmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//QHAwDQYJKoZIhvcNAQELBQADggEBAEm6DfRZDgDVqI2za1XrPJSP
wt7eNMpWEOk5dnxOwnd58pA+xcaJ1ILujttdRBY5OsdqMpNpjSzenjf6Gf1PN/6c
AcxUkRgigUG1oc81Y41HUxyH31MGBffv1VklTF6Y8irQF6STFJ7rYyMyJfGL6J/5
DdOA0G9MoOywasDhm0uWrxjMFZAH5b8Aox9NhLOZHUJ3lFEdAaYc55iIFQusYbe/
4HdSt0SDabmHEiL+c5no+usnF884g9E5NxGuMByRloUoz8Efv3ugLeLiHE+ily9C
CNgL+f/1K9bD8N9Lh5iGhDHxRpf3KL2RNMew29dTWT56C4CG1DznI8YSWXnQfZs=
-----END CERTIFICATE-----