Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbdd17c9-27ad-4c38-890d-3eb044a73b3e.roa
File:                     cbdd17c9-27ad-4c38-890d-3eb044a73b3e.roa (raw, json)
Hash identifier:          Xri9kxGHhUj+W1Gh6/U4Rci9QZk6f7jOrMi2L5z2iZw=
Subject key identifier:   AB:4B:A8:63:9F:7A:90:59:E4:69:54:42:20:3C:EF:EF:CC:46:C3:20
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26D84494005FED282ADE0C2DCAE83D9F004A7B91
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbdd17c9-27ad-4c38-890d-3eb044a73b3e.roa
Signing time:             Tue 21 Jan 2025 00:00:00 +0000
ROA not before:           Tue 21 Jan 2025 00:00:00 +0000
ROA not after:            Tue 25 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f30:8040::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:d8:44:94:00:5f:ed:28:2a:de:0c:2d:ca:e8:3d:9f:00:4a:7b:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 21 00:00:00 2025 GMT
            Not After : Feb 25 23:59:59 2025 GMT
        Subject: serialNumber=96564eb692a129aabfe07cc936e6ffa1c92a7aa71eedd7f7fae89243054d3fc4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b5:41:5f:1a:9f:c9:7e:bc:e3:74:28:28:c2:
                    0b:6f:fa:bd:fd:88:88:fe:56:42:39:4a:3b:1b:6e:
                    93:f5:31:bb:d0:ae:3e:c4:87:dd:c8:75:ff:aa:d0:
                    f9:7a:1b:12:dc:ef:7e:3f:2a:5b:74:d5:d9:d0:20:
                    df:29:71:57:8a:34:52:83:2e:7b:be:0a:00:94:9c:
                    25:92:99:4e:74:23:2c:c2:3d:cb:12:f4:31:8e:c6:
                    6e:c9:64:d4:f5:c9:6a:4c:46:6c:8e:ee:ec:75:94:
                    1b:e3:ce:ae:0c:4f:81:75:b4:6a:4f:3f:26:60:ea:
                    c6:fd:81:bc:36:ed:70:61:76:44:45:94:2a:1b:f5:
                    cb:00:de:31:10:1f:9b:60:c2:6e:e0:f3:72:57:02:
                    ba:5a:34:76:bc:e5:64:11:3f:15:47:9c:ba:c1:39:
                    e7:87:1d:54:49:70:1b:0c:29:e2:8b:12:23:99:ca:
                    6e:b7:13:63:8e:5f:61:54:af:75:d1:02:43:d6:b0:
                    58:69:47:4b:44:a5:db:0a:49:6d:66:f4:ed:c0:3e:
                    cb:50:89:31:55:c2:df:8c:4d:21:39:dd:04:af:e2:
                    09:75:af:07:99:fa:17:75:1b:2f:e4:2f:96:c8:1e:
                    47:03:86:77:b2:6a:3c:ff:6a:15:15:8d:a0:98:60:
                    a5:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:4B:A8:63:9F:7A:90:59:E4:69:54:42:20:3C:EF:EF:CC:46:C3:20
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbdd17c9-27ad-4c38-890d-3eb044a73b3e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f30:8040::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:62:21:c8:61:db:3f:eb:61:a7:1a:b1:68:e9:6a:5e:41:e9:
         43:11:4e:95:79:28:8f:31:55:0d:9a:0a:54:12:d2:28:98:fa:
         89:85:74:de:e1:21:35:70:51:ae:9f:37:d3:1b:77:90:c2:e5:
         19:72:7b:1f:76:88:32:40:01:3c:d9:df:46:67:69:63:cc:09:
         30:30:0a:c7:43:03:a7:e3:79:ea:7f:25:f1:e3:27:cb:8a:4c:
         2c:11:0c:9f:46:87:da:95:aa:ea:f4:3a:5e:11:ea:db:28:51:
         5b:14:18:62:96:95:a9:42:a2:95:d7:54:d5:af:eb:ec:85:3d:
         99:05:4a:15:6c:11:ca:12:6d:ea:ee:3f:26:aa:25:88:98:e3:
         04:ca:69:f7:0b:8d:a4:47:41:6d:86:f6:0d:d2:f5:61:50:54:
         b8:5f:c4:8e:e5:95:97:2f:de:18:b0:6e:cc:a1:fd:0e:c8:f3:
         ec:5d:67:1e:b5:15:ce:25:93:01:a6:55:b9:35:c3:f6:eb:5a:
         76:cb:f8:44:1a:15:6f:f3:0b:9f:fe:e8:3e:b6:f2:88:80:d4:
         2e:c2:9f:86:0f:e3:af:47:7e:48:f6:77:ec:a0:93:1e:39:9f:
         e3:b7:67:12:3e:17:3f:cb:f8:11:34:fa:00:dc:00:47:50:32:
         24:80:44:07
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJthElABf7Sgq3gwtyug9nwBKe5EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjU2NGViNjkyYTEyOWFhYmZlMDdjYzkzNmU2ZmZhMWM5
MmE3YWE3MWVlZGQ3ZjdmYWU4OTI0MzA1NGQzZmM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbtUFfGp/JfrzjdCgowgtv+r39iIj+VkI5SjsbbpP1MbvQ
rj7Eh93Idf+q0Pl6GxLc734/Klt01dnQIN8pcVeKNFKDLnu+CgCUnCWSmU50IyzC
PcsS9DGOxm7JZNT1yWpMRmyO7ux1lBvjzq4MT4F1tGpPPyZg6sb9gbw27XBhdkRF
lCob9csA3jEQH5tgwm7g83JXArpaNHa85WQRPxVHnLrBOeeHHVRJcBsMKeKLEiOZ
ym63E2OOX2FUr3XRAkPWsFhpR0tEpdsKSW1m9O3APstQiTFVwt+MTSE53QSv4gl1
rweZ+hd1Gy/kL5bIHkcDhneyajz/ahUVjaCYYKV3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUq0uoY596kFnkaVRCIDzv78xGwyAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiZGQxN2M5LTI3YWQtNGMzOC04OTBkLTNlYjA0NGE3M2IzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8wgEAwDQYJKoZIhvcNAQELBQADggEBAFxiIchh2z/rYacasWjpal5B
6UMRTpV5KI8xVQ2aClQS0iiY+omFdN7hITVwUa6fN9Mbd5DC5Rlyex92iDJAATzZ
30ZnaWPMCTAwCsdDA6fjeep/JfHjJ8uKTCwRDJ9Gh9qVqur0Ol4R6tsoUVsUGGKW
lalCopXXVNWv6+yFPZkFShVsEcoSberuPyaqJYiY4wTKafcLjaRHQW2G9g3S9WFQ
VLhfxI7llZcv3hiwbsyh/Q7I8+xdZx61Fc4lkwGmVbk1w/brWnbL+EQaFW/zC5/+
6D628oiA1C7Cn4YP469Hfkj2d+ygkx45n+O3ZxI+Fz/L+BE0+gDcAEdQMiSARAc=
-----END CERTIFICATE-----