Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5987d35-d2d1-4186-a515-eaf058a8679e.roa
File:                     d5987d35-d2d1-4186-a515-eaf058a8679e.roa (raw, json)
Hash identifier:          /CCinuinNbZwO2LYT27ggI7w+D4EOckt+Ny6i3+e4Xc=
Subject key identifier:   67:2D:D8:C4:63:38:1D:8A:44:87:E6:0A:C7:F4:21:AE:A5:36:36:E8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19C5D88CBE9135FB23290A96C66BB497F967A1E7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5987d35-d2d1-4186-a515-eaf058a8679e.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:e080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:c5:d8:8c:be:91:35:fb:23:29:0a:96:c6:6b:b4:97:f9:67:a1:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=e0a9e83b4e66c51e3092610549699819081f9c84c9f79a81192e09967b63591d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2c:7b:ba:5e:ed:a4:1b:48:5a:5a:b7:3b:3a:
                    ff:85:24:8e:37:cb:e2:d1:35:15:c8:e3:64:d5:03:
                    9c:50:87:cb:b1:c4:28:57:9e:25:52:40:9e:20:10:
                    5c:03:82:23:25:58:cb:c6:14:79:49:16:26:b7:b7:
                    c3:a8:2d:ed:87:4d:a3:82:34:51:10:a5:c4:c8:10:
                    25:b3:99:26:c9:f4:86:1b:62:f4:03:bf:00:22:90:
                    ed:fa:75:82:d1:40:da:ef:57:c7:43:f4:28:ea:1a:
                    97:88:57:a0:a2:e0:20:1f:5e:bd:cb:cb:f4:c1:f8:
                    6b:a4:0d:59:b7:f4:bb:ed:3f:ce:aa:92:8a:87:5d:
                    ef:73:35:29:a4:d1:cb:58:b6:ae:32:99:be:ac:0c:
                    31:de:78:53:15:e4:66:0c:a5:a7:63:78:5f:b2:0b:
                    7d:23:29:5e:61:60:e1:d5:47:7b:d5:28:07:7b:77:
                    7d:c3:97:dc:78:6a:8c:39:f2:74:a8:c1:08:22:de:
                    ce:61:a2:95:a1:4d:b2:23:80:99:b0:3e:85:23:ec:
                    94:dd:fd:5f:24:fc:13:39:47:2d:29:2d:46:6d:b7:
                    f6:32:1a:e8:6b:d3:38:1d:9b:2b:ea:66:e9:1c:c8:
                    aa:7e:7e:76:7e:15:93:6b:86:db:51:f8:8c:21:d4:
                    c2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:2D:D8:C4:63:38:1D:8A:44:87:E6:0A:C7:F4:21:AE:A5:36:36:E8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5987d35-d2d1-4186-a515-eaf058a8679e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:e080::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:50:5d:31:c9:62:20:09:b4:3c:2c:05:4e:e6:84:55:61:94:
         ec:7c:3f:32:23:93:55:ed:f3:d8:9d:b6:b7:36:68:1b:e4:54:
         18:cb:29:f3:38:ca:63:ad:e8:03:c7:95:02:36:83:26:48:6e:
         5b:02:fd:d5:1d:2f:b5:62:f0:87:10:3e:db:4f:13:9d:63:bf:
         fd:1a:08:05:c2:e2:62:f8:d4:10:e0:a5:9d:08:8a:6d:bc:2c:
         14:2e:0f:b8:b0:53:22:7a:00:62:13:8d:87:ca:46:6f:73:14:
         3d:b7:a5:14:d7:69:0b:53:14:5e:8e:e7:bf:65:83:b9:e0:a6:
         fe:e5:66:da:81:4c:47:88:26:b6:d8:54:12:b5:0f:f7:e6:de:
         a2:2c:c9:a1:e1:ff:66:70:ab:19:c2:06:95:64:c9:c4:e1:34:
         a5:76:bc:d0:36:b9:b1:8a:0e:2b:1d:e1:21:47:f2:b0:9a:ac:
         8d:eb:20:74:9c:d5:55:a1:a6:79:a1:0a:e8:d9:0c:db:24:3a:
         f3:8c:16:80:70:ec:a8:1b:e4:fe:be:d7:6d:37:e7:42:e4:1b:
         56:09:fd:f7:30:9e:f1:fe:6e:02:e6:6e:df:43:7e:df:72:55:
         1f:13:be:e6:99:91:49:79:29:2b:1c:8c:46:b8:e5:07:0b:be:
         17:34:41:26
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGcXYjL6RNfsjKQqWxmu0l/lnoecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMGE5ZTgzYjRlNjZjNTFlMzA5MjYxMDU0OTY5OTgxOTA4
MWY5Yzg0YzlmNzlhODExOTJlMDk5NjdiNjM1OTFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOLHu6Xu2kG0haWrc7Ov+FJI43y+LRNRXI42TVA5xQh8ux
xChXniVSQJ4gEFwDgiMlWMvGFHlJFia3t8OoLe2HTaOCNFEQpcTIECWzmSbJ9IYb
YvQDvwAikO36dYLRQNrvV8dD9CjqGpeIV6Ci4CAfXr3Ly/TB+GukDVm39LvtP86q
koqHXe9zNSmk0ctYtq4ymb6sDDHeeFMV5GYMpadjeF+yC30jKV5hYOHVR3vVKAd7
d33Dl9x4aow58nSowQgi3s5hopWhTbIjgJmwPoUj7JTd/V8k/BM5Ry0pLUZtt/Yy
Guhr0zgdmyvqZukcyKp+fnZ+FZNrhttR+Iwh1MJ3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZy3YxGM4HYpEh+YKx/QhrqU2NugwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1OTg3ZDM1LWQyZDEtNDE4Ni1hNTE1LWVhZjA1OGE4Njc5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/y4IAwDQYJKoZIhvcNAQELBQADggEBAK1QXTHJYiAJtDwsBU7mhFVh
lOx8PzIjk1Xt89idtrc2aBvkVBjLKfM4ymOt6APHlQI2gyZIblsC/dUdL7Vi8IcQ
PttPE51jv/0aCAXC4mL41BDgpZ0Iim28LBQuD7iwUyJ6AGITjYfKRm9zFD23pRTX
aQtTFF6O579lg7ngpv7lZtqBTEeIJrbYVBK1D/fm3qIsyaHh/2ZwqxnCBpVkycTh
NKV2vNA2ubGKDisd4SFH8rCarI3rIHSc1VWhpnmhCujZDNskOvOMFoBw7Kgb5P6+
120350LkG1YJ/fcwnvH+bgLmbt9Dft9yVR8TvuaZkUl5KSscjEa45QcLvhc0QSY=
-----END CERTIFICATE-----