Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d178aa-6c0c-4bfd-b6cc-99aa8d2804df.roa
File:                     d6d178aa-6c0c-4bfd-b6cc-99aa8d2804df.roa (raw, json)
Hash identifier:          9Mz+nvL5qYvzO2p/wwJAAJqk0qnM/9wmpk+pA/3Wb6g=
Subject key identifier:   74:89:86:2A:9B:D4:35:49:D2:4A:07:E8:7A:56:C5:BC:85:18:9C:6D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40794C563FD1EF20C33D803460C7AF9509AE38C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d178aa-6c0c-4bfd-b6cc-99aa8d2804df.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:c000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:79:4c:56:3f:d1:ef:20:c3:3d:80:34:60:c7:af:95:09:ae:38:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=5fa330e29eb45df1be78e1ae8280e6d0a7e4addafc2ec21805cfa2fd8e8f3b1c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:fe:ed:6e:54:e4:e9:29:9e:e2:5a:d3:b1:93:
                    72:2e:21:0b:5f:30:c2:2f:c1:f0:42:33:2b:93:03:
                    b5:db:01:46:b5:b0:f1:44:d4:01:77:76:7d:1f:c6:
                    88:ec:d8:09:34:9c:46:01:e1:75:b6:a4:ab:6e:95:
                    d9:47:31:69:90:d0:07:96:5f:84:be:8a:1b:c9:fc:
                    39:ac:7b:42:b9:d1:b3:a6:76:05:41:09:d8:53:90:
                    c1:ef:51:da:87:1e:70:40:f0:09:49:91:98:17:af:
                    3f:19:23:f5:af:8d:8e:5e:f7:59:a0:53:ba:d0:65:
                    f9:11:25:aa:1a:bd:a0:bb:53:24:9d:dc:02:fb:81:
                    29:98:7f:75:d4:49:d5:d9:76:74:63:89:3c:88:97:
                    00:31:14:53:22:3f:fd:3f:ad:51:19:2a:b3:86:05:
                    22:10:2a:b3:0b:0c:4b:c1:dd:a7:35:3e:1c:cf:9b:
                    c9:a9:ed:34:4c:ce:45:30:3a:b6:61:f1:fb:4b:37:
                    54:f4:9a:af:6d:fa:e5:0d:0a:7b:b5:ee:6a:9f:17:
                    24:69:8d:6a:bd:e1:f5:d5:63:e8:30:a9:09:47:65:
                    45:6b:9b:e9:45:b5:e4:f3:d5:73:b2:7d:41:d3:90:
                    4c:fd:90:3f:06:da:d1:45:c5:64:65:e8:0b:17:2e:
                    e7:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:89:86:2A:9B:D4:35:49:D2:4A:07:E8:7A:56:C5:BC:85:18:9C:6D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d178aa-6c0c-4bfd-b6cc-99aa8d2804df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         d9:62:15:79:d7:4c:61:71:1b:c9:13:4d:bb:0d:1b:15:6c:b0:
         ee:b9:37:7b:f8:31:05:fe:a2:49:5b:ab:7a:9c:cc:6f:25:4f:
         cc:96:99:30:13:b1:60:24:73:89:ad:65:36:bb:23:26:de:8b:
         f4:75:dd:15:99:50:11:6f:45:0a:a8:bf:98:ad:8d:08:a5:57:
         2e:16:cb:c1:bf:92:1b:69:32:91:65:dd:24:0f:77:2b:8f:76:
         33:97:8c:dc:1f:1f:f6:dd:13:35:25:20:5c:4e:e4:c9:7b:99:
         49:5f:a7:80:2f:a3:c5:e1:6b:a2:3e:a4:48:69:c4:f7:51:36:
         78:27:b3:66:19:1e:32:2b:8f:4b:e9:02:e0:66:59:b7:37:0c:
         37:0f:ea:da:8c:87:9f:2f:d2:5d:5f:3f:85:15:d1:e0:73:82:
         27:86:fa:5f:7b:a8:fd:91:36:b8:97:37:da:b6:0e:84:cb:f9:
         c7:73:ad:2f:9e:34:e3:d9:fd:09:09:99:3a:d3:3d:d4:d6:eb:
         30:42:7c:ca:b2:eb:a4:e5:b2:00:01:bf:b4:92:bd:c3:48:15:
         9f:de:47:68:bb:19:1b:08:d8:dc:39:91:37:e5:e3:cf:f6:5b:
         a5:8f:2b:43:12:e7:c7:04:e6:56:16:99:41:38:88:43:be:57:
         6a:3a:7e:ac
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQHlMVj/R7yDDPYA0YMevlQmuOMUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZmEzMzBlMjllYjQ1ZGYxYmU3OGUxYWU4MjgwZTZkMGE3
ZTRhZGRhZmMyZWMyMTgwNWNmYTJmZDhlOGYzYjFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO/u1uVOTpKZ7iWtOxk3IuIQtfMMIvwfBCMyuTA7XbAUa1
sPFE1AF3dn0fxojs2Ak0nEYB4XW2pKtuldlHMWmQ0AeWX4S+ihvJ/Dmse0K50bOm
dgVBCdhTkMHvUdqHHnBA8AlJkZgXrz8ZI/WvjY5e91mgU7rQZfkRJaoavaC7UySd
3AL7gSmYf3XUSdXZdnRjiTyIlwAxFFMiP/0/rVEZKrOGBSIQKrMLDEvB3ac1PhzP
m8mp7TRMzkUwOrZh8ftLN1T0mq9t+uUNCnu17mqfFyRpjWq94fXVY+gwqQlHZUVr
m+lFteTz1XOyfUHTkEz9kD8G2tFFxWRl6AsXLucDAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUdImGKpvUNUnSSgfoelbFvIUYnG0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2ZDE3OGFhLTZjMGMtNGJmZC1iNmNjLTk5YWE4ZDI4MDRkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9hwDANBgkqhkiG9w0BAQsFAAOCAQEA2WIVeddMYXEbyRNNuw0bFWyw
7rk3e/gxBf6iSVurepzMbyVPzJaZMBOxYCRzia1lNrsjJt6L9HXdFZlQEW9FCqi/
mK2NCKVXLhbLwb+SG2kykWXdJA93K492M5eM3B8f9t0TNSUgXE7kyXuZSV+ngC+j
xeFroj6kSGnE91E2eCezZhkeMiuPS+kC4GZZtzcMNw/q2oyHny/SXV8/hRXR4HOC
J4b6X3uo/ZE2uJc32rYOhMv5x3OtL54049n9CQmZOtM91NbrMEJ8yrLrpOWyAAG/
tJK9w0gVn95HaLsZGwjY3DmRN+Xjz/ZbpY8rQxLnxwTmVhaZQTiIQ75Xajp+rA==
-----END CERTIFICATE-----