Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efc263c4-eedd-4628-860d-5b0a2aeb2d2a.roa
File:                     efc263c4-eedd-4628-860d-5b0a2aeb2d2a.roa (raw, json)
Hash identifier:          gbcilDHcKvutP8aJIrmO+OkgVkEBYeG1eTBRUs8uUM4=
Subject key identifier:   C6:D0:1C:80:E5:45:9D:19:4C:DF:1F:7F:EA:28:9D:0F:D0:A5:57:1D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       77DDD13C3F47668A3C99426AA36AB2B7DEEEAD6D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efc263c4-eedd-4628-860d-5b0a2aeb2d2a.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1e:4000::/36 maxlen: 36
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:dd:d1:3c:3f:47:66:8a:3c:99:42:6a:a3:6a:b2:b7:de:ee:ad:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=c9ae2accae9fc94fcfb1b7db6a2785b54d32bb42f4a3f91edb5997707a15179d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:38:14:2a:05:f4:33:38:b8:1b:75:11:6c:80:
                    54:be:40:89:69:b5:0a:43:9f:eb:c9:d7:b9:e0:e1:
                    54:36:c5:aa:f7:53:9e:c3:98:2f:b1:29:fe:d5:eb:
                    da:22:d5:b6:4d:a9:02:f0:3c:1e:2c:52:29:0a:39:
                    d7:79:1e:e2:b5:35:cc:1f:54:ee:57:2d:d6:b7:23:
                    44:08:fc:c6:bc:d9:1e:8d:72:8e:fa:60:50:42:4c:
                    05:31:ab:fd:90:48:10:8a:6a:70:87:6b:05:b6:06:
                    5d:e6:e3:33:23:95:28:f3:3c:34:c4:85:8b:f4:35:
                    a7:11:ab:95:0c:91:95:16:1a:da:8c:8b:85:10:01:
                    e4:87:8d:46:19:4e:ef:20:77:5e:82:1b:95:36:7e:
                    72:e4:bb:f3:a8:7b:0c:10:1f:08:e0:55:d9:3e:2a:
                    5f:81:8f:33:42:20:b7:0c:a7:0c:b3:52:45:5d:b0:
                    80:51:f1:11:47:f8:96:2a:f8:55:4d:36:e9:54:2b:
                    ee:a0:89:c5:eb:42:c2:57:54:cd:3a:93:62:8a:95:
                    93:8a:1c:05:6e:63:a8:a7:47:8c:d4:86:55:db:bc:
                    46:31:d5:e8:2f:f3:93:ed:bf:9c:e0:f5:f4:aa:8d:
                    46:9a:aa:d9:b8:19:fe:79:4f:52:53:6d:aa:aa:f3:
                    1e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D0:1C:80:E5:45:9D:19:4C:DF:1F:7F:EA:28:9D:0F:D0:A5:57:1D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efc263c4-eedd-4628-860d-5b0a2aeb2d2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1e:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         38:41:79:fd:66:5b:bf:0d:94:94:ca:20:09:e0:8e:ea:02:74:
         52:85:b2:40:2d:b4:2b:25:4d:08:66:05:52:8e:07:32:fd:b5:
         72:6b:39:6a:a1:eb:8e:e4:fc:7b:b3:d2:72:88:c8:28:36:5a:
         d4:ca:87:24:39:81:46:4b:54:20:f3:2d:84:fd:02:8e:98:14:
         e0:56:1e:3d:df:e4:c8:5c:69:8b:fe:d6:5b:43:99:27:f7:6f:
         d9:3e:05:86:66:e2:90:d6:19:1e:22:4e:2e:59:21:fb:71:11:
         18:52:f8:67:d4:e6:aa:e5:28:33:6d:7d:4f:45:bb:24:9e:0f:
         75:3f:53:c5:62:25:2c:a8:89:4f:fb:28:45:d7:50:bc:c3:7b:
         cb:46:97:11:74:d4:87:7c:b5:b4:0c:52:06:7b:c6:6d:69:33:
         10:b8:21:f1:81:40:d1:bd:26:30:13:63:94:64:0e:f9:35:ac:
         4a:28:d3:28:51:d4:06:69:d3:96:d5:88:d0:36:6c:31:1b:2b:
         fd:01:1f:f8:59:1b:59:54:0d:d5:b7:32:c1:bc:69:52:0b:60:
         6a:3a:97:c0:dd:8b:d3:81:5d:de:f2:a1:19:99:36:33:88:e8:
         a8:f9:83:7d:72:93:20:19:e2:08:02:ef:b7:07:25:ad:8c:02:
         0e:ca:3e:5b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUd93RPD9HZoo8mUJqo2qyt97urW0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOWFlMmFjY2FlOWZjOTRmY2ZiMWI3ZGI2YTI3ODViNTRk
MzJiYjQyZjRhM2Y5MWVkYjU5OTc3MDdhMTUxNzlkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWOBQqBfQzOLgbdRFsgFS+QIlptQpDn+vJ17ng4VQ2xar3
U57DmC+xKf7V69oi1bZNqQLwPB4sUikKOdd5HuK1NcwfVO5XLda3I0QI/Ma82R6N
co76YFBCTAUxq/2QSBCKanCHawW2Bl3m4zMjlSjzPDTEhYv0NacRq5UMkZUWGtqM
i4UQAeSHjUYZTu8gd16CG5U2fnLku/OoewwQHwjgVdk+Kl+BjzNCILcMpwyzUkVd
sIBR8RFH+JYq+FVNNulUK+6gicXrQsJXVM06k2KKlZOKHAVuY6inR4zUhlXbvEYx
1egv85Ptv5zg9fSqjUaaqtm4Gf55T1JTbaqq8x5BAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUxtAcgOVFnRlM3x9/6iidD9ClVx0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VmYzI2M2M0LWVlZGQtNDYyOC04NjBkLTViMGEyYWViMmQyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8eQDANBgkqhkiG9w0BAQsFAAOCAQEAOEF5/WZbvw2UlMogCeCO6gJ0
UoWyQC20KyVNCGYFUo4HMv21cms5aqHrjuT8e7PScojIKDZa1MqHJDmBRktUIPMt
hP0CjpgU4FYePd/kyFxpi/7WW0OZJ/dv2T4FhmbikNYZHiJOLlkh+3ERGFL4Z9Tm
quUoM219T0W7JJ4PdT9TxWIlLKiJT/soRddQvMN7y0aXEXTUh3y1tAxSBnvGbWkz
ELgh8YFA0b0mMBNjlGQO+TWsSijTKFHUBmnTltWI0DZsMRsr/QEf+FkbWVQN1bcy
wbxpUgtgajqXwN2L04Fd3vKhGZk2M4joqPmDfXKTIBniCALvtwclrYwCDso+Ww==
-----END CERTIFICATE-----