Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0bfd803-ff17-4146-a35b-8824d41bfca6.roa
File:                     f0bfd803-ff17-4146-a35b-8824d41bfca6.roa (raw, json)
Hash identifier:          PndpLBWRuMNLeY6su/kdkp7ZWETwKhhIWxduHPLopoU=
Subject key identifier:   E1:5E:CA:70:B0:0D:E8:1E:F0:AF:13:15:3E:FA:6B:58:7F:BB:02:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       50D9242427DFC80D0490DCFD91713F0190358297
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0bfd803-ff17-4146-a35b-8824d41bfca6.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f69:6040::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:d9:24:24:27:df:c8:0d:04:90:dc:fd:91:71:3f:01:90:35:82:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=88d1dddf72306c9f0e85b4dbc9c48d3fa6049e77bb49c4c5656275a95b7e85eb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:18:15:30:a1:bd:67:23:19:89:41:5e:d8:fb:
                    c1:13:63:66:83:71:09:0e:4a:35:e4:62:d4:6e:67:
                    25:9c:f8:9e:3f:de:d6:4e:0a:5f:c4:ea:f6:2d:7f:
                    96:b1:08:6b:1e:23:05:7e:ea:1d:1c:dd:77:7e:5d:
                    2c:79:b7:72:e9:2d:e6:e2:a9:bd:3b:6d:d2:2d:2a:
                    61:db:b0:dd:89:49:f1:c1:9c:04:aa:a9:41:a4:0e:
                    0f:c0:92:8c:00:05:be:fd:9d:4a:e6:1a:76:ce:25:
                    3a:b2:8c:75:bc:02:cd:53:67:18:fd:3e:25:1f:ee:
                    fe:13:7b:1e:3c:db:f5:a3:3f:e2:84:a6:52:d9:9f:
                    36:bd:ef:26:6f:f4:0f:61:51:e6:05:42:32:f7:80:
                    78:22:48:69:ed:40:75:c3:ac:d2:d8:51:53:de:27:
                    34:e7:17:7a:4a:df:75:84:f1:5a:b6:ec:8c:a5:a6:
                    db:14:c9:7c:9c:c8:07:4d:43:ff:87:e4:51:8c:43:
                    5c:c9:f7:30:a8:d7:fa:83:a8:76:52:c7:d3:59:84:
                    b2:5e:a8:1f:6b:21:78:45:b1:83:7b:a2:2b:fb:67:
                    e6:aa:ac:5b:74:7e:54:72:47:0d:0f:5d:cd:57:4d:
                    be:82:1e:2c:eb:11:86:6e:23:ca:b8:5a:68:1c:9e:
                    21:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:5E:CA:70:B0:0D:E8:1E:F0:AF:13:15:3E:FA:6B:58:7F:BB:02:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0bfd803-ff17-4146-a35b-8824d41bfca6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:6040::/46

    Signature Algorithm: sha256WithRSAEncryption
         04:38:4a:ab:7b:f0:c8:f2:70:9d:64:6b:cb:a5:70:b3:6f:fc:
         35:03:88:cf:ec:9a:34:ee:89:45:35:91:60:eb:d9:ed:fa:42:
         aa:73:2b:3a:fd:18:93:d1:5d:8e:f3:91:4e:4f:0d:69:28:0a:
         61:c4:ec:3e:09:68:80:50:f9:49:8f:6b:6c:b0:78:59:84:e4:
         68:53:f4:41:65:88:53:45:34:5c:65:56:66:e9:00:1d:18:b0:
         51:1e:34:f5:cb:da:c4:df:e9:80:3b:a1:3c:e6:e8:a7:ed:00:
         89:f1:c4:67:d4:01:e4:21:c6:b7:73:aa:e5:56:7c:e1:d0:87:
         48:05:79:9f:f3:e7:7a:1f:48:6d:a0:2a:fe:9d:ea:39:72:0f:
         df:17:44:d1:42:ed:1d:fc:df:3b:48:df:ee:9e:f9:dd:75:67:
         9c:a3:f2:10:59:84:6a:14:58:22:2c:ea:d6:57:30:07:7b:7d:
         ce:cf:2f:d6:cc:2e:c8:49:04:c9:75:86:ba:31:b5:e9:55:62:
         ac:3d:8e:42:12:b8:3c:4c:a2:03:26:f6:bc:a0:3d:8a:d6:88:
         0a:66:2b:fc:87:8d:02:02:e3:aa:56:42:01:01:54:a6:f4:9f:
         5a:ac:dd:ac:8f:06:92:4b:ba:2b:5a:f2:3f:bd:cf:34:af:aa:
         32:a5:2e:f1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUNkkJCffyA0EkNz9kXE/AZA1gpcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OGQxZGRkZjcyMzA2YzlmMGU4NWI0ZGJjOWM0OGQzZmE2
MDQ5ZTc3YmI0OWM0YzU2NTYyNzVhOTViN2U4NWViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKGBUwob1nIxmJQV7Y+8ETY2aDcQkOSjXkYtRuZyWc+J4/
3tZOCl/E6vYtf5axCGseIwV+6h0c3Xd+XSx5t3LpLebiqb07bdItKmHbsN2JSfHB
nASqqUGkDg/AkowABb79nUrmGnbOJTqyjHW8As1TZxj9PiUf7v4Tex482/WjP+KE
plLZnza97yZv9A9hUeYFQjL3gHgiSGntQHXDrNLYUVPeJzTnF3pK33WE8Vq27Iyl
ptsUyXycyAdNQ/+H5FGMQ1zJ9zCo1/qDqHZSx9NZhLJeqB9rIXhFsYN7oiv7Z+aq
rFt0flRyRw0PXc1XTb6CHizrEYZuI8q4WmgcniG5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU4V7KcLAN6B7wrxMVPvprWH+7At0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwYmZkODAzLWZmMTctNDE0Ni1hMzViLTg4MjRkNDFiZmNhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9pYEAwDQYJKoZIhvcNAQELBQADggEBAAQ4Sqt78MjycJ1ka8ulcLNv
/DUDiM/smjTuiUU1kWDr2e36QqpzKzr9GJPRXY7zkU5PDWkoCmHE7D4JaIBQ+UmP
a2yweFmE5GhT9EFliFNFNFxlVmbpAB0YsFEeNPXL2sTf6YA7oTzm6KftAInxxGfU
AeQhxrdzquVWfOHQh0gFeZ/z53ofSG2gKv6d6jlyD98XRNFC7R383ztI3+6e+d11
Z5yj8hBZhGoUWCIs6tZXMAd7fc7PL9bMLshJBMl1hroxtelVYqw9jkISuDxMogMm
9rygPYrWiApmK/yHjQIC46pWQgEBVKb0n1qs3ayPBpJLuita8j+9zzSvqjKlLvE=
-----END CERTIFICATE-----