Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa
File:                     56527727-111d-4d4a-9da3-1e8d68e15a4c.roa (raw, json)
Hash identifier:          sIFWukR2A5EFM/dsYiJhj4QTuEgeZb0E78qq6lXXCPY=
Subject key identifier:   39:DB:44:ED:68:04:DD:D6:62:58:88:5F:F4:94:50:47:B1:2F:FC:EF
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6351B448CF34D6034CB5A7730AB6911716283A04
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:80::/44 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:51:b4:48:cf:34:d6:03:4c:b5:a7:73:0a:b6:91:17:16:28:3a:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=b309b42825038e3aa0271c9a468fa6984d1886ab2f08c7710c00197ae4df2e2e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:b7:3a:0e:b5:de:7e:e2:41:95:4f:94:d6:22:
                    6b:33:95:21:1d:11:68:c5:dd:4a:3d:4a:b5:55:94:
                    8e:0a:83:a5:b6:5e:b0:b4:73:65:04:08:4a:4f:73:
                    7c:ea:31:51:9b:fc:56:f6:4a:e5:9c:ff:d6:0b:00:
                    cd:74:3b:ad:a2:db:2b:f3:42:14:1b:e9:60:21:dc:
                    99:77:4e:14:48:99:40:87:0e:ba:6f:b8:30:da:64:
                    90:19:2c:0a:30:b8:6e:ba:15:c9:1b:c5:e8:5e:d4:
                    76:6d:f5:b8:36:cb:69:a3:9d:41:a0:45:10:88:74:
                    4f:ba:26:95:1d:19:57:76:ba:bf:76:62:5d:b0:33:
                    3d:84:24:48:40:1d:8c:7f:f5:58:37:f0:e8:75:e5:
                    b4:4f:b3:d7:30:af:d2:77:24:9b:ea:99:6d:f5:f2:
                    60:70:98:be:df:e7:7a:d3:f4:ee:07:12:da:05:97:
                    d6:a8:a6:78:f5:ab:24:87:a6:b5:b2:51:ec:3a:30:
                    52:02:90:b5:82:c6:ef:ca:27:ac:db:7d:d9:b4:ea:
                    ed:6f:3c:8f:80:e9:ef:63:fc:db:c3:48:74:2b:1b:
                    b6:5a:c7:44:08:9b:19:93:88:c4:fb:a8:5b:ee:69:
                    88:f7:53:af:7a:02:c9:b6:75:2f:66:1e:bd:8d:67:
                    e2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:DB:44:ED:68:04:DD:D6:62:58:88:5F:F4:94:50:47:B1:2F:FC:EF
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:80::/44

    Signature Algorithm: sha256WithRSAEncryption
         7c:21:90:65:b5:ab:fd:57:24:4c:44:13:5a:e0:27:31:06:05:
         83:bb:ee:5a:4c:8c:7f:fc:e4:9b:ff:e5:e2:e7:77:01:3e:58:
         99:c1:90:72:cb:fb:8b:94:11:8a:dd:ee:e8:d1:15:3e:50:6a:
         fb:dc:8f:26:a2:84:4f:1f:33:7b:7b:c7:ac:dd:24:12:62:c0:
         1e:0c:84:80:5e:2a:32:f7:ef:77:79:23:cf:6f:93:1f:af:ca:
         a9:0c:a0:67:97:e4:28:d6:04:44:68:1a:70:44:36:e6:64:eb:
         fa:ee:0b:f2:2e:e0:f9:33:d3:79:17:f0:92:38:7c:f2:ad:e5:
         a1:ee:e6:26:30:cd:f6:03:7f:7f:a9:63:c8:66:eb:cc:cf:9c:
         e8:02:7c:ae:08:a8:9d:22:d0:77:0e:d0:c0:4c:54:28:cc:0b:
         5b:a0:fc:e6:f7:8d:ca:6c:c0:7e:4a:3f:95:56:f9:03:48:e9:
         a0:c3:25:e3:d5:fc:57:4c:bd:74:62:ac:8d:b3:80:58:f3:f0:
         f3:53:51:84:28:39:69:49:3c:e7:20:8a:2f:34:fe:d0:29:59:
         2f:d2:27:68:d5:ce:61:e1:d8:88:ab:26:c2:57:04:87:6a:74:
         f2:1c:44:8d:d9:d5:be:33:87:df:0b:cf:b6:4d:bb:14:6e:83:
         b6:db:59:f1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY1G0SM801gNMtadzCraRFxYoOgQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzA5YjQyODI1MDM4ZTNhYTAyNzFjOWE0NjhmYTY5ODRk
MTg4NmFiMmYwOGM3NzEwYzAwMTk3YWU0ZGYyZTJlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDztzoOtd5+4kGVT5TWImszlSEdEWjF3Uo9SrVVlI4Kg6W2
XrC0c2UECEpPc3zqMVGb/Fb2SuWc/9YLAM10O62i2yvzQhQb6WAh3Jl3ThRImUCH
DrpvuDDaZJAZLAowuG66Fckbxehe1HZt9bg2y2mjnUGgRRCIdE+6JpUdGVd2ur92
Yl2wMz2EJEhAHYx/9Vg38Oh15bRPs9cwr9J3JJvqmW318mBwmL7f53rT9O4HEtoF
l9aopnj1qySHprWyUew6MFICkLWCxu/KJ6zbfdm06u1vPI+A6e9j/NvDSHQrG7Za
x0QImxmTiMT7qFvuaYj3U696Asm2dS9mHr2NZ+IHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOdtE7WgE3dZiWIhf9JRQR7Ev/O8wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzU2NTI3NzI3LTExMWQtNGQ0YS05ZGEzLTFlOGQ2OGUxNWE0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwAIAwDQYJKoZIhvcNAQELBQADggEBAHwhkGW1q/1XJExEE1rgJzEG
BYO77lpMjH/85Jv/5eLndwE+WJnBkHLL+4uUEYrd7ujRFT5QavvcjyaihE8fM3t7
x6zdJBJiwB4MhIBeKjL373d5I89vkx+vyqkMoGeX5CjWBERoGnBENuZk6/ruC/Iu
4Pkz03kX8JI4fPKt5aHu5iYwzfYDf3+pY8hm68zPnOgCfK4IqJ0i0HcO0MBMVCjM
C1ug/Ob3jcpswH5KP5VW+QNI6aDDJePV/FdMvXRirI2zgFjz8PNTUYQoOWlJPOcg
ii80/tApWS/SJ2jVzmHh2IirJsJXBIdqdPIcRI3Z1b4zh98Lz7ZNuxRug7bbWfE=
-----END CERTIFICATE-----