Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc3c50fc-4993-4c0f-8718-f66fc8fccce0.roa
File:                     bc3c50fc-4993-4c0f-8718-f66fc8fccce0.roa (raw, json)
Hash identifier:          Q1LdiJINTgB92YS3yPw/kp3gGhATisz5Fv8ukeMoZlw=
Subject key identifier:   D5:D3:D6:84:9A:FD:48:70:6D:7B:16:A6:0A:54:3E:6F:B1:BD:94:32
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       062708C31757CD594C626F2A1D6B6CA8A346CFC8
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc3c50fc-4993-4c0f-8718-f66fc8fccce0.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c11::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:27:08:c3:17:57:cd:59:4c:62:6f:2a:1d:6b:6c:a8:a3:46:cf:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: serialNumber=3ac67183641e3638646c3d5c7c094342c0c19f059214bc12c1940ebf02b396e6, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c9:f5:1e:65:41:a7:25:16:db:5d:0f:05:cf:
                    f1:33:a5:3d:28:69:9a:ba:43:6f:80:a5:93:82:ec:
                    50:df:fa:4e:18:03:47:6e:08:80:d4:bc:78:cb:a4:
                    7a:00:62:6c:a7:72:8f:a5:bc:da:0d:70:61:49:09:
                    f9:ae:8a:13:5c:4f:c6:c2:cb:9e:07:9e:2c:0a:91:
                    c0:79:e0:0c:08:7a:97:0e:04:92:54:27:29:92:58:
                    58:5a:a8:42:64:ae:7d:be:da:30:01:5a:11:1a:1a:
                    92:80:33:d4:a5:d9:7b:ba:42:e8:3b:f2:ec:c6:2a:
                    1f:8c:7d:e3:ba:14:29:b8:e2:3e:2b:71:f0:35:4a:
                    29:f0:00:44:72:aa:c7:e0:e9:60:a0:3b:1d:b8:f5:
                    1f:15:db:c0:7e:e9:99:2c:34:db:07:04:ba:d4:ab:
                    26:d0:88:ee:55:ff:d6:31:7d:7f:c9:97:08:70:7a:
                    03:82:49:c7:5e:dd:fd:07:18:8d:b8:83:7d:bd:78:
                    38:a0:41:a2:e2:a1:8b:67:74:3a:e2:e8:63:5d:d6:
                    15:42:54:d7:8b:74:a2:4e:cc:bb:12:c3:41:09:3c:
                    48:4b:0e:1a:e5:e1:29:88:29:5e:53:6e:69:72:39:
                    7f:34:c1:48:a8:5c:87:de:0b:30:d0:bb:c1:e5:3f:
                    1c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D3:D6:84:9A:FD:48:70:6D:7B:16:A6:0A:54:3E:6F:B1:BD:94:32
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc3c50fc-4993-4c0f-8718-f66fc8fccce0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c11::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:d2:5d:06:69:5b:44:a9:9d:4f:3b:25:c0:de:89:6d:bb:ce:
         51:56:af:63:d1:6d:a8:23:01:d9:c1:2e:cd:5a:db:25:1f:20:
         21:9b:0c:98:61:28:8f:a3:d7:43:39:05:4d:f0:d9:35:a1:86:
         dc:d8:42:74:9f:98:e2:3d:43:2f:25:94:de:6c:f9:fa:32:20:
         88:51:6a:5e:82:66:62:02:e3:8c:aa:f3:c1:02:f6:c4:81:bd:
         b0:fc:16:1c:dd:ae:75:2b:d3:c2:17:64:4d:a6:7b:3b:b6:47:
         ac:cd:a3:2b:22:b6:91:1e:9a:58:78:c2:ee:fb:51:fc:bb:60:
         3a:6e:74:ac:ca:f5:30:c5:b7:3c:5b:5a:50:24:c8:f5:cf:f2:
         64:af:f1:58:30:f5:13:dd:a7:9a:64:b2:58:9a:1d:95:f0:4b:
         46:af:4c:65:de:89:36:cc:f1:85:ee:17:2f:35:68:c6:a3:2d:
         65:8d:dc:8b:0b:02:40:65:b6:34:f6:f9:33:58:5a:2a:00:0a:
         7a:fe:f8:e4:a5:b2:80:ed:78:61:07:40:e3:08:20:46:ca:dd:
         51:ef:a1:01:88:98:a3:f2:e4:9b:da:a2:1b:56:56:a8:af:f3:
         ae:3b:be:8a:c4:f7:12:4d:74:a8:cb:07:2f:aa:6d:39:21:59:
         00:ef:0c:b2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBicIwxdXzVlMYm8qHWtsqKNGz8gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWM2NzE4MzY0MWUzNjM4NjQ2YzNkNWM3YzA5NDM0MmMw
YzE5ZjA1OTIxNGJjMTJjMTk0MGViZjAyYjM5NmU2MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgyfUeZUGnJRbbXQ8Fz/EzpT0oaZq6Q2+ApZOC7FDf+k4Y
A0duCIDUvHjLpHoAYmynco+lvNoNcGFJCfmuihNcT8bCy54HniwKkcB54AwIepcO
BJJUJymSWFhaqEJkrn2+2jABWhEaGpKAM9Sl2Xu6Qug78uzGKh+MfeO6FCm44j4r
cfA1SinwAERyqsfg6WCgOx249R8V28B+6ZksNNsHBLrUqybQiO5V/9YxfX/Jlwhw
egOCScde3f0HGI24g329eDigQaLioYtndDri6GNd1hVCVNeLdKJOzLsSw0EJPEhL
Dhrl4SmIKV5TbmlyOX80wUioXIfeCzDQu8HlPxyzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU1dPWhJr9SHBtexamClQ+b7G9lDIwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2JjM2M1MGZjLTQ5OTMtNGMwZi04NzE4LWY2NmZjOGZjY2NlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBEwDQYJKoZIhvcNAQELBQADggEBAArSXQZpW0SpnU87JcDeiW27
zlFWr2PRbagjAdnBLs1a2yUfICGbDJhhKI+j10M5BU3w2TWhhtzYQnSfmOI9Qy8l
lN5s+foyIIhRal6CZmIC44yq88EC9sSBvbD8FhzdrnUr08IXZE2mezu2R6zNoysi
tpEemlh4wu77Ufy7YDpudKzK9TDFtzxbWlAkyPXP8mSv8Vgw9RPdp5pksliaHZXw
S0avTGXeiTbM8YXuFy81aMajLWWN3IsLAkBltjT2+TNYWioACnr++OSlsoDteGEH
QOMIIEbK3VHvoQGImKPy5JvaohtWVqiv8647vorE9xJNdKjLBy+qbTkhWQDvDLI=
-----END CERTIFICATE-----