Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
File:                     dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa (raw, json)
Hash identifier:          iRnbfBkBNac+KbWzovT61+Za48QaPZIkPWNGiCI1L7o=
Subject key identifier:   95:2F:DE:BD:B0:F1:D8:28:62:B1:53:61:3A:17:3F:7E:1F:9D:E4:FC
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7B59B39DD0195201E424BAEA639EB97BB6443395
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:544::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:59:b3:9d:d0:19:52:01:e4:24:ba:ea:63:9e:b9:7b:b6:44:33:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=cf11176615c0429aa631dd2a220a60211e14f2de7e1b33115d25b812835d07c7, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4e:6e:14:e5:87:70:b8:95:6b:92:a2:fd:af:
                    0e:be:12:63:de:72:1b:a8:73:7c:bb:2f:d2:cc:61:
                    74:3c:ec:e5:50:e4:b5:79:54:89:7a:93:b9:ac:f0:
                    57:43:03:45:f0:2f:42:b7:e7:72:34:f7:8e:3b:b1:
                    08:b1:3e:c1:f8:71:7e:49:31:ea:cd:45:59:8e:fd:
                    0f:c8:b8:fe:d8:85:1a:39:46:ba:1e:08:a4:bd:0d:
                    94:c4:57:8c:2b:d2:bf:c6:1f:13:f2:4a:9e:ed:42:
                    3d:47:53:dc:e6:12:f3:9e:80:d1:de:05:c7:a4:b8:
                    29:c0:f6:98:fa:e0:63:d2:08:8d:db:b6:af:5f:a5:
                    91:84:9e:0a:2b:9d:4c:63:59:da:ea:f6:0a:0b:cd:
                    cc:b6:da:74:76:2b:d9:13:27:b0:d8:70:65:82:cc:
                    e2:e2:f7:49:60:28:ed:36:17:65:d4:6a:14:58:34:
                    c5:bb:72:30:e8:ce:1f:d9:38:c0:10:99:33:9c:37:
                    2d:aa:07:4a:3c:39:e6:d7:0f:ee:f9:ae:1c:fa:48:
                    f7:f8:63:cc:c0:25:ad:28:fe:e3:e3:df:06:96:c9:
                    f3:ea:f9:ef:34:c4:14:b5:6a:ae:e5:e5:d3:e0:01:
                    31:ac:34:e8:f1:05:55:09:af:e4:f4:ec:7a:b4:68:
                    a1:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2F:DE:BD:B0:F1:D8:28:62:B1:53:61:3A:17:3F:7E:1F:9D:E4:FC
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:544::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:18:ad:c7:81:7e:81:db:6d:a8:0e:7b:f1:5c:f4:f3:39:99:
         eb:a8:c2:2c:4f:30:da:1b:bb:46:95:42:36:10:c5:1f:88:a5:
         fe:5b:bf:8b:c6:74:b1:6b:0c:28:90:ca:85:93:73:39:ba:e2:
         6f:95:36:ad:fc:78:f9:b9:03:9a:27:ac:b9:f9:8b:60:60:5b:
         c5:a1:35:12:5a:e6:78:e3:11:01:e5:9c:e1:df:36:7b:e7:62:
         72:67:6b:9c:42:71:e4:4a:a0:49:6e:3e:5a:7a:c0:9e:d9:22:
         0e:a5:f4:18:14:e2:44:fb:ae:75:53:d4:e9:a9:64:5b:51:d5:
         a1:88:34:62:49:c5:f5:5f:b0:2d:23:ea:48:8d:29:06:79:bd:
         33:3c:f1:26:12:44:3c:19:b6:12:85:de:a5:58:31:ad:ec:fa:
         68:bf:0e:7e:99:7a:53:91:da:52:09:20:99:57:75:23:37:bd:
         6a:f6:16:39:1d:24:78:31:40:01:82:df:5b:ee:8f:9c:0f:41:
         58:a7:05:4b:30:2d:aa:e4:89:6d:43:85:85:63:30:4c:3f:4a:
         70:eb:53:ee:7f:8b:6b:6f:d7:af:f9:e1:be:f3:00:16:1f:34:
         ea:f8:d0:df:ad:df:10:76:9c:ba:e1:a5:08:ae:c9:d4:1f:df:
         53:9f:f8:81
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUe1mzndAZUgHkJLrqY565e7ZEM5UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjExMTc2NjE1YzA0MjlhYTYzMWRkMmEyMjBhNjAyMTFl
MTRmMmRlN2UxYjMzMTE1ZDI1YjgxMjgzNWQwN2M3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSTm4U5YdwuJVrkqL9rw6+EmPechuoc3y7L9LMYXQ87OVQ
5LV5VIl6k7ms8FdDA0XwL0K353I09447sQixPsH4cX5JMerNRVmO/Q/IuP7YhRo5
RroeCKS9DZTEV4wr0r/GHxPySp7tQj1HU9zmEvOegNHeBcekuCnA9pj64GPSCI3b
tq9fpZGEngornUxjWdrq9goLzcy22nR2K9kTJ7DYcGWCzOLi90lgKO02F2XUahRY
NMW7cjDozh/ZOMAQmTOcNy2qB0o8OebXD+75rhz6SPf4Y8zAJa0o/uPj3waWyfPq
+e80xBS1aq7l5dPgATGsNOjxBVUJr+T07Hq0aKGbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlS/evbDx2ChisVNhOhc/fh+d5PwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RkNmY4OTIzLWJhMGItNDA3ZC1hOWU4LThjODMyNTgzYTBkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUQwDQYJKoZIhvcNAQELBQADggEBABEYrceBfoHbbagOe/Fc9PM5
meuowixPMNobu0aVQjYQxR+Ipf5bv4vGdLFrDCiQyoWTczm64m+VNq38ePm5A5on
rLn5i2BgW8WhNRJa5njjEQHlnOHfNnvnYnJna5xCceRKoEluPlp6wJ7ZIg6l9BgU
4kT7rnVT1OmpZFtR1aGINGJJxfVfsC0j6kiNKQZ5vTM88SYSRDwZthKF3qVYMa3s
+mi/Dn6ZelOR2lIJIJlXdSM3vWr2FjkdJHgxQAGC31vuj5wPQVinBUswLarkiW1D
hYVjMEw/SnDrU+5/i2tv16/54b7zABYfNOr40N+t3xB2nLrhpQiuydQf31Of+IE=
-----END CERTIFICATE-----