Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1550332d-5bb8-49e9-8b4d-5938de6455c1.roa
File:                     1550332d-5bb8-49e9-8b4d-5938de6455c1.roa (raw, json)
Hash identifier:          sqqw21/JMTkDvObFwzeuomxF5qyTRIviw00blAnzCtw=
Subject key identifier:   C8:E0:0B:1E:41:87:C2:53:B1:FA:9F:B7:AA:06:C8:C9:C1:D6:D3:1E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       458A65E638E8A1E73D61D8EE00788B0E483324CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1550332d-5bb8-49e9-8b4d-5938de6455c1.roa
Signing time:             Tue 04 Mar 2025 16:51:42 +0000
ROA not before:           Tue 04 Mar 2025 16:51:42 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f28:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:8a:65:e6:38:e8:a1:e7:3d:61:d8:ee:00:78:8b:0e:48:33:24:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar  4 16:51:42 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4f:a8:aa:15:df:ca:09:e4:a0:e1:32:a9:a0:
                    dd:a1:e2:ae:70:c6:43:30:30:10:55:d7:99:41:81:
                    9a:ff:3d:9b:54:63:6e:3a:86:b0:4e:7a:6d:08:71:
                    c5:30:cb:c8:3f:93:93:46:a7:38:ef:cf:a3:96:4b:
                    7f:30:bb:9a:8a:e8:e3:ef:5b:d1:3f:32:9a:b8:0d:
                    6a:fc:18:97:7a:1f:d9:fa:50:50:49:c7:8c:bd:72:
                    e2:57:b0:54:7a:05:6e:72:7c:9a:93:7f:2d:cf:d0:
                    2b:ab:29:fa:42:3c:8e:be:ba:63:d0:23:8e:34:f2:
                    b3:b0:11:c4:40:76:47:cc:ed:6d:cd:29:b4:5c:c9:
                    3a:38:f3:81:82:77:24:6f:09:8d:af:ca:75:13:b6:
                    dc:60:de:26:20:5e:79:c9:8c:62:df:c1:0b:1e:25:
                    90:74:9e:46:b8:d8:28:50:34:84:5d:ff:b2:86:a5:
                    7d:c0:96:1b:14:2f:3d:60:78:f9:b2:c3:ea:93:eb:
                    3b:b4:5f:73:86:b2:d4:aa:36:49:55:59:b5:e5:d4:
                    73:45:5a:25:4e:c0:f0:55:93:c5:8f:d9:fb:91:7c:
                    a0:f5:5f:d5:6c:39:e8:77:6e:4f:19:83:1c:06:d0:
                    a1:2e:02:49:a4:45:a9:6c:fd:cd:53:1b:c2:5c:8f:
                    71:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:E0:0B:1E:41:87:C2:53:B1:FA:9F:B7:AA:06:C8:C9:C1:D6:D3:1E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1550332d-5bb8-49e9-8b4d-5938de6455c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f28:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         9e:db:8c:35:7a:6c:71:9c:de:aa:e4:18:9d:28:f2:e7:09:5c:
         bd:df:33:4b:ba:ca:59:74:aa:ae:15:5f:cd:b8:cc:ad:22:89:
         05:7f:10:20:ef:ea:bf:5a:49:8c:05:d4:41:91:ce:ea:c0:6d:
         94:09:e9:ae:25:10:42:f0:cb:43:01:b9:9e:6c:45:f1:8e:00:
         54:df:2a:50:09:5b:1c:f3:25:ed:b5:dd:7b:31:29:1e:6a:73:
         66:a5:48:42:d3:be:2a:e5:59:1d:7a:c5:87:26:87:66:75:4f:
         90:59:14:cf:6e:f8:2e:62:9e:1e:82:61:bb:68:a7:b9:c0:4f:
         bc:cf:9d:65:4f:12:38:b8:38:58:f4:3f:cb:d7:5e:88:bb:e0:
         14:89:5a:0b:d0:3d:d2:4f:35:aa:c2:56:50:29:e8:c8:aa:30:
         6a:84:10:6b:4f:37:75:c4:98:ef:00:3f:ce:72:6c:35:d6:2e:
         bd:da:a4:88:24:f0:47:0b:18:55:18:c0:c7:09:f6:b7:ec:8a:
         e4:1c:96:42:6c:69:09:92:0b:3c:05:cb:49:4c:77:9f:22:f4:
         f7:33:25:6b:66:c5:32:be:50:bd:6c:e4:72:60:8e:78:85:62:
         03:f9:c0:96:e2:b2:65:35:78:34:98:ed:87:da:a4:a3:c9:3d:
         21:4a:4d:2b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIURYpl5jjooec9YdjuAHiLDkgzJMswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA0MTY1MTQyWhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDlhNjlhZjRkOTQ0ODgyMGUyZDdmODZmZGNhNzRhZjEx
MmRmM2RlZTc2NjgwOWQzMDAzOTZmZmQ5YmU4Zjk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJT6iqFd/KCeSg4TKpoN2h4q5wxkMwMBBV15lBgZr/PZtU
Y246hrBOem0IccUwy8g/k5NGpzjvz6OWS38wu5qK6OPvW9E/Mpq4DWr8GJd6H9n6
UFBJx4y9cuJXsFR6BW5yfJqTfy3P0CurKfpCPI6+umPQI4408rOwEcRAdkfM7W3N
KbRcyTo484GCdyRvCY2vynUTttxg3iYgXnnJjGLfwQseJZB0nka42ChQNIRd/7KG
pX3AlhsULz1gePmyw+qT6zu0X3OGstSqNklVWbXl1HNFWiVOwPBVk8WP2fuRfKD1
X9VsOeh3bk8ZgxwG0KEuAkmkRals/c1TG8Jcj3H1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUyOALHkGHwlOx+p+3qgbIycHW0x4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1NTAzMzJkLTViYjgtNDllOS04YjRkLTU5MzhkZTY0NTVjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8ogDANBgkqhkiG9w0BAQsFAAOCAQEAntuMNXpscZzequQYnSjy5wlc
vd8zS7rKWXSqrhVfzbjMrSKJBX8QIO/qv1pJjAXUQZHO6sBtlAnpriUQQvDLQwG5
nmxF8Y4AVN8qUAlbHPMl7bXdezEpHmpzZqVIQtO+KuVZHXrFhyaHZnVPkFkUz274
LmKeHoJhu2inucBPvM+dZU8SOLg4WPQ/y9deiLvgFIlaC9A90k81qsJWUCnoyKow
aoQQa083dcSY7wA/znJsNdYuvdqkiCTwRwsYVRjAxwn2t+yK5ByWQmxpCZILPAXL
SUx3nyL09zMla2bFMr5QvWzkcmCOeIViA/nAluKyZTV4NJjth9qko8k9IUpNKw==
-----END CERTIFICATE-----