Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa
File:                     334d7931-2517-4a77-808a-686c04c88234.roa (raw, json)
Hash identifier:          6jiQ98HUUXaYgiyWWaFijgYkhNVaSUt9XEC3xEolP+M=
Subject key identifier:   3B:29:01:AB:82:45:14:3F:CE:B6:B8:90:E3:4A:FA:94:E9:E9:07:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       47813977BFE356B4946C64F8D783F15C17767553
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa
Signing time:             Fri 21 Mar 2025 00:11:46 +0000
ROA not before:           Fri 21 Mar 2025 00:11:46 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff5:c000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:81:39:77:bf:e3:56:b4:94:6c:64:f8:d7:83:f1:5c:17:76:75:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 21 00:11:46 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:76:3b:dc:49:64:17:8d:3c:44:51:dc:bd:ef:
                    56:8b:3f:e0:d2:a3:18:57:84:89:ab:57:f7:a5:24:
                    c8:b7:f7:4f:10:c1:1a:0e:2f:b3:63:76:bd:34:b9:
                    61:e4:01:b2:ff:19:ef:5b:ee:c8:3b:94:0d:db:a5:
                    b4:87:39:bc:cd:e4:dc:62:31:a2:1a:2e:d2:b5:70:
                    f5:aa:99:ee:47:88:90:60:b8:0f:b6:5c:28:dc:6f:
                    a8:f1:fe:5b:b4:af:24:fd:0b:c7:97:9e:b1:3d:52:
                    db:e7:ea:a7:b6:42:ce:4f:36:9b:20:ba:14:21:4a:
                    8c:56:27:30:41:eb:06:d1:45:81:4a:2c:f6:64:a6:
                    f9:ed:30:17:87:2c:0a:48:d3:a1:08:ff:2b:71:08:
                    5b:4f:d4:aa:6f:9a:ea:c0:5a:16:88:58:1f:1c:bf:
                    70:c2:79:2c:b7:67:c3:47:0b:3b:9d:eb:f2:50:de:
                    da:c0:a3:50:ce:3a:52:a8:ab:ab:b2:69:60:0c:7c:
                    b2:63:54:d5:cf:fc:9b:34:a0:3c:e7:ad:12:8e:57:
                    02:2d:2b:53:84:40:bf:be:2e:4b:ae:43:33:04:b6:
                    74:f6:e9:e2:f4:fa:82:bc:2e:c5:1c:e0:33:d1:e1:
                    f6:a5:c5:c5:92:ec:6c:08:b7:85:b5:1a:26:e9:4f:
                    a0:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:29:01:AB:82:45:14:3F:CE:B6:B8:90:E3:4A:FA:94:E9:E9:07:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff5:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2b:91:4c:46:de:53:2b:8c:1e:c7:b8:31:55:0f:41:cd:3d:be:
         49:1c:a6:b2:78:54:b3:1c:e9:90:8b:d8:73:41:fe:60:b1:46:
         e6:57:a3:ec:45:59:1f:ec:57:ee:e5:e9:0c:1e:37:8d:9a:0b:
         3e:ca:a6:6c:21:1e:f8:1c:b4:42:5b:72:4f:a9:e2:e0:5e:94:
         8d:0f:6f:da:96:7d:aa:69:ea:4e:61:c5:a5:b1:56:42:4e:35:
         11:1b:1c:ae:99:89:0e:0a:b1:e9:04:fc:7b:35:2a:26:8a:5b:
         e1:16:57:43:6e:41:6c:f2:8c:12:35:4c:4e:3c:b8:d8:d1:e0:
         75:e7:19:75:ae:c7:c7:e3:ea:48:07:46:9e:22:79:97:90:d5:
         59:c2:33:ec:2b:0d:94:bb:05:19:6a:36:b1:b9:0f:e2:8b:f2:
         00:8f:ce:93:49:d2:ce:48:f9:8e:d9:34:f5:fe:38:db:cc:f6:
         79:66:9d:b1:08:b0:25:0e:5b:23:65:23:45:2c:73:1d:8d:d2:
         1b:91:29:8d:c2:84:38:12:aa:9d:53:aa:37:c8:b5:77:d5:93:
         d9:e7:d2:c4:8e:c0:82:ec:6d:38:c2:ae:6d:0d:34:ac:f9:71:
         4e:b0:b7:f1:87:14:99:45:2b:86:d6:9d:47:6a:ea:2a:7a:8c:
         34:3c:8c:e8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUR4E5d7/jVrSUbGT414PxXBd2dVMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAxMTQ2WhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2FiNDgxZjU3Y2YxMzhjY2E2MGIxZmI4OWQ3YjkyOTQ1
YTVjMWZmZjViN2JmMmZhYzQ5ODRhMTRmMmMyODMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsdjvcSWQXjTxEUdy971aLP+DSoxhXhImrV/elJMi3908Q
wRoOL7Njdr00uWHkAbL/Ge9b7sg7lA3bpbSHObzN5NxiMaIaLtK1cPWqme5HiJBg
uA+2XCjcb6jx/lu0ryT9C8eXnrE9Utvn6qe2Qs5PNpsguhQhSoxWJzBB6wbRRYFK
LPZkpvntMBeHLApI06EI/ytxCFtP1KpvmurAWhaIWB8cv3DCeSy3Z8NHCzud6/JQ
3trAo1DOOlKoq6uyaWAMfLJjVNXP/Js0oDznrRKOVwItK1OEQL++LkuuQzMEtnT2
6eL0+oK8LsUc4DPR4falxcWS7GwIt4W1GibpT6CZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUOykBq4JFFD/OtriQ40r6lOnpB5kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzNGQ3OTMxLTI1MTctNGE3Ny04MDhhLTY4NmMwNGM4ODIzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/1wDANBgkqhkiG9w0BAQsFAAOCAQEAK5FMRt5TK4wex7gxVQ9BzT2+
SRymsnhUsxzpkIvYc0H+YLFG5lej7EVZH+xX7uXpDB43jZoLPsqmbCEe+By0Qlty
T6ni4F6UjQ9v2pZ9qmnqTmHFpbFWQk41ERscrpmJDgqx6QT8ezUqJopb4RZXQ25B
bPKMEjVMTjy42NHgdecZda7Hx+PqSAdGniJ5l5DVWcIz7CsNlLsFGWo2sbkP4ovy
AI/Ok0nSzkj5jtk09f4428z2eWadsQiwJQ5bI2UjRSxzHY3SG5EpjcKEOBKqnVOq
N8i1d9WT2efSxI7AguxtOMKubQ00rPlxTrC38YcUmUUrhtadR2rqKnqMNDyM6A==
-----END CERTIFICATE-----