Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4adba974-018c-4b87-bad4-37870bafff6a.roa
File:                     4adba974-018c-4b87-bad4-37870bafff6a.roa (raw, json)
Hash identifier:          z34vIG0dSPcqUTGMzzeRGVrJNwRzZ5+h0+JEdLwUg0w=
Subject key identifier:   5D:19:C2:37:42:7D:80:BE:83:9B:43:C7:C0:DA:32:E3:42:5C:67:D7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7FEF33224220E7652A85F2A6FF2C94AC11C5E088
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4adba974-018c-4b87-bad4-37870bafff6a.roa
Signing time:             Fri 28 Mar 2025 00:50:17 +0000
ROA not before:           Fri 28 Mar 2025 00:50:17 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:e080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:ef:33:22:42:20:e7:65:2a:85:f2:a6:ff:2c:94:ac:11:c5:e0:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 00:50:17 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d9:70:70:5f:ec:7c:d9:d4:c2:43:14:3d:d2:
                    d4:f0:b6:7c:7f:46:58:df:6a:f3:73:f6:d2:3c:92:
                    d7:e3:5f:12:db:ea:18:b3:fe:a2:9e:b7:ee:bb:06:
                    bb:3a:c7:f0:72:09:7b:c1:00:4f:f9:33:69:a8:f9:
                    f9:c2:b2:1a:b9:b2:67:84:d0:4d:fa:d1:2f:c3:ca:
                    5d:e2:c7:50:56:ee:76:ca:27:d2:c8:7a:70:ef:91:
                    34:ba:e0:46:df:d8:13:fc:84:4b:2f:5c:70:d7:55:
                    15:20:5d:d4:f6:8f:7f:36:7d:a3:16:46:fb:1b:e1:
                    dc:71:94:52:d8:0f:4b:a1:ce:01:8a:b1:dd:84:d0:
                    ce:1f:a4:02:e6:02:90:72:15:83:10:a4:5a:8b:dd:
                    72:8b:9a:16:b6:d9:2f:63:6d:a0:fc:a9:0d:20:3c:
                    62:ef:dc:dd:23:4e:7e:ca:7a:6f:21:fd:4e:ae:f3:
                    d9:40:f8:c8:02:30:07:9e:10:ea:23:13:d5:e9:83:
                    7e:3a:8e:c7:a2:52:bc:8b:5e:9c:22:00:44:b9:fa:
                    b2:20:cc:af:07:47:81:d7:e6:36:77:53:c1:01:79:
                    4a:0d:b3:0f:23:27:81:e7:95:cc:11:ff:f3:2d:be:
                    41:79:1d:32:c8:0c:1d:44:88:0d:8b:d9:a6:a7:3e:
                    4a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:19:C2:37:42:7D:80:BE:83:9B:43:C7:C0:DA:32:E3:42:5C:67:D7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4adba974-018c-4b87-bad4-37870bafff6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:e080::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:0b:67:be:15:49:59:47:e8:a7:55:d2:f0:3c:2b:45:ff:1b:
         7c:95:08:e5:67:a0:53:af:cf:0e:9a:85:8a:b8:b3:db:3d:27:
         49:fd:5d:35:63:fd:e9:b2:f9:62:f7:8c:02:c4:f6:8c:74:c2:
         2b:53:c2:72:11:85:08:2a:53:f4:b4:08:5c:7c:95:e5:34:16:
         c9:5f:ff:33:5f:af:b2:07:53:18:46:b2:21:fa:e6:1b:f7:3a:
         c4:45:25:c0:60:eb:2c:36:13:c8:c5:f8:60:a5:d2:ea:1b:94:
         f5:cc:1a:ac:55:39:fd:be:50:da:03:0c:4e:7a:7b:c9:48:60:
         c8:ae:80:c6:34:70:06:ec:49:9d:57:35:d9:fc:de:34:65:4f:
         94:5d:ce:06:7a:80:69:1d:00:d2:89:da:fd:f5:7e:f2:6f:e6:
         0c:59:15:46:35:93:91:69:df:5c:3a:74:65:eb:72:e1:29:5b:
         3c:c2:87:9b:82:9e:b6:72:3d:87:df:05:f6:e6:c6:20:00:47:
         a1:d4:d5:60:d3:e4:a1:2d:ff:27:39:69:67:e3:23:98:57:23:
         40:f1:59:8b:c3:15:b9:a9:69:e6:06:31:5c:cb:70:d1:84:2e:
         2e:d5:1d:93:88:ca:da:f7:48:a6:a9:2c:f2:cd:2b:b8:0d:da:
         66:7e:b9:d3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUf+8zIkIg52UqhfKm/yyUrBHF4IgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MDA1MDE3WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OTJhOWFmM2E3ZDYwYzk0Yjg0ZTAyN2Q0NTdlM2ExNGU3
OGZmZDMwMTQ4ZTM1N2Q2MGMxMjk4MzE0M2ZiOWUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCE2XBwX+x82dTCQxQ90tTwtnx/RljfavNz9tI8ktfjXxLb
6hiz/qKet+67Brs6x/ByCXvBAE/5M2mo+fnCshq5smeE0E360S/Dyl3ix1BW7nbK
J9LIenDvkTS64Ebf2BP8hEsvXHDXVRUgXdT2j382faMWRvsb4dxxlFLYD0uhzgGK
sd2E0M4fpALmApByFYMQpFqL3XKLmha22S9jbaD8qQ0gPGLv3N0jTn7Kem8h/U6u
89lA+MgCMAeeEOojE9Xpg346jseiUryLXpwiAES5+rIgzK8HR4HX5jZ3U8EBeUoN
sw8jJ4HnlcwR//MtvkF5HTLIDB1EiA2L2aanPkqpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXRnCN0J9gL6Dm0PHwNoy40JcZ9cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhZGJhOTc0LTAxOGMtNGI4Ny1iYWQ0LTM3ODcwYmFmZmY2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//4IAwDQYJKoZIhvcNAQELBQADggEBACgLZ74VSVlH6KdV0vA8K0X/
G3yVCOVnoFOvzw6ahYq4s9s9J0n9XTVj/emy+WL3jALE9ox0witTwnIRhQgqU/S0
CFx8leU0Fslf/zNfr7IHUxhGsiH65hv3OsRFJcBg6yw2E8jF+GCl0uoblPXMGqxV
Of2+UNoDDE56e8lIYMiugMY0cAbsSZ1XNdn83jRlT5RdzgZ6gGkdANKJ2v31fvJv
5gxZFUY1k5Fp31w6dGXrcuEpWzzCh5uCnrZyPYffBfbmxiAAR6HU1WDT5KEt/yc5
aWfjI5hXI0DxWYvDFbmpaeYGMVzLcNGELi7VHZOIytr3SKapLPLNK7gN2mZ+udM=
-----END CERTIFICATE-----