Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa
File:                     5e77afe0-ddc1-4f2b-9478-c081cd335706.roa (raw, json)
Hash identifier:          IaFI61ntOvqecRiT1cf07oXijyPSiasvlu9pP3Hh7zM=
Subject key identifier:   57:89:B9:0B:76:B7:11:2C:9A:2A:DC:EC:67:FE:0C:8B:AC:A0:16:E6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5234133F6E79A2FEE58FF006E67994AD79078E5B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa
Signing time:             Fri 28 Mar 2025 15:40:28 +0000
ROA not before:           Fri 28 Mar 2025 15:40:28 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:60a0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:34:13:3f:6e:79:a2:fe:e5:8f:f0:06:e6:79:94:ad:79:07:8e:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 15:40:28 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9e:76:9c:8e:44:34:18:b8:0d:5b:3b:bb:10:
                    9a:8f:22:ef:7f:14:bd:06:03:14:43:6b:d3:f0:3c:
                    3f:11:4c:61:74:d7:40:ad:e3:7e:63:80:4a:34:98:
                    88:6f:4d:25:bf:8c:2c:ce:58:35:a3:ef:1c:4e:b9:
                    25:af:c7:dd:0c:b8:fe:eb:96:ac:8f:2b:9d:63:71:
                    eb:7c:71:9d:98:8b:fe:41:38:36:fa:fe:e2:61:fe:
                    02:00:0c:a6:16:f2:27:54:48:89:64:76:86:83:a1:
                    40:60:d2:9c:cf:ed:a5:91:99:b0:e6:b7:79:df:91:
                    62:f6:05:b6:93:62:46:9a:ff:50:e2:b5:93:2b:09:
                    40:a8:6d:1b:a0:20:05:32:48:64:b3:4d:bf:bb:57:
                    cb:37:8e:a3:23:41:d1:22:e6:68:ea:41:46:c8:3f:
                    e0:c0:25:18:f1:a5:bf:13:97:0f:e3:dc:03:54:19:
                    28:a2:ad:bd:10:65:3d:f0:e2:7c:e0:df:4f:63:c3:
                    ec:aa:23:7c:63:19:4d:83:b3:3b:d2:a7:46:5f:8b:
                    9b:59:08:2b:cb:f2:85:36:20:d6:62:27:45:b9:1c:
                    30:3e:1e:0b:be:02:7b:3a:41:95:8a:65:b3:c8:74:
                    ba:bf:b2:51:62:1c:11:7a:e0:f8:0c:44:df:59:64:
                    3b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:89:B9:0B:76:B7:11:2C:9A:2A:DC:EC:67:FE:0C:8B:AC:A0:16:E6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:60a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         3a:09:fe:5e:e8:71:2e:ad:ec:66:8f:8b:1e:44:f1:99:ee:01:
         3d:6a:ea:72:b0:d4:4c:29:7f:bd:b5:29:1d:fb:34:09:dd:16:
         15:b6:d2:18:73:ca:27:9f:08:c6:22:4f:43:04:41:56:41:58:
         c8:24:e7:81:ec:70:22:97:0e:2b:99:37:de:07:34:21:70:13:
         9b:bf:b6:57:6f:51:f1:99:51:0e:19:f7:54:75:14:3d:b3:38:
         79:46:22:c5:5a:04:d4:5e:a2:28:06:d4:3c:e9:66:3e:62:98:
         c9:f0:5c:22:bb:d6:8c:54:c7:7e:e4:cf:9f:03:ce:71:c6:61:
         bf:a9:bb:36:ca:37:18:91:6b:18:5a:cc:90:44:63:d2:a0:93:
         c4:41:26:58:1c:4d:65:00:3f:f0:61:ea:e2:a8:96:4c:37:e2:
         f5:9e:6d:fe:b2:77:88:8a:e1:46:bd:d8:f7:bf:97:31:85:67:
         02:36:39:fc:cd:c8:c8:49:1e:73:ff:eb:6b:81:4f:8d:b4:28:
         51:f8:5a:45:00:d6:b4:5e:14:16:cd:f9:a0:fc:32:2c:b2:62:
         6d:ae:b2:59:6f:7a:37:c3:9a:e3:9c:21:3a:d9:e1:f3:fd:c4:
         92:e9:3d:50:03:27:b5:cd:69:94:d0:72:33:b8:08:83:63:d7:
         79:61:cd:bf
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUjQTP255ov7lj/AG5nmUrXkHjlswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTU0MDI4WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDAwZWE2MWMzYWE3YzY0OWE1OGNjODdjMjE0NWZhYWYz
MGJjODdkNGFjZGQ2ZjZjOGFkMWNjNTFhOWUyYzhjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNnnacjkQ0GLgNWzu7EJqPIu9/FL0GAxRDa9PwPD8RTGF0
10Ct435jgEo0mIhvTSW/jCzOWDWj7xxOuSWvx90MuP7rlqyPK51jcet8cZ2Yi/5B
ODb6/uJh/gIADKYW8idUSIlkdoaDoUBg0pzP7aWRmbDmt3nfkWL2BbaTYkaa/1Di
tZMrCUCobRugIAUySGSzTb+7V8s3jqMjQdEi5mjqQUbIP+DAJRjxpb8Tlw/j3ANU
GSiirb0QZT3w4nzg309jw+yqI3xjGU2DszvSp0Zfi5tZCCvL8oU2INZiJ0W5HDA+
Hgu+Ans6QZWKZbPIdLq/slFiHBF64PgMRN9ZZDt/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUV4m5C3a3ESyaKtzsZ/4Mi6ygFuYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlNzdhZmUwLWRkYzEtNGYyYi05NDc4LWMwODFjZDMzNTcwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//YKAwDQYJKoZIhvcNAQELBQADggEBADoJ/l7ocS6t7GaPix5E8Znu
AT1q6nKw1Ewpf721KR37NAndFhW20hhzyiefCMYiT0MEQVZBWMgk54HscCKXDiuZ
N94HNCFwE5u/tldvUfGZUQ4Z91R1FD2zOHlGIsVaBNReoigG1DzpZj5imMnwXCK7
1oxUx37kz58DznHGYb+puzbKNxiRaxhazJBEY9Kgk8RBJlgcTWUAP/Bh6uKolkw3
4vWebf6yd4iK4Ua92Pe/lzGFZwI2OfzNyMhJHnP/62uBT420KFH4WkUA1rReFBbN
+aD8MiyyYm2usllvejfDmuOcITrZ4fP9xJLpPVADJ7XNaZTQcjO4CINj13lhzb8=
-----END CERTIFICATE-----