Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
File:                     82d434d3-74fc-47a3-89ec-ed37a23ae562.roa (raw, json)
Hash identifier:          uMI+vDZSP5KxYW6A/5reNuNVoDaiR6sh/nU/2/uELbc=
Subject key identifier:   27:E8:64:C7:38:45:5F:A5:81:95:9F:86:F3:F4:20:33:51:06:DE:69
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1313AE47EBBA61C4803336D0608758D85CA571F9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
Signing time:             Sat 15 Mar 2025 00:21:44 +0000
ROA not before:           Sat 15 Mar 2025 00:21:44 +0000
ROA not after:            Sat 19 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f22:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:13:ae:47:eb:ba:61:c4:80:33:36:d0:60:87:58:d8:5c:a5:71:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 15 00:21:44 2025 GMT
            Not After : Apr 19 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8f:8f:11:6e:9f:b8:21:ce:49:68:b4:85:c4:
                    e2:3d:0d:97:92:fb:21:e7:72:5a:cc:49:bc:8b:1d:
                    27:ca:04:c9:11:fa:36:d1:9e:43:da:25:bc:fe:ca:
                    4d:c7:5d:a8:2b:ac:ad:eb:a3:e6:17:44:7b:d8:bd:
                    3b:b1:64:1b:dd:0f:f6:7a:b1:59:6d:31:8c:2f:27:
                    3b:68:2e:02:f0:1f:dc:6c:41:e2:02:a9:47:45:53:
                    3e:83:84:52:a1:03:f5:bc:14:f4:f3:aa:d4:ed:f2:
                    0b:b9:65:d6:cf:a6:b9:60:8a:63:1a:6f:57:f6:d9:
                    b6:4c:27:87:a1:75:05:db:b9:62:38:fd:df:0f:26:
                    37:50:7b:36:f9:36:79:d3:5b:c1:d7:83:eb:5f:65:
                    d5:a3:6b:33:e9:eb:16:f1:8a:9d:73:d6:d5:06:bd:
                    34:a5:20:b6:3e:bd:4a:ca:23:5d:af:37:5c:16:2c:
                    c2:20:19:a0:60:e0:02:96:98:c8:90:50:d4:d5:47:
                    c3:45:78:6f:b6:54:5d:bc:32:5f:0b:36:1b:e2:24:
                    b9:f7:88:20:e4:7d:51:4c:f1:c5:55:32:a7:0f:fd:
                    c5:a1:9f:d3:a4:00:17:88:ee:67:77:ee:92:a7:f6:
                    5c:c9:c1:20:22:40:14:c2:f0:85:7d:39:b3:a7:a8:
                    8a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E8:64:C7:38:45:5F:A5:81:95:9F:86:F3:F4:20:33:51:06:DE:69
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f22:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7d:02:71:47:54:8c:ab:e0:82:c1:ec:1e:3a:42:70:8c:f9:01:
         e4:b1:01:94:a8:27:a1:0d:2a:5c:25:a9:c7:c6:52:d5:77:e5:
         06:4e:25:c2:37:52:1d:0c:06:fa:af:83:be:e8:2a:7d:44:7a:
         2e:bd:11:2e:2f:a2:6e:68:0a:b7:48:ea:ed:7f:12:09:8a:db:
         0d:f1:be:8a:75:c5:50:f9:91:9f:66:cd:2a:c4:f2:c6:d9:df:
         66:6d:1f:77:87:bd:0a:00:16:82:3d:ab:c9:24:48:74:99:a8:
         60:6f:65:b4:46:88:29:a8:56:cf:60:ee:68:8e:2c:29:03:94:
         78:b5:3f:31:37:9b:15:fa:fe:fd:95:51:f2:07:b7:40:46:09:
         2a:f0:e9:45:ab:d8:fe:bf:6c:47:80:c3:93:27:03:90:84:59:
         18:22:f7:b3:7c:26:73:f7:44:7e:15:cd:53:17:b9:7a:2b:cc:
         ac:0e:c3:35:04:b7:17:cf:ae:48:28:a1:a1:6d:41:5c:4a:e5:
         b2:08:97:ce:6c:11:e8:53:1b:58:e0:04:9b:76:65:ed:37:90:
         80:4e:6c:c6:97:37:e2:0e:c0:1d:be:65:40:74:bc:96:6c:66:
         41:d8:a2:90:07:14:32:bb:2a:bf:ac:2d:13:ad:01:f2:1a:cd:
         03:f9:68:b9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUExOuR+u6YcSAMzbQYIdY2FylcfkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAyMTQ0WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTJkYTU5MmU2MWFmMTBmZTJkMWUzNzg3ZDQ3Y2RhNjZm
YmVjMTgyYzE2OGQ3MWJiZmUwN2YxNWM3NGU3OGNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9j48Rbp+4Ic5JaLSFxOI9DZeS+yHnclrMSbyLHSfKBMkR
+jbRnkPaJbz+yk3HXagrrK3ro+YXRHvYvTuxZBvdD/Z6sVltMYwvJztoLgLwH9xs
QeICqUdFUz6DhFKhA/W8FPTzqtTt8gu5ZdbPprlgimMab1f22bZMJ4ehdQXbuWI4
/d8PJjdQezb5NnnTW8HXg+tfZdWjazPp6xbxip1z1tUGvTSlILY+vUrKI12vN1wW
LMIgGaBg4AKWmMiQUNTVR8NFeG+2VF28Ml8LNhviJLn3iCDkfVFM8cVVMqcP/cWh
n9OkABeI7md37pKn9lzJwSAiQBTC8IV9ObOnqIrXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJ+hkxzhFX6WBlZ+G8/QgM1EG3mkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZDQzNGQzLTc0ZmMtNDdhMy04OWVjLWVkMzdhMjNhZTU2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8igDANBgkqhkiG9w0BAQsFAAOCAQEAfQJxR1SMq+CCweweOkJwjPkB
5LEBlKgnoQ0qXCWpx8ZS1XflBk4lwjdSHQwG+q+DvugqfUR6Lr0RLi+ibmgKt0jq
7X8SCYrbDfG+inXFUPmRn2bNKsTyxtnfZm0fd4e9CgAWgj2rySRIdJmoYG9ltEaI
KahWz2DuaI4sKQOUeLU/MTebFfr+/ZVR8ge3QEYJKvDpRavY/r9sR4DDkycDkIRZ
GCL3s3wmc/dEfhXNUxe5eivMrA7DNQS3F8+uSCihoW1BXErlsgiXzmwR6FMbWOAE
m3Zl7TeQgE5sxpc34g7AHb5lQHS8lmxmQdiikAcUMrsqv6wtE60B8hrNA/louQ==
-----END CERTIFICATE-----