Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7b6397-da3e-4200-b1ce-12e54cef37a4.roa
File:                     ae7b6397-da3e-4200-b1ce-12e54cef37a4.roa (raw, json)
Hash identifier:          bSIAmMe4xrgLTUi0b0vf6jUTRxcGA42H4R5ECFkUjNY=
Subject key identifier:   87:3C:F7:4E:23:65:5A:EC:88:8E:1C:A7:EF:B8:6D:C5:F4:A5:F7:01
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D6D4394AC8E31D93C3F4A7B2A95A9D47A66E0FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7b6397-da3e-4200-b1ce-12e54cef37a4.roa
Signing time:             Fri 28 Mar 2025 15:01:17 +0000
ROA not before:           Fri 28 Mar 2025 15:01:17 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f69:80a0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:6d:43:94:ac:8e:31:d9:3c:3f:4a:7b:2a:95:a9:d4:7a:66:e0:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 15:01:17 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:22:50:a0:74:53:31:d4:e8:16:16:29:f2:16:
                    24:c2:d9:c8:da:b2:fb:23:63:b8:44:1f:28:9f:09:
                    01:7d:cd:ed:07:d1:e8:57:4b:c8:33:d1:a0:55:46:
                    a2:0e:73:02:e2:c8:fc:92:50:9e:f0:e6:1d:9b:2d:
                    02:93:1f:0d:e2:d5:8c:80:44:27:d7:f2:67:3c:11:
                    70:c8:d8:7c:56:10:de:2d:a4:d3:ba:72:44:3c:8c:
                    3e:34:8d:50:2d:5a:b6:9d:f0:f9:b2:bd:8b:fb:67:
                    bb:51:8b:9d:a5:e9:40:8a:76:39:18:93:95:00:8d:
                    40:10:62:5f:c2:35:a7:6f:8f:b2:25:79:84:42:78:
                    af:dd:8d:b2:37:a9:97:49:6b:77:73:71:39:8f:44:
                    4b:6b:58:48:09:7c:66:48:5e:bd:9a:98:bc:ad:54:
                    82:2f:81:d1:17:1b:77:d4:df:1d:8c:87:1c:bc:c7:
                    a8:aa:4f:8b:55:00:92:55:6c:a5:f3:ae:be:a2:43:
                    98:e8:e4:47:56:b9:b4:ac:bd:2f:9b:87:dd:d7:3d:
                    9a:bc:b3:b7:fc:34:8e:b7:7d:2c:be:56:e4:05:da:
                    19:12:ba:af:ab:e0:9c:df:3c:90:9d:c5:a2:fb:de:
                    61:85:af:49:7c:4b:ea:74:1d:fc:35:02:e3:2e:a6:
                    38:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:3C:F7:4E:23:65:5A:EC:88:8E:1C:A7:EF:B8:6D:C5:F4:A5:F7:01
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7b6397-da3e-4200-b1ce-12e54cef37a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:80a0::/46

    Signature Algorithm: sha256WithRSAEncryption
         15:35:23:d6:d4:01:77:5c:ce:88:13:19:0e:92:50:eb:cf:8f:
         d9:dc:5f:05:4b:b0:ee:62:27:f6:e5:f8:da:c2:ef:c8:52:04:
         f0:d7:8b:3d:48:fe:56:0c:3f:a8:6c:b0:1b:c7:e4:3e:c8:a5:
         fe:ba:a6:e6:41:93:e7:45:8e:b6:e7:16:fb:50:85:9f:13:a4:
         21:b7:19:dc:3c:11:39:c6:e0:4d:2c:96:4b:6e:bb:cf:bf:e8:
         30:4f:4e:d2:bf:18:e3:fe:e7:93:79:8f:e1:e6:a0:09:1b:ec:
         78:67:81:f6:92:6c:7c:83:6a:15:ae:bf:76:d4:e6:c6:8e:3c:
         8c:ac:8b:c3:a3:3f:10:d0:78:aa:63:88:7b:45:48:45:b3:25:
         83:e9:fc:0f:76:0b:c8:6f:3d:71:97:71:48:6e:e7:e8:d0:62:
         9f:8a:05:8d:1b:9b:07:89:75:25:2c:1f:a1:23:34:b9:e2:80:
         d1:f9:d7:68:b0:06:ad:78:69:e3:5a:8d:78:1c:7a:47:dd:32:
         25:d6:f8:39:16:b2:a9:8e:1c:25:e7:ef:ad:fe:b3:e8:64:57:
         2b:58:f6:ad:44:de:8f:eb:a6:eb:e2:59:a5:db:72:d7:af:2a:
         45:5e:74:fe:0e:20:49:c6:3a:a3:11:a8:2a:a9:51:10:a2:8d:
         cf:c0:24:3f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTW1DlKyOMdk8P0p7KpWp1Hpm4P0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTUwMTE3WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzI1NjU2NWEwMGI3ODM2YWNhZjMyYmEwMmZmZmY2NTY4
OTRkZWY2NjA1ZWZiYTRhZDcyNTQ2ZTI0ZmQwNzBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClIlCgdFMx1OgWFinyFiTC2cjasvsjY7hEHyifCQF9ze0H
0ehXS8gz0aBVRqIOcwLiyPySUJ7w5h2bLQKTHw3i1YyARCfX8mc8EXDI2HxWEN4t
pNO6ckQ8jD40jVAtWrad8PmyvYv7Z7tRi52l6UCKdjkYk5UAjUAQYl/CNadvj7Il
eYRCeK/djbI3qZdJa3dzcTmPREtrWEgJfGZIXr2amLytVIIvgdEXG3fU3x2Mhxy8
x6iqT4tVAJJVbKXzrr6iQ5jo5EdWubSsvS+bh93XPZq8s7f8NI63fSy+VuQF2hkS
uq+r4JzfPJCdxaL73mGFr0l8S+p0Hfw1AuMupjgFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhzz3TiNlWuyIjhyn77htxfSl9wEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlN2I2Mzk3LWRhM2UtNDIwMC1iMWNlLTEyZTU0Y2VmMzdhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9pgKAwDQYJKoZIhvcNAQELBQADggEBABU1I9bUAXdczogTGQ6SUOvP
j9ncXwVLsO5iJ/bl+NrC78hSBPDXiz1I/lYMP6hssBvH5D7Ipf66puZBk+dFjrbn
FvtQhZ8TpCG3Gdw8ETnG4E0slktuu8+/6DBPTtK/GOP+55N5j+HmoAkb7HhngfaS
bHyDahWuv3bU5saOPIysi8OjPxDQeKpjiHtFSEWzJYPp/A92C8hvPXGXcUhu5+jQ
Yp+KBY0bmweJdSUsH6EjNLnigNH512iwBq14aeNajXgcekfdMiXW+DkWsqmOHCXn
763+s+hkVytY9q1E3o/rpuviWaXbctevKkVedP4OIEnGOqMRqCqpURCijc/AJD8=
-----END CERTIFICATE-----