Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa
File:                     b93398ae-736f-4632-95ed-fd5f6d517f9d.roa (raw, json)
Hash identifier:          d8Jj2gi4fXk22qEeVPlftBufKKDRMgTUu5H9+wlHg9M=
Subject key identifier:   0D:9E:F9:60:7D:67:02:04:E9:DD:A5:C6:2A:BD:F8:5B:D1:8D:29:32
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       28AB00C46DC90E86ECF0C01F3BFAFC4B2C680A6B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa
Signing time:             Wed 26 Mar 2025 00:10:30 +0000
ROA not before:           Wed 26 Mar 2025 00:10:30 +0000
ROA not after:            Wed 30 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:8020::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:ab:00:c4:6d:c9:0e:86:ec:f0:c0:1f:3b:fa:fc:4b:2c:68:0a:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 26 00:10:30 2025 GMT
            Not After : Apr 30 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:35:79:5f:03:60:e4:7e:f6:ff:fb:51:85:c6:
                    56:c2:62:ed:27:09:1c:fa:e9:88:8c:11:41:8e:55:
                    41:69:86:d4:1a:e7:06:11:cd:a2:6f:56:5f:b4:93:
                    be:a7:8b:4b:cb:99:a8:86:45:84:9b:1a:80:6b:c3:
                    3e:9e:b0:59:d1:ed:6a:e9:24:cd:fc:15:da:8b:46:
                    6e:c2:2d:55:f7:19:5a:52:33:73:b6:88:c0:f1:a2:
                    b0:8f:62:13:44:f9:4e:02:ad:63:8e:b7:67:5f:5c:
                    7f:78:f5:84:b1:8a:91:84:49:44:1b:37:f5:34:07:
                    26:91:92:0e:98:1d:43:48:82:94:7b:54:1d:ac:54:
                    22:ed:a2:ba:13:0f:c2:3b:c6:d5:12:21:fc:62:20:
                    e8:19:d5:b8:0b:47:37:ac:fb:d9:50:f5:1b:b4:a1:
                    31:74:bf:bf:ba:92:c3:3d:e7:96:26:c1:86:ec:41:
                    64:5d:b1:51:df:30:73:59:fe:ef:88:02:59:c2:63:
                    7d:29:d6:b7:07:9e:09:91:79:fa:10:16:b4:4c:63:
                    e2:45:84:8b:02:f4:a3:07:2a:e1:ec:16:2f:96:0f:
                    eb:11:b0:2e:be:70:e9:24:4b:bd:85:4c:0d:c7:7c:
                    99:29:23:0f:b8:48:28:40:51:8a:c5:29:df:95:10:
                    a7:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9E:F9:60:7D:67:02:04:E9:DD:A5:C6:2A:BD:F8:5B:D1:8D:29:32
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b93398ae-736f-4632-95ed-fd5f6d517f9d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:8020::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:05:bd:b8:c0:c8:57:ea:75:1b:33:d4:5d:59:f4:dd:48:58:
         85:ea:23:67:93:c6:a1:37:61:0a:b4:26:85:2b:8d:ad:d0:f6:
         db:65:a4:c7:52:83:c2:eb:85:86:cb:53:13:54:8c:07:d0:5d:
         2c:82:c0:bd:dc:78:49:f9:a1:4c:f2:fe:e2:2d:28:24:c7:99:
         64:1c:57:f0:2a:ea:70:cb:af:6c:da:3d:3d:d5:72:cf:d0:ef:
         76:e3:14:db:5f:95:1e:f3:08:1c:05:24:c0:c2:f8:3a:4b:d2:
         86:a3:ad:7c:12:cd:e6:2f:06:35:8d:72:0d:d8:47:70:be:9a:
         f7:b3:19:35:da:69:3f:7a:d2:0f:13:ab:7e:77:fd:f7:b7:2e:
         c1:fa:9b:08:78:c4:a1:8f:0c:bd:9d:c5:04:4e:c3:b9:d1:ed:
         52:3f:14:3b:c5:53:2b:26:08:38:b5:85:c9:2e:ca:e1:67:d8:
         99:0b:33:cf:d8:87:c5:f9:15:8c:a9:78:73:3a:93:58:4c:2f:
         07:69:f4:8b:7f:ff:d1:fc:fa:6c:b0:fe:c7:5a:e4:ce:84:09:
         0d:1f:ba:cd:3d:b0:af:eb:da:62:b1:84:6e:b3:8b:8c:58:d3:
         bd:2f:6e:ed:1e:7e:b1:c1:ee:62:4a:c3:60:34:67:ec:6e:1c:
         b5:63:44:7a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUKKsAxG3JDobs8MAfO/r8SyxoCmswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI2MDAxMDMwWhcNMjUwNDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNjdmYzcyYmE0NTJmZTBiZjYyOTE5Y2NjNDhlZWVkYTVh
MTZjMmE2ZGZjNWIxYWNlNGMwYTYwNTU2MTU5OGJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwNXlfA2Dkfvb/+1GFxlbCYu0nCRz66YiMEUGOVUFphtQa
5wYRzaJvVl+0k76ni0vLmaiGRYSbGoBrwz6esFnR7WrpJM38FdqLRm7CLVX3GVpS
M3O2iMDxorCPYhNE+U4CrWOOt2dfXH949YSxipGESUQbN/U0ByaRkg6YHUNIgpR7
VB2sVCLtoroTD8I7xtUSIfxiIOgZ1bgLRzes+9lQ9Ru0oTF0v7+6ksM955YmwYbs
QWRdsVHfMHNZ/u+IAlnCY30p1rcHngmRefoQFrRMY+JFhIsC9KMHKuHsFi+WD+sR
sC6+cOkkS72FTA3HfJkpIw+4SChAUYrFKd+VEKfhAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDZ75YH1nAgTp3aXGKr34W9GNKTIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5MzM5OGFlLTczNmYtNDYzMi05NWVkLWZkNWY2ZDUxN2Y5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gCAwDQYJKoZIhvcNAQELBQADggEBAAgFvbjAyFfqdRsz1F1Z9N1I
WIXqI2eTxqE3YQq0JoUrja3Q9ttlpMdSg8LrhYbLUxNUjAfQXSyCwL3ceEn5oUzy
/uItKCTHmWQcV/Aq6nDLr2zaPT3Vcs/Q73bjFNtflR7zCBwFJMDC+DpL0oajrXwS
zeYvBjWNcg3YR3C+mvezGTXaaT960g8Tq353/fe3LsH6mwh4xKGPDL2dxQROw7nR
7VI/FDvFUysmCDi1hckuyuFn2JkLM8/Yh8X5FYypeHM6k1hMLwdp9It//9H8+myw
/sda5M6ECQ0fus09sK/r2mKxhG6zi4xY070vbu0efrHB7mJKw2A0Z+xuHLVjRHo=
-----END CERTIFICATE-----