Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf237dc6-5609-4c66-b845-64bc07b0d376.roa
File:                     cf237dc6-5609-4c66-b845-64bc07b0d376.roa (raw, json)
Hash identifier:          fasCG3SaBxNuEhnwvPn6PMNHGuqUkoY6W/xqQURVRvo=
Subject key identifier:   1C:A1:D4:AD:03:D7:AE:A9:0E:2E:2A:E6:94:DF:80:D2:66:DF:72:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4BE8331C4F9440916034D0B27EF1D0EC5387D772
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf237dc6-5609-4c66-b845-64bc07b0d376.roa
Signing time:             Fri 28 Mar 2025 16:00:26 +0000
ROA not before:           Fri 28 Mar 2025 16:00:26 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffb:34c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:e8:33:1c:4f:94:40:91:60:34:d0:b2:7e:f1:d0:ec:53:87:d7:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 16:00:26 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:73:78:4d:fc:e9:1e:e7:75:20:99:37:53:b3:
                    93:9c:b5:3b:2f:4a:a3:be:d8:6c:3d:6c:89:3d:a1:
                    51:3d:75:a6:c7:21:0d:ad:3f:e7:f4:ab:a9:14:0c:
                    3d:35:25:bf:29:39:52:01:79:fd:78:f6:19:92:ed:
                    ab:51:8a:8a:76:57:66:7e:3e:5b:5a:c8:0e:8c:90:
                    ec:1a:0c:f7:32:6f:b3:f0:a7:c3:3e:54:77:bd:55:
                    5a:f2:1f:bf:9a:27:48:f2:34:c1:fb:68:be:81:4b:
                    d8:14:a0:5a:02:42:ed:8b:bf:d5:42:37:3f:b3:69:
                    3f:5d:7d:97:67:14:dc:22:a1:28:c0:ca:ae:40:54:
                    f9:ca:93:56:f6:70:b5:79:00:c4:d2:96:cc:c1:22:
                    76:b9:06:e5:d1:15:06:49:2a:df:16:03:aa:5b:12:
                    41:ca:d6:fd:4e:1d:09:5f:31:f8:c3:13:6f:70:9b:
                    6d:42:e4:a9:36:1e:54:f9:c6:e7:f9:a6:16:ce:39:
                    67:19:53:41:be:82:e8:d7:3a:ec:33:85:9a:37:11:
                    a0:7d:51:22:f5:4d:5f:5d:81:4e:8d:2d:6d:28:a5:
                    d6:01:22:a6:16:e0:8e:1b:02:26:f1:46:1b:7d:c9:
                    15:68:9b:cd:88:06:fe:a4:5b:d9:5b:e8:43:ce:c3:
                    93:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A1:D4:AD:03:D7:AE:A9:0E:2E:2A:E6:94:DF:80:D2:66:DF:72:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf237dc6-5609-4c66-b845-64bc07b0d376.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffb:34c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         71:ab:7e:42:69:5c:91:f4:cb:16:ff:1d:0f:59:65:c3:74:b7:
         9f:43:97:ba:0b:db:c7:37:db:33:2f:1b:5f:92:01:56:76:55:
         27:c7:1f:f6:b4:18:17:d0:8b:61:a0:84:30:73:51:d0:0f:ad:
         57:c9:51:f5:04:c4:c1:8d:17:6d:01:1c:a2:4b:bc:c9:34:20:
         89:8a:f7:06:95:50:9c:5b:53:b7:23:e6:9a:a7:dd:24:e2:09:
         7b:df:cc:14:27:16:bf:c1:08:d3:e9:2d:9e:38:db:fe:4b:c0:
         0c:3f:18:a3:10:0d:7e:f4:80:ed:1f:fa:70:dc:19:f8:85:46:
         7b:24:19:c4:bb:ee:89:95:d9:be:97:cc:09:43:6d:98:d2:13:
         bf:49:a8:f9:eb:e2:65:cf:05:08:15:0e:94:3b:0d:6b:32:a3:
         9b:22:be:8d:22:3d:4c:d2:dd:13:d0:31:53:d2:50:19:a4:b2:
         c0:b6:0f:b5:c9:4e:cf:f6:1c:e6:38:63:a1:f2:e3:14:d1:8b:
         2f:92:8b:2a:f2:be:d5:e9:82:7c:a3:c1:73:e6:de:d7:ed:51:
         f7:6e:2a:cd:95:96:1d:ed:7f:af:7a:cb:06:5d:18:86:e2:2a:
         90:39:58:4b:44:68:a5:d0:35:94:e4:92:f1:0b:de:75:7f:34:
         2f:68:e2:2c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUS+gzHE+UQJFgNNCyfvHQ7FOH13IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTYwMDI2WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzAzMTcxZTQ5ZWFkZGVlOTk4NTNlMWMxNDA5ODQ1YmNl
MWRmYmM0YWNjNTdmMzRhMDAyZWI0ZTljNWMxODkyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5c3hN/Oke53UgmTdTs5OctTsvSqO+2Gw9bIk9oVE9dabH
IQ2tP+f0q6kUDD01Jb8pOVIBef149hmS7atRiop2V2Z+PltayA6MkOwaDPcyb7Pw
p8M+VHe9VVryH7+aJ0jyNMH7aL6BS9gUoFoCQu2Lv9VCNz+zaT9dfZdnFNwioSjA
yq5AVPnKk1b2cLV5AMTSlszBIna5BuXRFQZJKt8WA6pbEkHK1v1OHQlfMfjDE29w
m21C5Kk2HlT5xuf5phbOOWcZU0G+gujXOuwzhZo3EaB9USL1TV9dgU6NLW0opdYB
IqYW4I4bAibxRht9yRVom82IBv6kW9lb6EPOw5MzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHKHUrQPXrqkOLirmlN+A0mbfchowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmMjM3ZGM2LTU2MDktNGM2Ni1iODQ1LTY0YmMwN2IwZDM3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/7NMAwDQYJKoZIhvcNAQELBQADggEBAHGrfkJpXJH0yxb/HQ9ZZcN0
t59Dl7oL28c32zMvG1+SAVZ2VSfHH/a0GBfQi2GghDBzUdAPrVfJUfUExMGNF20B
HKJLvMk0IImK9waVUJxbU7cj5pqn3STiCXvfzBQnFr/BCNPpLZ442/5LwAw/GKMQ
DX70gO0f+nDcGfiFRnskGcS77omV2b6XzAlDbZjSE79JqPnr4mXPBQgVDpQ7DWsy
o5sivo0iPUzS3RPQMVPSUBmkssC2D7XJTs/2HOY4Y6Hy4xTRiy+SiyryvtXpgnyj
wXPm3tftUfduKs2Vlh3tf696ywZdGIbiKpA5WEtEaKXQNZTkkvEL3nV/NC9o4iw=
-----END CERTIFICATE-----