Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1f5f9d8-13d5-4429-89a1-a2ff4d8f83bb.roa
File:                     d1f5f9d8-13d5-4429-89a1-a2ff4d8f83bb.roa (raw, json)
Hash identifier:          I7xPSA1gAAf0119PIUPRD4PEqcrgQrT9HVlTIm6JS70=
Subject key identifier:   C5:A2:43:7E:03:BC:23:71:1A:55:63:B4:1B:32:37:7D:AB:75:92:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1C7549204FCCF0E71FB663F11CA5C4E1A7924019
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1f5f9d8-13d5-4429-89a1-a2ff4d8f83bb.roa
Signing time:             Fri 28 Mar 2025 17:10:32 +0000
ROA not before:           Fri 28 Mar 2025 17:10:32 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1d:4800::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:75:49:20:4f:cc:f0:e7:1f:b6:63:f1:1c:a5:c4:e1:a7:92:40:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 17:10:32 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:cd:a2:e1:d7:f4:26:e0:80:68:e8:06:e8:b5:
                    6a:9c:1c:c2:a8:1c:8d:bf:d9:98:f5:84:59:06:61:
                    bc:0a:ef:7a:c9:3d:b7:bb:06:e4:2c:2f:8e:2d:0b:
                    b4:c8:ea:ac:06:26:69:1e:f2:ea:ae:ff:f6:2f:ac:
                    92:60:ae:ee:ff:db:3b:31:6e:89:04:e6:97:42:c7:
                    1c:f3:93:4c:49:0b:8f:7b:a6:2f:94:75:8f:be:7e:
                    44:01:22:6a:49:b3:86:18:b1:bd:1a:b8:0e:07:99:
                    05:33:c9:c0:8b:10:e6:1b:4e:31:81:53:cc:6f:a6:
                    15:0e:7c:96:ee:af:c8:73:6f:ab:7a:1d:31:40:e3:
                    51:bd:97:c1:76:6f:b2:ea:db:36:0e:f0:c2:fe:c1:
                    d4:f0:6b:91:14:be:9a:64:0a:5c:8f:1c:58:15:23:
                    02:70:5f:df:1a:72:43:17:f9:70:aa:31:97:eb:72:
                    0d:5c:18:bc:f4:fb:0c:09:ff:6c:41:eb:17:5e:e9:
                    93:17:9c:a6:89:0c:45:ed:dc:db:fc:20:f8:44:97:
                    6b:96:8b:21:d2:53:0e:70:8a:67:8f:42:43:c5:1d:
                    81:d3:de:a4:64:f8:08:cd:a0:62:c2:67:a1:8c:e7:
                    f5:36:e3:6d:c4:5d:92:d4:7d:af:9a:5c:71:db:88:
                    42:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A2:43:7E:03:BC:23:71:1A:55:63:B4:1B:32:37:7D:AB:75:92:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1f5f9d8-13d5-4429-89a1-a2ff4d8f83bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1d:4800::/37

    Signature Algorithm: sha256WithRSAEncryption
         46:52:4a:1b:16:1a:9e:6a:75:85:64:59:cf:9d:f9:fc:8a:bf:
         31:7f:42:eb:5c:94:98:19:e1:24:50:8c:4e:10:4b:e7:fd:bf:
         4b:46:f1:67:97:2b:f2:46:85:72:06:a0:aa:5e:26:db:ab:d6:
         84:5b:1e:dd:aa:0a:e4:dd:e4:ad:c5:ed:7f:3b:4f:b7:71:4e:
         8a:93:37:75:f4:ab:3d:7e:f7:f2:47:a5:4e:66:37:c2:97:20:
         93:c6:9a:9c:e9:89:95:5f:f4:aa:f7:f2:42:d6:0f:2c:2a:70:
         0f:54:db:b1:aa:f1:20:90:a2:4e:27:b4:e9:cc:a4:a5:a5:ea:
         43:e1:b4:c7:a0:86:66:e9:3b:b9:05:0b:37:c3:cd:b1:2a:b3:
         38:2b:64:f5:0a:18:8a:f4:1a:d2:f1:29:bd:63:f2:9d:13:b8:
         85:55:f1:2c:dc:71:50:5f:9d:d8:1a:04:f1:ff:c8:b1:a7:f7:
         62:5e:6d:25:ad:73:b2:b2:b0:11:3b:3c:a5:86:44:bb:fc:a4:
         c3:7c:11:da:4e:b0:74:9f:0b:30:af:85:4d:62:a4:9f:26:d8:
         a5:68:54:80:9d:0c:67:64:60:2b:55:4b:bf:47:22:f8:15:f3:
         32:d2:d5:96:d8:93:0d:3e:a5:67:24:48:65:b7:58:df:e5:3d:
         56:0f:ca:60
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHHVJIE/M8OcftmPxHKXE4aeSQBkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTcxMDMyWhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWQyN2M2NWYzMDY3MzM0MDk4MzM1NWZkZWQ4M2VmYWQ0
ODczZTE4YjU0ZGJhOWE1NTUxNjFmMDY2OWY5ZjdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHzaLh1/Qm4IBo6AbotWqcHMKoHI2/2Zj1hFkGYbwK73rJ
Pbe7BuQsL44tC7TI6qwGJmke8uqu//YvrJJgru7/2zsxbokE5pdCxxzzk0xJC497
pi+UdY++fkQBImpJs4YYsb0auA4HmQUzycCLEOYbTjGBU8xvphUOfJbur8hzb6t6
HTFA41G9l8F2b7Lq2zYO8ML+wdTwa5EUvppkClyPHFgVIwJwX98ackMX+XCqMZfr
cg1cGLz0+wwJ/2xB6xde6ZMXnKaJDEXt3Nv8IPhEl2uWiyHSUw5wimePQkPFHYHT
3qRk+AjNoGLCZ6GM5/U2423EXZLUfa+aXHHbiEJrAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUxaJDfgO8I3EaVWO0GzI3fat1krgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxZjVmOWQ4LTEzZDUtNDQyOS04OWExLWEyZmY0ZDhmODNiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8dSDANBgkqhkiG9w0BAQsFAAOCAQEARlJKGxYanmp1hWRZz535/Iq/
MX9C61yUmBnhJFCMThBL5/2/S0bxZ5cr8kaFcgagql4m26vWhFse3aoK5N3krcXt
fztPt3FOipM3dfSrPX738kelTmY3wpcgk8aanOmJlV/0qvfyQtYPLCpwD1Tbsarx
IJCiTie06cykpaXqQ+G0x6CGZuk7uQULN8PNsSqzOCtk9QoYivQa0vEpvWPynRO4
hVXxLNxxUF+d2BoE8f/Isaf3Yl5tJa1zsrKwETs8pYZEu/ykw3wR2k6wdJ8LMK+F
TWKknybYpWhUgJ0MZ2RgK1VLv0ci+BXzMtLVltiTDT6lZyRIZbdY3+U9Vg/KYA==
-----END CERTIFICATE-----