Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2b0aeec-2d9a-4488-bb16-705df80ef403.roa
File:                     e2b0aeec-2d9a-4488-bb16-705df80ef403.roa (raw, json)
Hash identifier:          0E0AcLiGoh2L1Yz9tahe9NMFEyYTZBm3v+c9RaV55C4=
Subject key identifier:   A7:68:45:B2:72:EE:A1:27:A2:1C:F8:EB:B4:0E:9F:E1:72:36:98:0B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E8AFA1F44D7108A4D49E8E48ECCCD92AD8D8204
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2b0aeec-2d9a-4488-bb16-705df80ef403.roa
Signing time:             Fri 28 Mar 2025 15:40:25 +0000
ROA not before:           Fri 28 Mar 2025 15:40:25 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff4:6040::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:8a:fa:1f:44:d7:10:8a:4d:49:e8:e4:8e:cc:cd:92:ad:8d:82:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 15:40:25 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:68:d2:88:8f:d0:6a:9f:d2:f7:c0:30:6a:c4:
                    de:70:ba:1f:87:c6:fe:4e:ba:91:ef:7f:08:95:17:
                    4d:da:ff:e7:05:de:b4:b3:1f:5b:41:f7:cb:5b:4a:
                    d9:16:f6:8a:e8:c7:63:be:17:2c:aa:fd:1c:7e:ce:
                    97:73:16:04:b4:41:3c:b9:73:e3:b7:40:ef:72:ab:
                    ad:24:db:df:bd:0d:ea:2a:2a:14:b9:93:b0:18:ba:
                    36:df:26:c3:16:f3:0a:53:7e:1d:27:b7:e7:0b:76:
                    a1:90:06:55:1f:7d:d6:57:af:76:e2:7a:f3:f3:d6:
                    8a:af:5b:f7:cd:5d:da:d0:77:c1:fe:0e:6f:0f:82:
                    b1:9f:9a:05:07:9d:3c:6f:98:68:5a:07:7f:28:f2:
                    7e:4d:ef:73:40:b8:3f:f5:be:43:8d:d4:ee:c7:d7:
                    bd:6f:10:4b:74:40:5c:c6:18:e6:b2:78:21:df:6b:
                    f3:d3:36:7a:40:78:a0:02:4b:87:aa:ab:88:a9:6b:
                    1e:15:da:1d:4f:37:05:58:62:42:37:eb:25:a6:d3:
                    45:58:81:31:2a:bb:bc:7a:08:df:97:ff:8c:df:76:
                    8a:4f:33:05:c7:97:3f:7e:6f:4f:6c:6f:87:ae:72:
                    cb:13:be:c0:f4:cc:1a:03:66:d5:23:34:b4:27:d2:
                    3f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:68:45:B2:72:EE:A1:27:A2:1C:F8:EB:B4:0E:9F:E1:72:36:98:0B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2b0aeec-2d9a-4488-bb16-705df80ef403.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff4:6040::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:ae:b5:ee:2b:85:39:61:4b:12:d3:1d:fc:f7:dc:61:86:9b:
         54:06:7d:89:7d:48:27:06:f3:bc:2d:d8:61:44:e8:fb:58:d5:
         5b:03:b4:a2:ad:1c:7f:d3:4f:b3:76:b0:62:1c:97:e0:98:81:
         0a:42:dc:11:25:16:5a:d5:61:bf:89:51:e8:9e:fc:79:5e:4c:
         a4:64:cd:19:89:f8:29:2a:7c:7f:51:3a:ef:93:d9:f9:e0:82:
         bb:aa:de:fc:47:2d:36:22:c6:34:dd:ec:a9:91:23:ff:d8:84:
         15:45:0e:26:2e:92:dd:8c:47:97:36:a1:e4:e9:fb:7f:0f:cd:
         ec:09:d7:38:8c:ea:77:c8:6d:e2:da:8b:ef:66:4c:eb:5f:d1:
         7c:73:3d:0d:f8:52:aa:f1:b2:97:7c:49:4f:ca:80:ec:f6:04:
         01:86:58:0a:6e:b2:da:9a:55:d9:76:0e:f6:4b:4e:10:7c:23:
         5b:da:b4:a2:de:8e:8c:67:7d:be:d2:b7:4d:21:3d:10:0f:3a:
         c9:0c:25:74:9f:a2:0c:5c:83:48:9e:f0:88:20:81:cc:16:d0:
         63:0b:f7:44:e3:0b:d9:51:72:69:93:14:f8:38:8b:59:ca:6d:
         34:b9:3d:39:07:6d:00:55:72:17:d0:bc:f4:2b:79:7e:44:89:
         ba:a4:d6:60
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULor6H0TXEIpNSejkjszNkq2NggQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTU0MDI1WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDk5MzNiYjY4MTA3ODEyYWRmY2U3YTNlYWY3YmNkMDBm
ZDg1NjRlYjg2MzY0ZGZhNGNiMDgzMmUzNjMxZmM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCraNKIj9Bqn9L3wDBqxN5wuh+Hxv5OupHvfwiVF03a/+cF
3rSzH1tB98tbStkW9orox2O+Fyyq/Rx+zpdzFgS0QTy5c+O3QO9yq60k29+9Deoq
KhS5k7AYujbfJsMW8wpTfh0nt+cLdqGQBlUffdZXr3bievPz1oqvW/fNXdrQd8H+
Dm8PgrGfmgUHnTxvmGhaB38o8n5N73NAuD/1vkON1O7H171vEEt0QFzGGOayeCHf
a/PTNnpAeKACS4eqq4ipax4V2h1PNwVYYkI36yWm00VYgTEqu7x6CN+X/4zfdopP
MwXHlz9+b09sb4eucssTvsD0zBoDZtUjNLQn0j+tAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUp2hFsnLuoSeiHPjrtA6f4XI2mAswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyYjBhZWVjLTJkOWEtNDQ4OC1iYjE2LTcwNWRmODBlZjQwMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/0YEAwDQYJKoZIhvcNAQELBQADggEBADSute4rhTlhSxLTHfz33GGG
m1QGfYl9SCcG87wt2GFE6PtY1VsDtKKtHH/TT7N2sGIcl+CYgQpC3BElFlrVYb+J
Ueie/HleTKRkzRmJ+CkqfH9ROu+T2fnggruq3vxHLTYixjTd7KmRI//YhBVFDiYu
kt2MR5c2oeTp+38PzewJ1ziM6nfIbeLai+9mTOtf0XxzPQ34Uqrxspd8SU/KgOz2
BAGGWApustqaVdl2DvZLThB8I1vatKLejoxnfb7St00hPRAPOskMJXSfogxcg0ie
8IgggcwW0GML90TjC9lRcmmTFPg4i1nKbTS5PTkHbQBVchfQvPQreX5Eibqk1mA=
-----END CERTIFICATE-----