Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
File:                     e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa (raw, json)
Hash identifier:          BqreRjyfl6SCK8t4/+hP1vku51u1Y1JUsQjajxDywk4=
Subject key identifier:   95:D6:B5:C2:30:72:2C:B4:AE:9F:87:AC:39:DF:2A:36:99:57:5F:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C297FA0537AFB4C3B32B2FE983ED798C7047C6E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
Signing time:             Tue 25 Mar 2025 18:00:26 +0000
ROA not before:           Tue 25 Mar 2025 18:00:26 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:50c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:29:7f:a0:53:7a:fb:4c:3b:32:b2:fe:98:3e:d7:98:c7:04:7c:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 25 18:00:26 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3f:db:6c:bb:34:56:81:11:37:08:31:fc:fe:
                    9e:79:8d:05:36:29:67:48:46:3e:a9:dd:f6:c4:ab:
                    46:0f:bd:fe:bd:2b:ca:1b:c0:ed:3d:58:ce:73:db:
                    ae:f9:38:1c:58:94:76:93:f9:1a:17:04:7f:ae:cb:
                    fa:c0:5a:03:ab:9b:70:41:3a:92:0f:98:72:71:04:
                    6e:b6:f1:6b:b0:75:85:ac:eb:7f:cc:98:c4:36:72:
                    4f:2b:7d:21:18:ba:17:d1:3e:6d:f1:11:e0:92:dc:
                    29:f6:69:8a:98:bd:a1:fc:25:df:3f:d3:3b:ed:e7:
                    a4:19:bc:b0:0b:bd:c0:78:df:49:42:50:7c:f2:97:
                    7e:6e:cc:c8:30:4a:8d:be:8d:65:45:0f:c8:a3:72:
                    61:55:d0:51:aa:01:83:5c:91:0b:1f:87:6d:9e:c4:
                    21:66:ff:7e:26:4b:08:d0:a6:30:de:be:fa:88:8f:
                    4b:2b:81:50:a6:b7:09:cc:ad:d2:a4:77:13:f0:f9:
                    1f:8c:c4:0a:a8:53:57:ef:64:99:8f:80:e0:9f:ee:
                    23:7f:69:27:6e:7c:fa:77:bb:eb:76:58:8a:a8:f6:
                    81:4c:6c:b8:2f:8a:d5:fd:c7:5e:4c:ec:ac:b7:ff:
                    72:91:dd:f9:29:30:1d:f1:c6:44:1b:4a:55:41:d1:
                    d8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D6:B5:C2:30:72:2C:B4:AE:9F:87:AC:39:DF:2A:36:99:57:5F:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:b6:c0:13:1e:6b:cf:8d:a9:a1:1e:62:6d:7c:4d:8e:a8:4b:
         4d:21:d3:7d:73:43:f4:54:6f:d7:a8:ed:05:a4:d8:31:55:f3:
         98:ea:17:94:7e:4b:2e:09:85:2d:13:26:74:66:52:22:39:e1:
         f3:b5:6e:ef:60:b5:e8:22:43:14:85:98:f9:e8:db:a5:73:09:
         06:3c:c0:1f:21:ca:13:d5:88:a7:69:71:9f:0f:84:0f:f7:98:
         11:9f:c8:1b:b6:59:df:69:5d:97:84:53:61:7d:6b:bb:cb:5f:
         e8:84:89:74:83:da:c2:28:e5:19:19:36:2c:93:89:2f:cb:ca:
         d8:3f:83:de:0c:29:88:8c:d0:e3:07:ee:18:b7:cd:36:d4:d9:
         9b:86:99:bd:12:82:f1:69:6c:88:40:df:f8:65:ce:a8:f5:a7:
         8e:b3:e7:1a:3a:cc:a5:08:24:41:e5:19:a3:03:8c:dc:53:4b:
         10:1c:9b:7c:e4:ca:94:90:fc:42:bc:07:ef:ff:fa:44:0f:1f:
         1a:bb:87:8d:b0:b3:66:df:4d:fe:09:42:a7:1f:e5:38:cb:df:
         34:13:ed:ba:12:42:b9:50:33:8d:db:d7:6b:15:c7:31:f0:bb:
         7f:9b:62:30:ef:86:01:f3:a3:fe:69:45:d2:c1:71:bb:0f:dc:
         2a:62:46:93
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDCl/oFN6+0w7MrL+mD7XmMcEfG4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI1MTgwMDI2WhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzI3Zjk0OGM5ZmUwNGUzYTQ1N2ZhZmMyZjA3MzJhNTVl
NzkxOWQwNDljMGQ1NThjOWUxMTQwMTY4MDA4MmFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvP9tsuzRWgRE3CDH8/p55jQU2KWdIRj6p3fbEq0YPvf69
K8obwO09WM5z2675OBxYlHaT+RoXBH+uy/rAWgOrm3BBOpIPmHJxBG628WuwdYWs
63/MmMQ2ck8rfSEYuhfRPm3xEeCS3Cn2aYqYvaH8Jd8/0zvt56QZvLALvcB430lC
UHzyl35uzMgwSo2+jWVFD8ijcmFV0FGqAYNckQsfh22exCFm/34mSwjQpjDevvqI
j0srgVCmtwnMrdKkdxPw+R+MxAqoU1fvZJmPgOCf7iN/aSdufPp3u+t2WIqo9oFM
bLgvitX9x15M7Ky3/3KR3fkpMB3xxkQbSlVB0djPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlda1wjByLLSun4esOd8qNplXXwkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ODIwYmFlLTA1ZDktNDk2OS1iYTVjLTA1N2FjNjRhOGZhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AUMAwDQYJKoZIhvcNAQELBQADggEBACO2wBMea8+NqaEeYm18TY6o
S00h031zQ/RUb9eo7QWk2DFV85jqF5R+Sy4JhS0TJnRmUiI54fO1bu9gtegiQxSF
mPno26VzCQY8wB8hyhPViKdpcZ8PhA/3mBGfyBu2Wd9pXZeEU2F9a7vLX+iEiXSD
2sIo5RkZNiyTiS/Lytg/g94MKYiM0OMH7hi3zTbU2ZuGmb0SgvFpbIhA3/hlzqj1
p46z5xo6zKUIJEHlGaMDjNxTSxAcm3zkypSQ/EK8B+//+kQPHxq7h42ws2bfTf4J
Qqcf5TjL3zQT7boSQrlQM43b12sVxzHwu3+bYjDvhgHzo/5pRdLBcbsP3CpiRpM=
-----END CERTIFICATE-----