Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0540ca01-8952-4aed-9627-bff6189a117a.roa
File:                     0540ca01-8952-4aed-9627-bff6189a117a.roa (raw, json)
Hash identifier:          922dk9OlWIDjWc2J4Uq+lkV26GakywBFJGGv/NidcEM=
Subject key identifier:   1D:32:BE:3F:5B:D3:22:A7:A1:11:C0:80:1E:53:E4:7F:15:90:7D:01
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7FFCD865CCA32CD1B5394E6A3A67A2ADD1783FBC
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0540ca01-8952-4aed-9627-bff6189a117a.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5529::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:fc:d8:65:cc:a3:2c:d1:b5:39:4e:6a:3a:67:a2:ad:d1:78:3f:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:56:0c:3a:6c:7e:6b:92:da:0f:28:d4:38:de:
                    26:ed:b2:58:f8:eb:29:d9:cc:5f:ba:07:a7:29:b6:
                    50:61:83:ad:58:b2:58:ea:52:35:6e:42:20:0f:33:
                    e4:06:2c:4b:59:00:55:7f:a6:d9:2a:1e:45:36:cd:
                    4d:dd:33:e8:4e:33:df:b1:9c:e1:33:d3:12:b9:74:
                    5b:c3:98:bb:80:b7:cd:c3:e9:e7:20:d2:ad:56:b2:
                    13:b4:c4:86:b7:0f:e2:52:9d:a0:2f:26:23:e2:72:
                    c5:a2:6a:66:41:bc:0e:33:18:00:c0:1a:e5:8b:e8:
                    bf:57:7b:20:1f:f7:5d:91:bd:e3:21:a2:50:08:b4:
                    be:b5:2c:f4:50:ca:07:b3:da:00:05:57:f5:03:be:
                    1e:5b:14:50:16:8b:78:0b:96:1a:8d:ec:4b:3f:52:
                    2c:ed:2d:fc:73:9c:61:ed:bb:67:83:30:4e:46:0e:
                    45:d1:1c:b3:b8:d4:98:08:f6:98:d0:e6:29:e0:ce:
                    8d:24:7b:df:d3:65:08:41:8a:be:d6:48:25:51:63:
                    1f:4b:55:2b:5f:7d:b3:ec:43:fd:f2:53:d8:20:2e:
                    01:46:cc:19:11:46:d8:44:d4:1f:35:d7:34:84:1b:
                    3c:3e:aa:5a:42:af:1e:64:8f:78:b4:37:d6:51:a0:
                    94:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:32:BE:3F:5B:D3:22:A7:A1:11:C0:80:1E:53:E4:7F:15:90:7D:01
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0540ca01-8952-4aed-9627-bff6189a117a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5529::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:62:8c:42:ae:82:0c:e5:74:84:c0:7f:ad:76:24:a2:af:2b:
         d3:3a:59:61:8b:47:e0:99:c6:92:55:79:d8:9f:b5:da:39:f6:
         bb:45:ee:15:c9:e9:a3:7c:c4:af:cc:c8:17:3b:da:ff:78:20:
         5b:e1:78:bb:06:70:c7:18:a1:9e:61:71:f5:26:9c:dc:1a:31:
         98:33:cb:65:8a:2d:4b:3b:03:dc:d3:91:1b:60:76:ce:86:3b:
         ab:a4:42:c8:e0:c1:54:d5:39:4f:05:03:02:e6:f0:88:af:cc:
         8d:21:c9:d2:55:80:46:45:99:e3:0f:f1:1d:78:be:d1:c7:23:
         87:24:a3:13:27:fc:a8:97:4e:4e:4a:4f:6c:14:fc:68:0b:bd:
         07:01:63:d3:93:85:3e:da:c8:0e:3b:71:40:aa:e4:ec:71:7f:
         99:37:90:97:90:d4:6c:c8:98:33:4c:a7:d7:bf:00:61:8d:fe:
         83:85:35:22:c2:24:d5:2b:8f:a1:5b:e8:52:3a:2f:d6:8a:f9:
         db:9f:72:e8:98:24:66:a7:45:8b:84:14:11:9f:90:c1:82:e7:
         68:35:85:89:fb:5c:84:a1:09:cc:a1:51:d9:90:6a:8e:c2:c8:
         53:d9:65:07:8f:ce:86:6f:38:65:58:f0:ec:b3:64:3f:fb:b9:
         27:2e:3c:94
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUf/zYZcyjLNG1OU5qOmeirdF4P7wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNDgzYzljYjMxNDU4YWQzZDYyMDdiYTdiNGUyYjMzMzZj
ZGVlMzRmODNmNTUxZDQxZjdkZGU3NTEyOGRhMTI5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOVgw6bH5rktoPKNQ43ibtslj46ynZzF+6B6cptlBhg61Y
sljqUjVuQiAPM+QGLEtZAFV/ptkqHkU2zU3dM+hOM9+xnOEz0xK5dFvDmLuAt83D
6ecg0q1WshO0xIa3D+JSnaAvJiPicsWiamZBvA4zGADAGuWL6L9XeyAf912RveMh
olAItL61LPRQygez2gAFV/UDvh5bFFAWi3gLlhqN7Es/UiztLfxznGHtu2eDME5G
DkXRHLO41JgI9pjQ5ingzo0ke9/TZQhBir7WSCVRYx9LVStffbPsQ/3yU9ggLgFG
zBkRRthE1B811zSEGzw+qlpCrx5kj3i0N9ZRoJTXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHTK+P1vTIqehEcCAHlPkfxWQfQEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzA1NDBjYTAxLTg5NTItNGFlZC05NjI3LWJmZjYxODlhMTE3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSkwDQYJKoZIhvcNAQELBQADggEBAA5ijEKuggzldITAf612JKKv
K9M6WWGLR+CZxpJVediftdo59rtF7hXJ6aN8xK/MyBc72v94IFvheLsGcMcYoZ5h
cfUmnNwaMZgzy2WKLUs7A9zTkRtgds6GO6ukQsjgwVTVOU8FAwLm8IivzI0hydJV
gEZFmeMP8R14vtHHI4ckoxMn/KiXTk5KT2wU/GgLvQcBY9OThT7ayA47cUCq5Oxx
f5k3kJeQ1GzImDNMp9e/AGGN/oOFNSLCJNUrj6Fb6FI6L9aK+dufcuiYJGanRYuE
FBGfkMGC52g1hYn7XIShCcyhUdmQao7CyFPZZQePzoZvOGVY8OyzZD/7uScuPJQ=
-----END CERTIFICATE-----