Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/34aa606e-0ded-49e0-8124-2799643cf271.roa
File:                     34aa606e-0ded-49e0-8124-2799643cf271.roa (raw, json)
Hash identifier:          EbSj+PrLwUpcLrnL30CIeGWHyrW/B22/Kb9tgvySD+I=
Subject key identifier:   6A:81:32:F6:04:C1:DC:A7:6C:E1:17:4D:84:23:88:C9:B4:28:15:F4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1722FFF95AAF1475B9D1E3DBC6E734A7E1FB3F60
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/34aa606e-0ded-49e0-8124-2799643cf271.roa
Signing time:             Tue 04 Mar 2025 22:40:38 +0000
ROA not before:           Tue 04 Mar 2025 22:40:38 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:399::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:22:ff:f9:5a:af:14:75:b9:d1:e3:db:c6:e7:34:a7:e1:fb:3f:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar  4 22:40:38 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:36:f0:44:93:c2:88:a0:fd:88:fa:63:d9:31:
                    59:83:df:07:cc:90:56:6c:3b:b7:95:8c:cb:88:9e:
                    5c:3b:e1:22:65:f1:bf:02:62:7e:02:1a:dc:0a:44:
                    23:4e:3b:4b:a7:bf:c0:45:48:4d:39:4a:bc:44:78:
                    d2:13:53:f9:e2:19:da:3c:2a:26:af:68:c9:be:45:
                    e6:f9:d9:e0:ba:70:46:ca:e0:85:5d:a0:76:1a:c7:
                    33:c1:79:e5:25:ea:87:4d:83:83:64:ee:24:3a:0c:
                    6a:a6:76:8f:7f:5a:4f:4f:cb:84:08:a7:45:7a:8e:
                    51:cf:1d:b8:cb:90:7c:2d:f2:33:50:0d:b5:e3:03:
                    ad:5f:88:0b:99:25:03:b8:51:33:14:35:ce:5f:70:
                    2e:e9:3d:7f:48:8d:4c:0b:ad:cb:0a:89:2d:75:3b:
                    f1:f7:4b:60:c8:9a:6e:58:dd:ca:ed:de:66:ed:9c:
                    88:d3:95:fe:a8:95:26:0b:f7:15:5b:a0:a1:20:e8:
                    e9:40:51:b2:9b:df:f4:17:af:a9:5d:30:41:93:06:
                    ac:8e:d3:7a:8d:3e:85:3a:00:47:ee:20:b7:44:90:
                    f8:70:78:18:71:1c:fd:d5:17:1b:c1:b7:c8:93:7d:
                    b5:7f:c3:53:f9:63:c5:13:c6:7f:13:88:75:6a:d6:
                    33:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:81:32:F6:04:C1:DC:A7:6C:E1:17:4D:84:23:88:C9:B4:28:15:F4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/34aa606e-0ded-49e0-8124-2799643cf271.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:399::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:f2:c9:cf:dd:a1:f6:a3:c8:f5:c2:eb:cf:13:6f:0d:ec:2e:
         65:dc:03:73:63:f7:6e:fe:46:ec:d8:91:42:35:01:42:bc:35:
         a6:0f:23:60:c2:8a:cc:ff:c3:5b:c2:79:81:d4:43:41:65:ee:
         8a:22:44:00:32:5b:f8:69:4b:7b:29:a5:b5:4a:35:87:6e:f0:
         45:87:61:9c:1b:37:0e:08:ae:4b:e0:80:96:87:15:1c:0a:33:
         fa:85:25:ca:a8:b4:17:4a:a2:37:52:16:88:14:9d:df:09:ca:
         d0:ab:fc:93:e2:6d:60:91:9f:2a:67:50:c1:d0:69:23:ea:96:
         dd:81:72:ee:4e:d0:7b:71:7b:74:5f:8e:5d:55:12:b6:8d:fb:
         c3:cf:56:4d:71:ee:8d:20:37:d8:7f:24:ff:90:3f:b4:3a:b0:
         21:e9:de:5a:af:39:49:af:d8:7c:f2:4a:7e:93:3a:a9:36:d0:
         f1:24:96:eb:ed:9e:f5:87:9c:64:c5:50:16:d2:93:12:d3:75:
         94:4f:d7:e6:48:76:9b:3b:0a:b0:54:3a:78:3d:f0:39:c9:7f:
         cf:a0:10:6b:93:15:11:38:45:31:0b:fb:b4:7a:38:52:a5:09:
         5c:c0:0b:c0:19:d5:17:5d:ce:26:5d:e3:fa:c2:04:ac:4d:27:
         1a:43:77:d5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFyL/+VqvFHW50ePbxuc0p+H7P2AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzA0MjI0MDM4WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDI4ZjRlMzBlNjk5ZTIxMDFiNzhkYzgxMzMxNGIyNzE1
YmExMTczNDBmZWY0MTM4NDZmOTllZjZkZjY1ZWM4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+NvBEk8KIoP2I+mPZMVmD3wfMkFZsO7eVjMuInlw74SJl
8b8CYn4CGtwKRCNOO0unv8BFSE05SrxEeNITU/niGdo8KiavaMm+Reb52eC6cEbK
4IVdoHYaxzPBeeUl6odNg4Nk7iQ6DGqmdo9/Wk9Py4QIp0V6jlHPHbjLkHwt8jNQ
DbXjA61fiAuZJQO4UTMUNc5fcC7pPX9IjUwLrcsKiS11O/H3S2DImm5Y3crt3mbt
nIjTlf6olSYL9xVboKEg6OlAUbKb3/QXr6ldMEGTBqyO03qNPoU6AEfuILdEkPhw
eBhxHP3VFxvBt8iTfbV/w1P5Y8UTxn8TiHVq1jMHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUaoEy9gTB3Kds4RdNhCOIybQoFfQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM0YWE2MDZlLTBkZWQtNDllMC04MTI0LTI3OTk2NDNjZjI3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5kwDQYJKoZIhvcNAQELBQADggEBAAHyyc/dofajyPXC688Tbw3s
LmXcA3Nj927+RuzYkUI1AUK8NaYPI2DCisz/w1vCeYHUQ0Fl7ooiRAAyW/hpS3sp
pbVKNYdu8EWHYZwbNw4IrkvggJaHFRwKM/qFJcqotBdKojdSFogUnd8JytCr/JPi
bWCRnypnUMHQaSPqlt2Bcu5O0Htxe3Rfjl1VEraN+8PPVk1x7o0gN9h/JP+QP7Q6
sCHp3lqvOUmv2HzySn6TOqk20PEkluvtnvWHnGTFUBbSkxLTdZRP1+ZIdps7CrBU
Ong98DnJf8+gEGuTFRE4RTEL+7R6OFKlCVzAC8AZ1RddziZd4/rCBKxNJxpDd9U=
-----END CERTIFICATE-----