Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dc95307b-87b9-475f-8acf-824b845b46f4.roa
File:                     dc95307b-87b9-475f-8acf-824b845b46f4.roa (raw, json)
Hash identifier:          8+1EMb5FNpzENY2G9kFnjsw5t4ZZvZH5CSExd4KgM7I=
Subject key identifier:   A7:1C:67:19:44:A2:3D:2C:28:59:3A:32:89:9C:F5:30:B7:EE:7C:BC
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       482037E5F899CF2757D4A0BD26547499492DAC6C
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dc95307b-87b9-475f-8acf-824b845b46f4.roa
Signing time:             Fri 07 Mar 2025 15:00:59 +0000
ROA not before:           Fri 07 Mar 2025 15:00:59 +0000
ROA not after:            Fri 11 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:610::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:20:37:e5:f8:99:cf:27:57:d4:a0:bd:26:54:74:99:49:2d:ac:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar  7 15:00:59 2025 GMT
            Not After : Apr 11 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b7:fe:08:5f:ca:7e:e6:ec:9a:cf:2a:f0:e6:
                    3a:4c:96:15:94:f3:28:07:c6:6d:94:12:4b:08:47:
                    b2:4c:77:88:58:09:ca:b9:c5:d7:62:87:c3:77:0e:
                    20:39:1c:d7:7e:05:b0:68:8a:6f:b2:d4:44:b5:6f:
                    2c:7b:65:6f:9e:78:b4:00:66:32:bb:b0:d4:d5:78:
                    44:55:2d:a7:e2:40:45:42:eb:30:34:62:ef:d2:7a:
                    e0:ca:7b:34:e5:37:9f:73:44:73:c3:f9:3e:56:06:
                    75:ec:47:de:3e:85:36:50:81:cf:1b:8c:cb:50:09:
                    66:2b:1a:47:22:83:bf:0b:52:ff:1a:f4:42:e2:48:
                    ac:0b:21:4f:52:91:b6:af:7a:23:06:63:42:0b:61:
                    34:0a:52:92:67:b7:b6:15:1d:18:ff:69:d3:8b:bb:
                    bd:66:79:7c:de:c8:93:8f:4b:9c:df:e3:11:a2:19:
                    23:39:db:19:6f:31:aa:59:cc:ee:96:19:7b:8e:f1:
                    75:cf:47:8b:74:68:b9:00:ef:b7:26:ac:bc:8a:73:
                    a7:8f:de:9e:f1:cf:38:6a:e6:f9:15:3d:31:a7:65:
                    8a:76:a9:e3:fb:05:50:29:17:e6:0d:f2:ff:59:0a:
                    40:05:82:6b:f0:45:af:d3:9b:7d:da:95:01:52:53:
                    25:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1C:67:19:44:A2:3D:2C:28:59:3A:32:89:9C:F5:30:B7:EE:7C:BC
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dc95307b-87b9-475f-8acf-824b845b46f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:610::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:ad:16:68:8a:25:2a:77:4d:5e:b8:6e:57:7b:91:d0:d9:5d:
         74:97:94:8b:5b:e2:c2:a5:a9:59:96:77:40:2d:05:db:69:cc:
         da:5e:4f:66:f1:48:1b:a0:3d:8b:8b:7f:17:48:6d:4d:62:71:
         c5:db:c2:1e:32:3d:d9:32:80:d3:d4:55:41:82:ed:d8:c5:09:
         1a:03:e2:07:dd:64:a4:3c:7d:e2:c2:50:a9:68:16:38:d2:d1:
         1c:2d:cc:b0:b5:e5:01:5a:1c:5f:42:91:d8:f6:90:c3:0c:6f:
         78:bc:49:22:f9:93:18:4d:48:b9:25:7b:31:46:b9:a1:56:a0:
         55:bc:4f:aa:75:ad:e5:c3:97:ed:08:5c:39:d8:2e:f1:e1:67:
         ad:ff:69:81:6c:57:0c:11:e7:2e:15:98:d2:84:4d:b6:f0:55:
         9c:45:fd:48:22:21:2c:01:dc:8a:dd:92:06:a4:6c:54:f4:ed:
         15:84:3f:d8:fc:25:45:c2:ad:6a:f7:ba:e6:a7:d9:13:8c:0a:
         7c:ae:3f:fa:b0:af:67:c6:9e:01:ef:e8:cd:a0:73:01:b7:69:
         1b:b9:4f:8d:9f:4e:ae:1c:82:43:c8:30:74:08:51:75:e8:97:
         38:21:61:6c:5c:e8:34:b7:0c:d3:2d:d5:e3:f9:87:ab:fe:1f:
         96:12:8f:8f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSCA35fiZzydX1KC9JlR0mUktrGwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzA3MTUwMDU5WhcNMjUwNDExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDk4MTZhMmRhODY1ZTUyMjhlMjJlNDE2YmM3N2E0YjQy
N2EwYWU2YmM1NWFiODdkNmI4ZTNlMzZhY2MyZGQ5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDit/4IX8p+5uyazyrw5jpMlhWU8ygHxm2UEksIR7JMd4hY
Ccq5xddih8N3DiA5HNd+BbBoim+y1ES1byx7ZW+eeLQAZjK7sNTVeERVLafiQEVC
6zA0Yu/SeuDKezTlN59zRHPD+T5WBnXsR94+hTZQgc8bjMtQCWYrGkcig78LUv8a
9ELiSKwLIU9SkbaveiMGY0ILYTQKUpJnt7YVHRj/adOLu71meXzeyJOPS5zf4xGi
GSM52xlvMapZzO6WGXuO8XXPR4t0aLkA77cmrLyKc6eP3p7xzzhq5vkVPTGnZYp2
qeP7BVApF+YN8v9ZCkAFgmvwRa/Tm33alQFSUyVNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpxxnGUSiPSwoWToyiZz1MLfufLwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RjOTUzMDdiLTg3YjktNDc1Zi04YWNmLTgyNGI4NDViNDZmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABhAwDQYJKoZIhvcNAQELBQADggEBAGOtFmiKJSp3TV64bld7kdDZ
XXSXlItb4sKlqVmWd0AtBdtpzNpeT2bxSBugPYuLfxdIbU1iccXbwh4yPdkygNPU
VUGC7djFCRoD4gfdZKQ8feLCUKloFjjS0RwtzLC15QFaHF9Ckdj2kMMMb3i8SSL5
kxhNSLklezFGuaFWoFW8T6p1reXDl+0IXDnYLvHhZ63/aYFsVwwR5y4VmNKETbbw
VZxF/UgiISwB3IrdkgakbFT07RWEP9j8JUXCrWr3uuan2ROMCnyuP/qwr2fGngHv
6M2gcwG3aRu5T42fTq4cgkPIMHQIUXXolzghYWxc6DS3DNMt1eP5h6v+H5YSj48=
-----END CERTIFICATE-----