Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379923f6-f2ed-41a0-a0b5-3ea7a6f71c3f.roa
File:                     379923f6-f2ed-41a0-a0b5-3ea7a6f71c3f.roa (raw, json)
Hash identifier:          tMMsqqEfmwsExaGt+3Ibq/9AYRn40T9B/N4+bJXVRew=
Subject key identifier:   E9:B7:26:F2:9B:6D:FD:DC:4C:E4:31:A5:0E:F4:46:D6:F9:69:47:CC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D3B45C650C9A61592F37F167F3107C3892FF005
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379923f6-f2ed-41a0-a0b5-3ea7a6f71c3f.roa
Signing time:             Tue 08 Jul 2025 16:21:19 +0000
ROA not before:           Tue 08 Jul 2025 16:21:19 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff7:5040::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:3b:45:c6:50:c9:a6:15:92:f3:7f:16:7f:31:07:c3:89:2f:f0:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:21:19 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=c409616b819ca4cb4951961daf8dceb04ee18905e0467f8ff269e02feb02a64f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e0:43:4a:6b:c8:e7:67:f3:cb:3b:9a:2f:ed:
                    04:7c:30:3f:c6:e1:1e:fb:c8:52:3b:a0:4b:5c:2b:
                    c3:84:eb:38:a4:57:97:79:03:08:4a:64:19:a0:6a:
                    bc:fe:3e:48:25:81:a8:ab:0d:0e:a9:9d:cc:5f:1d:
                    c9:dd:9e:c3:1e:6c:4a:81:a9:bb:d7:42:31:93:2d:
                    b0:87:26:7c:e1:14:07:f8:8c:c7:af:6c:d7:81:fe:
                    91:f6:03:12:d6:12:3a:78:70:13:b6:48:9e:cc:af:
                    4a:88:c5:3e:03:3c:5c:3a:c7:9d:61:bb:e7:7f:32:
                    d3:1c:07:a8:96:98:fc:93:33:50:2a:ec:41:4e:32:
                    c2:d0:ab:a1:5e:d8:47:eb:cd:a9:a0:41:e4:43:3c:
                    c4:f2:e7:7f:57:2d:fb:33:43:53:9f:76:56:34:2d:
                    70:ed:33:38:61:2b:8c:9f:73:73:2a:3b:cd:16:6b:
                    01:82:c9:05:6c:32:0a:b9:9a:5f:c9:9b:77:82:58:
                    b0:9b:58:b3:4a:5f:08:97:45:60:e9:cb:89:52:94:
                    a3:0f:83:79:ef:53:f6:fb:c4:5c:30:60:69:1b:41:
                    6d:59:7a:8b:b6:9a:c0:63:b7:77:9f:3c:7c:e9:84:
                    b2:9f:96:69:19:81:42:4c:00:c5:10:1a:72:ff:be:
                    9c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:B7:26:F2:9B:6D:FD:DC:4C:E4:31:A5:0E:F4:46:D6:F9:69:47:CC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379923f6-f2ed-41a0-a0b5-3ea7a6f71c3f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff7:5040::/46

    Signature Algorithm: sha256WithRSAEncryption
         ab:22:cf:96:a5:b8:03:1e:6c:9c:5b:f9:25:b7:1e:5d:e5:fc:
         9e:29:07:74:98:d5:85:34:98:7a:b1:89:36:fe:bf:fc:08:d2:
         41:1e:bc:bc:63:6f:81:b6:0d:57:28:ac:b8:2c:a7:15:98:22:
         77:13:00:bb:7a:d5:6b:70:91:f5:82:18:79:86:71:03:0b:49:
         bc:81:60:b9:37:3c:a2:b6:ca:51:5e:08:cd:9d:b6:ea:67:4f:
         90:f2:44:36:22:b7:c7:e1:90:f7:a2:e7:e0:fd:fc:89:24:10:
         db:74:9e:59:75:24:f4:e0:77:24:d3:87:51:0b:a2:88:37:4f:
         22:da:bf:72:03:54:8e:d6:6c:92:28:c0:b6:fd:a0:7e:41:b4:
         70:f3:71:38:b6:a2:89:97:2c:7c:f2:31:2b:b9:87:4d:01:c3:
         a7:1d:64:f9:bf:70:de:5f:2b:f6:b1:fd:33:ba:6f:53:c4:e8:
         eb:f9:47:46:b8:66:c2:27:7e:8c:9d:f1:f3:0b:ba:df:b7:82:
         11:ae:dd:48:75:c0:c7:8b:80:dc:16:8b:c0:f4:fc:ae:8e:38:
         c2:d7:ae:4c:e7:48:dc:b8:76:77:04:93:ae:ea:28:85:da:ba:
         70:56:5b:e0:29:73:74:ab:c2:7c:8c:27:21:65:37:76:c9:22:
         b6:e9:06:1f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfTtFxlDJphWS838WfzEHw4kv8AUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYyMTE5WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDA5NjE2YjgxOWNhNGNiNDk1MTk2MWRhZjhkY2ViMDRl
ZTE4OTA1ZTA0NjdmOGZmMjY5ZTAyZmViMDJhNjRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH4ENKa8jnZ/PLO5ov7QR8MD/G4R77yFI7oEtcK8OE6zik
V5d5AwhKZBmgarz+PkglgairDQ6pncxfHcndnsMebEqBqbvXQjGTLbCHJnzhFAf4
jMevbNeB/pH2AxLWEjp4cBO2SJ7Mr0qIxT4DPFw6x51hu+d/MtMcB6iWmPyTM1Aq
7EFOMsLQq6Fe2EfrzamgQeRDPMTy539XLfszQ1OfdlY0LXDtMzhhK4yfc3MqO80W
awGCyQVsMgq5ml/Jm3eCWLCbWLNKXwiXRWDpy4lSlKMPg3nvU/b7xFwwYGkbQW1Z
eou2msBjt3efPHzphLKflmkZgUJMAMUQGnL/vpzRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6bcm8ptt/dxM5DGlDvRG1vlpR8wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3OTkyM2Y2LWYyZWQtNDFhMC1hMGI1LTNlYTdhNmY3MWMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/3UEAwDQYJKoZIhvcNAQELBQADggEBAKsiz5aluAMebJxb+SW3Hl3l
/J4pB3SY1YU0mHqxiTb+v/wI0kEevLxjb4G2DVcorLgspxWYIncTALt61WtwkfWC
GHmGcQMLSbyBYLk3PKK2ylFeCM2dtupnT5DyRDYit8fhkPei5+D9/IkkENt0nll1
JPTgdyTTh1ELoog3TyLav3IDVI7WbJIowLb9oH5BtHDzcTi2oomXLHzyMSu5h00B
w6cdZPm/cN5fK/ax/TO6b1PE6Ov5R0a4ZsInfoyd8fMLut+3ghGu3Uh1wMeLgNwW
i8D0/K6OOMLXrkznSNy4dncEk67qKIXaunBWW+Apc3SrwnyMJyFlN3bJIrbpBh8=
-----END CERTIFICATE-----