Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6160b1d4-acc7-4e02-bb6e-382d0ec230f5.roa
File:                     6160b1d4-acc7-4e02-bb6e-382d0ec230f5.roa (raw, json)
Hash identifier:          /dPZhR3F3MUNWEDzwjdmHpu2BpIf5dUNzYAr0n8zOcM=
Subject key identifier:   F5:A7:70:06:E5:13:2F:DA:27:2F:94:76:54:16:4A:FB:A0:1A:28:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1F03EC7BDA8401332ADE1BC02D59900F1201DC93
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6160b1d4-acc7-4e02-bb6e-382d0ec230f5.roa
Signing time:             Tue 08 Jul 2025 16:00:29 +0000
ROA not before:           Tue 08 Jul 2025 16:00:29 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ffb:5000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:03:ec:7b:da:84:01:33:2a:de:1b:c0:2d:59:90:0f:12:01:dc:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:00:29 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=f0ea49badaaf661db6c100a6e9b7794f4955846d74532ab04e199a359ba6ac20, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:12:21:08:38:2e:35:79:ad:29:90:3b:85:75:
                    4c:76:b8:7e:5e:49:44:91:0d:83:82:72:ae:6a:ae:
                    3a:f1:a0:ec:c1:6d:36:b1:05:4e:3a:92:27:e0:04:
                    b8:10:1a:5a:b8:a1:c9:ac:fe:00:59:6f:0a:1a:a9:
                    7d:58:ae:d8:a1:db:76:d3:4e:03:4f:17:64:ac:04:
                    41:85:a7:21:92:e6:e8:8f:7d:22:9f:51:31:38:ed:
                    2d:a3:a9:43:52:e5:e7:ce:99:2d:a4:6e:b8:f6:16:
                    11:44:57:3b:a3:ec:80:dc:0d:f1:4b:19:14:5a:4b:
                    98:cc:08:69:94:78:42:33:0d:cb:1d:2e:4a:6b:87:
                    b5:b1:81:a2:63:e8:8e:69:c7:4d:36:e7:b9:66:2b:
                    96:0a:d4:b6:56:73:9f:1e:dc:9f:ff:f4:44:27:3e:
                    55:b7:59:45:31:1a:75:19:d8:b7:24:2d:5a:c2:7e:
                    4c:42:57:56:42:cf:ed:e5:d4:73:a1:f7:ed:ca:af:
                    c1:87:0d:30:2b:1a:72:de:e0:83:07:5a:6e:74:25:
                    c0:2f:85:73:a7:ed:52:53:51:54:05:4b:b7:9d:02:
                    63:9e:a7:31:d4:a4:5f:6b:e9:47:0b:1b:f2:6c:e1:
                    92:4b:1f:7f:45:99:98:81:f2:c7:8c:39:50:e0:db:
                    f7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:A7:70:06:E5:13:2F:DA:27:2F:94:76:54:16:4A:FB:A0:1A:28:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6160b1d4-acc7-4e02-bb6e-382d0ec230f5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffb:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a2:6d:c7:ed:67:a3:49:f3:a0:e1:5d:8c:4e:dc:ab:33:81:f2:
         b0:56:7a:c8:c2:b9:35:ec:28:e3:be:70:5b:c1:39:44:41:11:
         49:85:17:b3:07:b8:9b:70:bd:ad:28:3d:4a:1d:4d:07:63:8b:
         e2:4c:69:11:6a:05:b3:18:4a:0c:36:07:0a:08:c2:47:6c:bc:
         07:88:2d:9d:af:15:2f:93:b5:e0:6f:11:bd:08:03:c2:94:58:
         e3:9c:04:51:eb:ba:64:34:b5:10:35:a2:94:87:2c:cd:42:ad:
         c5:f7:2d:fd:d7:13:ea:69:fd:5a:a5:f7:e3:92:de:84:18:6f:
         0d:4d:f4:a4:2f:bf:cb:e5:41:da:32:63:25:58:63:b7:02:96:
         80:09:25:b7:b4:10:66:a2:1d:b2:56:b2:32:df:a5:9f:d9:5a:
         2a:ce:7a:8a:d8:10:2f:11:48:36:b5:72:24:2c:3c:13:b2:68:
         97:81:cf:4d:f6:df:f3:26:a6:51:c8:0a:5d:54:a8:44:a9:4f:
         06:f6:07:3c:0a:f2:7d:3a:2c:de:64:82:8f:46:2a:c4:f5:9f:
         a5:3e:89:98:74:22:49:e1:24:98:cc:2e:81:7a:7b:eb:fd:bb:
         d1:c0:5b:d6:de:b4:be:05:a7:3f:31:3b:ec:34:5a:f3:d1:22:
         ac:a6:d9:46
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHwPse9qEATMq3hvALVmQDxIB3JMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYwMDI5WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMGVhNDliYWRhYWY2NjFkYjZjMTAwYTZlOWI3Nzk0ZjQ5
NTU4NDZkNzQ1MzJhYjA0ZTE5OWEzNTliYTZhYzIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxEiEIOC41ea0pkDuFdUx2uH5eSUSRDYOCcq5qrjrxoOzB
bTaxBU46kifgBLgQGlq4ocms/gBZbwoaqX1Yrtih23bTTgNPF2SsBEGFpyGS5uiP
fSKfUTE47S2jqUNS5efOmS2kbrj2FhFEVzuj7IDcDfFLGRRaS5jMCGmUeEIzDcsd
Lkprh7WxgaJj6I5px00257lmK5YK1LZWc58e3J//9EQnPlW3WUUxGnUZ2LckLVrC
fkxCV1ZCz+3l1HOh9+3Kr8GHDTArGnLe4IMHWm50JcAvhXOn7VJTUVQFS7edAmOe
pzHUpF9r6UcLG/Js4ZJLH39FmZiB8seMOVDg2/e9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU9adwBuUTL9onL5R2VBZK+6AaKHwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYxNjBiMWQ0LWFjYzctNGUwMi1iYjZlLTM4MmQwZWMyMzBmNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/7UDANBgkqhkiG9w0BAQsFAAOCAQEAom3H7WejSfOg4V2MTtyrM4Hy
sFZ6yMK5Newo475wW8E5REERSYUXswe4m3C9rSg9Sh1NB2OL4kxpEWoFsxhKDDYH
CgjCR2y8B4gtna8VL5O14G8RvQgDwpRY45wEUeu6ZDS1EDWilIcszUKtxfct/dcT
6mn9WqX345LehBhvDU30pC+/y+VB2jJjJVhjtwKWgAklt7QQZqIdslayMt+ln9la
Ks56itgQLxFINrVyJCw8E7Jol4HPTfbf8yamUcgKXVSoRKlPBvYHPAryfTos3mSC
j0YqxPWfpT6JmHQiSeEkmMwugXp76/270cBb1t60vgWnPzE77DRa89EirKbZRg==
-----END CERTIFICATE-----