Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1c25f49-463e-4031-8326-5279365c1126.roa
File:                     b1c25f49-463e-4031-8326-5279365c1126.roa (raw, json)
Hash identifier:          YMUw5G5rR9n1UvBd5OaddtTyCMGZhNyAqzVHw/ASW84=
Subject key identifier:   77:28:09:BB:7D:30:99:7C:37:65:DE:D8:2F:E5:2A:00:EE:FE:88:8C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73BBD6345E37961AAF09D83257F2E5CBA7AA1424
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1c25f49-463e-4031-8326-5279365c1126.roa
Signing time:             Wed 01 Oct 2025 00:12:42 +0000
ROA not before:           Wed 01 Oct 2025 00:12:42 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1fa0:2000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:bb:d6:34:5e:37:96:1a:af:09:d8:32:57:f2:e5:cb:a7:aa:14:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:12:42 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=6ba25ec9788d9257cf59ae6aacb2b7cdf3ada7b5091dfb69ad290b57afee492a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a4:91:ef:4e:92:e9:86:eb:3a:5c:67:7c:4e:
                    8a:64:99:7b:3d:53:36:29:8e:e2:21:fd:66:2e:c0:
                    99:d1:02:fc:5e:a7:22:40:c8:c3:14:e6:44:2f:3b:
                    b4:12:da:c2:4e:75:f0:fc:50:81:07:f1:a6:81:76:
                    b0:ef:6c:53:30:0a:71:a1:20:22:e9:90:40:e8:3a:
                    1d:45:56:47:f9:61:a9:da:47:3c:f7:2f:95:4c:63:
                    ab:ad:e4:38:59:27:e4:59:17:49:0b:a1:28:85:0a:
                    47:a0:7d:0c:48:7d:7f:a4:6a:79:43:1f:45:80:cf:
                    3d:80:50:64:1f:4c:74:23:f1:5c:ee:44:af:cc:84:
                    7b:26:0d:c4:8c:a7:40:49:b8:de:2c:27:d3:5f:39:
                    54:0b:6e:3b:d0:22:28:d6:80:e7:cd:ce:39:29:b7:
                    dc:74:9c:87:db:cd:08:26:38:30:d2:fe:32:ac:d9:
                    76:c4:8d:1b:05:3e:ea:76:79:9f:87:8f:ff:65:5a:
                    a4:95:9f:da:3b:2b:21:8e:82:b2:a9:c7:41:dd:d5:
                    26:f2:8a:e1:cc:86:cf:08:92:59:0c:14:5f:ba:cf:
                    c0:47:61:8d:e2:15:fd:6f:87:1c:1c:5e:c6:40:38:
                    ad:1f:eb:fc:ae:27:31:e9:a7:c9:41:66:f7:1b:b4:
                    fb:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:28:09:BB:7D:30:99:7C:37:65:DE:D8:2F:E5:2A:00:EE:FE:88:8C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1c25f49-463e-4031-8326-5279365c1126.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fa0:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a9:8b:c9:56:95:52:d8:79:f0:94:b2:c7:7a:74:40:fe:0b:e8:
         31:61:3c:cc:b5:61:a0:0d:f9:dc:a0:37:4b:a1:17:dc:2f:7c:
         62:1e:5d:1e:23:b8:f2:5a:a2:fa:37:c2:bc:33:3f:e2:e9:9b:
         97:4d:9b:7a:81:e4:67:e9:ca:2f:07:8a:26:84:02:9e:65:36:
         a0:70:7e:24:d4:05:6f:4e:0a:68:23:92:78:b8:00:0e:86:e2:
         bc:c2:5e:12:13:ea:a7:30:6c:7d:b9:99:88:9a:8b:e5:4c:61:
         62:0c:e3:ca:2b:c0:75:89:50:6a:4f:c2:1e:cc:a1:bb:9c:35:
         70:68:1b:f3:c5:67:4f:6b:d2:cf:e7:95:9f:9a:1d:f5:39:b0:
         23:40:f0:17:45:8f:c1:21:95:19:ee:48:03:69:7d:7c:5b:d1:
         5f:06:ad:85:12:2a:36:fc:68:2b:d8:56:85:a1:88:90:37:be:
         d1:1c:9e:97:6a:16:31:b2:53:d4:45:1c:2e:f1:a9:80:19:62:
         07:8d:87:6b:2f:00:bf:73:38:49:bf:fa:35:d1:36:2a:ef:cd:
         98:82:70:70:c3:25:f9:a7:28:0a:4b:67:45:ec:00:cd:11:89:
         77:f4:51:a5:a9:12:84:99:b6:9d:81:cd:e6:5d:f1:ce:a9:08:
         81:a6:71:33
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUc7vWNF43lhqvCdgyV/Lly6eqFCQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMjQyWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmEyNWVjOTc4OGQ5MjU3Y2Y1OWFlNmFhY2IyYjdjZGYz
YWRhN2I1MDkxZGZiNjlhZDI5MGI1N2FmZWU0OTJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkpJHvTpLphus6XGd8TopkmXs9UzYpjuIh/WYuwJnRAvxe
pyJAyMMU5kQvO7QS2sJOdfD8UIEH8aaBdrDvbFMwCnGhICLpkEDoOh1FVkf5Yana
Rzz3L5VMY6ut5DhZJ+RZF0kLoSiFCkegfQxIfX+kanlDH0WAzz2AUGQfTHQj8Vzu
RK/MhHsmDcSMp0BJuN4sJ9NfOVQLbjvQIijWgOfNzjkpt9x0nIfbzQgmODDS/jKs
2XbEjRsFPup2eZ+Hj/9lWqSVn9o7KyGOgrKpx0Hd1SbyiuHMhs8IklkMFF+6z8BH
YY3iFf1vhxwcXsZAOK0f6/yuJzHpp8lBZvcbtPsxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUdygJu30wmXw3Zd7YL+UqAO7+iIwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxYzI1ZjQ5LTQ2M2UtNDAzMS04MzI2LTUyNzkzNjVjMTEyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+gIDANBgkqhkiG9w0BAQsFAAOCAQEAqYvJVpVS2HnwlLLHenRA/gvo
MWE8zLVhoA353KA3S6EX3C98Yh5dHiO48lqi+jfCvDM/4umbl02beoHkZ+nKLweK
JoQCnmU2oHB+JNQFb04KaCOSeLgADobivMJeEhPqpzBsfbmZiJqL5UxhYgzjyivA
dYlQak/CHsyhu5w1cGgb88VnT2vSz+eVn5od9TmwI0DwF0WPwSGVGe5IA2l9fFvR
XwathRIqNvxoK9hWhaGIkDe+0Ryel2oWMbJT1EUcLvGpgBliB42Hay8Av3M4Sb/6
NdE2Ku/NmIJwcMMl+acoCktnRewAzRGJd/RRpakShJm2nYHN5l3xzqkIgaZxMw==
-----END CERTIFICATE-----