Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
File:                     91a27594-a038-483a-a558-a5377f4d266f.roa (raw, json)
Hash identifier:          LqrsRvfZlutNLHvyd2F37YPDUzPhzr29imIzHinwB+E=
Subject key identifier:   2C:8A:DF:C7:50:63:62:67:9D:A5:4D:CE:C5:FE:5D:7F:4C:B0:33:50
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       4775639420CA905144D360FC61D9D275911E5F7F
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
Signing time:             Mon 17 Mar 2025 15:10:29 +0000
ROA not before:           Mon 17 Mar 2025 15:10:29 +0000
ROA not after:            Mon 21 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:fffc::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:75:63:94:20:ca:90:51:44:d3:60:fc:61:d9:d2:75:91:1e:5f:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Mar 17 15:10:29 2025 GMT
            Not After : Apr 21 23:59:59 2025 GMT
        Subject: CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:cc:80:8f:02:68:e4:33:2b:e6:13:56:66:c5:
                    78:17:d5:24:35:a9:9c:e5:8d:6b:75:b5:27:57:e0:
                    6a:76:52:c9:22:44:09:4c:f2:4e:d1:e0:92:16:b5:
                    cc:20:87:fa:cd:3b:07:bb:af:f8:7d:8a:85:b1:6a:
                    8d:ca:90:b5:96:6a:f1:80:c5:1e:6f:b0:c9:73:e6:
                    73:11:e5:2a:35:f6:be:b1:96:f8:30:5a:21:d3:23:
                    4c:8a:fa:e4:22:c4:e4:41:91:73:30:51:63:38:3b:
                    d7:3d:f5:36:1d:f3:80:d6:72:39:a6:7f:c8:8f:06:
                    00:51:98:fe:94:cf:79:42:3f:79:b7:f4:25:e4:0a:
                    01:e4:a7:f1:92:c8:61:c1:57:b0:0c:0b:8f:55:71:
                    ec:6b:d4:66:e1:04:86:94:27:13:fa:51:97:56:7d:
                    22:18:77:1d:85:cc:08:ad:95:8c:3e:78:ae:11:e5:
                    80:31:24:9e:58:db:f3:e3:e1:af:90:fc:24:be:a7:
                    87:b5:0c:d0:54:7d:e3:e6:52:f5:bd:c5:1c:cb:37:
                    fb:59:ac:36:28:e9:2b:86:ab:9f:e3:61:18:2c:e8:
                    22:4b:ce:d3:7a:1c:a0:33:82:fd:3c:34:e9:87:6a:
                    e3:7e:e8:b3:81:0a:7b:a2:d3:12:ee:05:5f:40:fd:
                    c0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:8A:DF:C7:50:63:62:67:9D:A5:4D:CE:C5:FE:5D:7F:4C:B0:33:50
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffc::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:77:6e:9e:d5:a7:c2:e2:f3:55:b0:59:17:6c:b7:9b:fd:25:
         85:0e:6b:28:18:f0:35:8e:cb:44:a8:36:37:91:e7:84:4e:c0:
         39:79:ae:ff:45:02:aa:cb:c9:70:4c:2c:e1:fa:ad:69:7a:5f:
         73:a6:ae:be:24:b6:2e:45:d3:9d:d7:e3:75:37:b4:60:fd:e6:
         8d:be:cb:89:f3:a7:77:22:07:04:67:58:f1:fe:dc:47:eb:43:
         26:77:f2:20:39:7f:4e:b2:f3:c2:85:7d:d9:bd:25:55:0f:41:
         ae:3c:aa:e7:b4:6f:46:3e:71:4d:0e:c2:2a:86:13:d7:cf:c2:
         ef:4b:88:4e:e9:c4:e0:ee:28:c8:9e:69:bf:92:27:f7:05:0a:
         18:4e:cb:cc:8d:c4:02:73:51:55:af:4c:a6:7a:77:27:f9:f3:
         28:82:04:3d:4b:54:f4:23:96:dd:88:8a:8c:b4:86:1c:39:19:
         9a:22:ad:f7:62:1c:59:35:13:0a:4e:05:2b:21:fe:8c:52:38:
         1e:e5:48:b7:72:5c:b6:12:c8:aa:41:61:b0:8e:5c:49:48:f2:
         e7:97:44:f2:87:43:31:05:34:b8:a7:a4:7e:00:eb:25:52:57:
         fd:57:3d:c8:3c:0e:95:9d:a2:b2:f7:af:2f:54:5c:9f:2d:d0:
         d3:a7:75:3b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUR3VjlCDKkFFE02D8YdnSdZEeX38wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwMzE3MTUxMDI5WhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MzNhOTdkYjM2ODBjMDYyNWE1MmI4Y2U1Y2IxMmYyMGI3
NmExNzg1YzNmM2EzNmExYTg2OTFjMzliMjU0ZDllMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZzICPAmjkMyvmE1ZmxXgX1SQ1qZzljWt1tSdX4Gp2Uski
RAlM8k7R4JIWtcwgh/rNOwe7r/h9ioWxao3KkLWWavGAxR5vsMlz5nMR5So19r6x
lvgwWiHTI0yK+uQixORBkXMwUWM4O9c99TYd84DWcjmmf8iPBgBRmP6Uz3lCP3m3
9CXkCgHkp/GSyGHBV7AMC49Vcexr1GbhBIaUJxP6UZdWfSIYdx2FzAitlYw+eK4R
5YAxJJ5Y2/Pj4a+Q/CS+p4e1DNBUfePmUvW9xRzLN/tZrDYo6SuGq5/jYRgs6CJL
ztN6HKAzgv08NOmHauN+6LOBCnui0xLuBV9A/cDjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULIrfx1BjYmedpU3Oxf5df0ywM1AwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzkxYTI3NTk0LWEwMzgtNDgzYS1hNTU4LWE1Mzc3ZjRkMjY2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//wwDQYJKoZIhvcNAQELBQADggEBADF3bp7Vp8Li81WwWRdst5v9
JYUOaygY8DWOy0SoNjeR54ROwDl5rv9FAqrLyXBMLOH6rWl6X3Omrr4kti5F053X
43U3tGD95o2+y4nzp3ciBwRnWPH+3EfrQyZ38iA5f06y88KFfdm9JVUPQa48que0
b0Y+cU0OwiqGE9fPwu9LiE7pxODuKMieab+SJ/cFChhOy8yNxAJzUVWvTKZ6dyf5
8yiCBD1LVPQjlt2Iioy0hhw5GZoirfdiHFk1EwpOBSsh/oxSOB7lSLdyXLYSyKpB
YbCOXElI8ueXRPKHQzEFNLinpH4A6yVSV/1XPcg8DpWdorL3ry9UXJ8t0NOndTs=
-----END CERTIFICATE-----