Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa
File:                     100ca166-7317-4d78-8102-ea1dfe26d0e3.roa (raw, json)
Hash identifier:          x6ikewaxkeYtb+7nPTxikzFjaGDaQ+CIXtM+6abJyX0=
Subject key identifier:   BF:EF:40:81:F1:3B:52:57:88:DA:C3:3F:C1:77:6B:BE:4D:FB:9D:9E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       764AAD74585DE92BD8BD2ECA89D07B54F5FCB74D
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa
Signing time:             Tue 04 Mar 2025 23:10:05 +0000
ROA not before:           Tue 04 Mar 2025 23:10:05 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551a::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:4a:ad:74:58:5d:e9:2b:d8:bd:2e:ca:89:d0:7b:54:f5:fc:b7:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Mar  4 23:10:05 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:75:8e:44:50:b1:a5:3e:25:69:29:ca:46:ee:
                    c0:0e:a4:0f:ff:77:51:f2:c0:1c:99:9c:1b:81:fe:
                    2c:a6:4a:86:21:64:9f:12:31:34:3d:75:29:18:90:
                    e4:bb:5e:1a:42:be:11:70:16:09:de:ac:03:dc:60:
                    19:5f:3b:73:c7:5e:5e:8e:78:ca:81:78:1e:3a:7d:
                    c3:2a:7c:36:8e:17:30:b1:d8:db:53:7b:06:6b:9f:
                    07:e0:b3:70:c6:7b:eb:4a:17:4f:70:f4:eb:b1:b2:
                    3f:51:d8:7b:98:a6:51:f9:a9:40:af:61:51:c3:d6:
                    3f:b3:50:9e:e0:56:6d:a5:cd:e6:e3:78:bf:4d:3a:
                    dc:25:97:c1:43:1d:f5:18:a8:1c:d8:43:bc:b5:d0:
                    6f:49:f2:f3:9e:0e:ad:df:4d:71:92:f7:71:bf:b8:
                    88:bd:a0:f1:aa:50:44:6d:81:5d:99:53:66:03:a1:
                    a3:6d:6c:65:c6:48:c4:ae:d2:14:0d:ea:3c:cd:d8:
                    6e:81:ca:1b:9a:45:f0:ee:2d:a2:12:a8:c7:7a:94:
                    df:9a:d7:4c:01:c6:62:ac:ce:24:9a:45:11:1b:1d:
                    06:5a:55:dd:48:df:a9:f9:87:d9:01:fb:6b:d2:53:
                    be:c3:f1:40:f6:a7:2f:13:5c:d4:cd:c6:2a:3e:db:
                    7f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:EF:40:81:F1:3B:52:57:88:DA:C3:3F:C1:77:6B:BE:4D:FB:9D:9E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551a::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:26:98:a8:2b:10:e2:5f:ed:47:f6:66:4a:70:5c:b8:e2:68:
         b1:e1:dc:50:eb:71:08:21:82:e8:ba:18:23:9e:d6:77:b0:23:
         81:c5:c9:ef:bd:e9:9d:8d:27:8f:a9:57:46:81:b2:78:ba:b5:
         bf:3c:ad:cb:8d:b1:cc:f4:23:b0:df:e2:88:c2:f3:58:77:81:
         61:18:ea:de:42:47:46:0f:00:7d:cd:e7:cf:5d:a9:d5:f7:f7:
         b5:77:fb:8b:9d:b0:0b:3a:8d:b1:42:23:93:cb:19:a3:f7:b6:
         c5:2e:9c:c2:0d:16:54:69:ba:c4:ec:03:70:57:20:55:c0:cf:
         86:1e:f4:66:f7:62:c7:e6:98:84:14:e9:fd:e6:6a:41:74:28:
         d2:00:69:d7:95:8e:d3:de:00:76:ff:95:aa:8c:41:b7:9f:1e:
         9d:7f:b3:08:e6:4a:37:1e:be:74:72:39:6b:44:1b:70:92:b7:
         47:63:b6:02:05:cb:fe:97:b8:41:f9:7e:a5:be:ee:a3:eb:42:
         dc:ae:08:4a:4b:97:0e:46:44:0e:53:e5:72:4c:76:c0:00:00:
         dd:c9:ae:82:6b:35:6f:77:cd:77:5e:72:a3:88:91:93:62:35:
         c6:9d:33:a9:2c:76:64:29:1a:6f:09:0b:74:d5:9e:1c:bb:ef:
         d3:f4:b7:9c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdkqtdFhd6SvYvS7KidB7VPX8t00wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzA0MjMxMDA1WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZGYwZTU2ZGVmZTRkNDBiNDg3YmUxMGRiODRlODFmMDRk
N2U4NmVjZjVhYWI3YTJlZjEyODViZTYwYTNlNTc2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOdY5EULGlPiVpKcpG7sAOpA//d1HywByZnBuB/iymSoYh
ZJ8SMTQ9dSkYkOS7XhpCvhFwFgnerAPcYBlfO3PHXl6OeMqBeB46fcMqfDaOFzCx
2NtTewZrnwfgs3DGe+tKF09w9Ouxsj9R2HuYplH5qUCvYVHD1j+zUJ7gVm2lzebj
eL9NOtwll8FDHfUYqBzYQ7y10G9J8vOeDq3fTXGS93G/uIi9oPGqUERtgV2ZU2YD
oaNtbGXGSMSu0hQN6jzN2G6ByhuaRfDuLaISqMd6lN+a10wBxmKsziSaRREbHQZa
Vd1I36n5h9kB+2vSU77D8UD2py8TXNTNxio+238fAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUv+9AgfE7UleI2sM/wXdrvk37nZ4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzEwMGNhMTY2LTczMTctNGQ3OC04MTAyLWVhMWRmZTI2ZDBlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRowDQYJKoZIhvcNAQELBQADggEBAGAmmKgrEOJf7Uf2ZkpwXLji
aLHh3FDrcQghgui6GCOe1newI4HFye+96Z2NJ4+pV0aBsni6tb88rcuNscz0I7Df
4ojC81h3gWEY6t5CR0YPAH3N589dqdX397V3+4udsAs6jbFCI5PLGaP3tsUunMIN
FlRpusTsA3BXIFXAz4Ye9Gb3YsfmmIQU6f3makF0KNIAadeVjtPeAHb/laqMQbef
Hp1/swjmSjcevnRyOWtEG3CSt0djtgIFy/6XuEH5fqW+7qPrQtyuCEpLlw5GRA5T
5XJMdsAAAN3JroJrNW93zXdecqOIkZNiNcadM6ksdmQpGm8JC3TVnhy779P0t5w=
-----END CERTIFICATE-----