Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6632e911-ee11-4bc9-a573-00ef83fd31d7.roa
File:                     6632e911-ee11-4bc9-a573-00ef83fd31d7.roa (raw, json)
Hash identifier:          vmt8pspfqvh9noqQT+Wsz10vGQP9WRHCko0LBEJn3HY=
Subject key identifier:   23:8F:2E:0C:51:75:74:7B:C1:06:DB:89:E6:FC:A2:27:A4:FD:CF:89
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4AC4BFA923D9C14A1E8EB960CEED1D75EE3713CD
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6632e911-ee11-4bc9-a573-00ef83fd31d7.roa
Signing time:             Tue 04 Mar 2025 23:20:32 +0000
ROA not before:           Tue 04 Mar 2025 23:20:32 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6000::/44 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:c4:bf:a9:23:d9:c1:4a:1e:8e:b9:60:ce:ed:1d:75:ee:37:13:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Mar  4 23:20:32 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:8a:34:a3:c3:45:29:28:d6:31:4f:fb:27:40:
                    83:88:b1:8b:a1:1c:e3:f0:31:86:e5:d9:f7:df:05:
                    cd:ef:a7:7f:dd:53:db:fb:7e:ad:ee:63:95:41:56:
                    32:ef:72:fd:b0:f9:56:0f:12:8c:b1:33:3a:a4:15:
                    36:cf:68:ac:f9:f8:b3:37:bf:c1:b5:34:88:98:71:
                    e1:89:1b:d5:57:10:d1:e4:26:c1:30:4b:40:83:e9:
                    1d:71:fd:2a:c5:ba:8b:d3:da:a9:c0:db:f4:6e:ab:
                    13:f8:15:12:38:e1:6d:03:c1:27:dd:f5:3b:a1:9b:
                    c2:20:b7:4d:55:5b:f7:ba:e1:ac:d3:78:53:8c:07:
                    06:71:f4:a1:79:7c:7a:09:d8:01:67:0f:77:80:99:
                    cf:d4:00:fd:4f:cf:39:43:d3:dc:a8:01:57:a2:3e:
                    5f:01:42:f3:e3:b0:86:5d:97:f4:7e:a1:db:60:95:
                    da:c8:b4:24:d0:26:8d:d6:b2:39:94:b8:1f:c2:74:
                    06:e1:19:c5:15:c7:23:22:d6:58:49:a2:f4:6b:51:
                    c5:05:9b:0b:e0:8e:f7:18:42:b1:ab:52:bb:3b:c1:
                    d1:8a:e6:5d:3d:0b:68:95:86:15:4c:53:cc:fc:07:
                    87:35:e4:91:3a:b8:26:ea:32:5c:f5:0c:be:6b:7b:
                    4a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:8F:2E:0C:51:75:74:7B:C1:06:DB:89:E6:FC:A2:27:A4:FD:CF:89
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6632e911-ee11-4bc9-a573-00ef83fd31d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6000::/44

    Signature Algorithm: sha256WithRSAEncryption
         68:4e:15:d0:7c:d3:a9:e3:48:b4:c6:7b:2d:ba:08:5d:b1:62:
         f2:c8:d9:1f:bd:82:43:9d:a1:62:31:0b:81:fc:c2:63:2a:c5:
         ab:2c:d1:f4:8d:61:7b:0f:7e:a0:fd:69:cd:a4:04:84:a3:58:
         b1:a4:c5:ae:15:20:93:e1:1a:82:6f:05:c2:e5:7b:3f:40:54:
         1c:97:33:4e:03:fe:5b:ee:fe:3c:fe:f9:24:e4:59:0f:72:43:
         68:f2:5b:f5:6e:0b:ca:d0:3e:d2:74:57:56:b7:c1:fe:55:61:
         40:06:fa:f4:c0:9e:b3:b9:f3:ab:c3:b8:d7:d3:87:47:55:56:
         a5:d5:40:92:65:39:e7:ec:e2:fe:46:2f:19:fc:50:f8:0a:c5:
         20:bf:c8:34:0f:f5:08:29:1a:67:3a:a4:fd:4d:bb:dd:58:70:
         f6:ee:ff:6c:fe:6d:81:39:16:a9:02:22:cd:70:ba:e1:2e:93:
         95:35:13:ac:a2:4b:be:98:d1:f7:dd:b3:8d:04:ec:22:c1:28:
         eb:5e:27:20:44:48:d3:58:83:1d:21:b7:b0:9c:24:71:21:06:
         f5:d6:c9:08:5d:04:a1:e4:e0:43:eb:f4:4f:19:68:72:8b:46:
         c0:6f:c8:7e:8d:be:3f:f1:1e:7e:60:fe:fa:7f:09:93:5c:72:
         78:13:7e:6d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSsS/qSPZwUoejrlgzu0dde43E80wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzA0MjMyMDMyWhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYTM3ZTllNDcyNzU5MDY3MmNiNDM1MDExYTQxM2FlOTNk
NTc0OTJkNmE4MmMzNTdkYmRlN2UwNDhlNzFiNDFkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkijSjw0UpKNYxT/snQIOIsYuhHOPwMYbl2fffBc3vp3/d
U9v7fq3uY5VBVjLvcv2w+VYPEoyxMzqkFTbPaKz5+LM3v8G1NIiYceGJG9VXENHk
JsEwS0CD6R1x/SrFuovT2qnA2/RuqxP4FRI44W0DwSfd9Tuhm8Igt01VW/e64azT
eFOMBwZx9KF5fHoJ2AFnD3eAmc/UAP1PzzlD09yoAVeiPl8BQvPjsIZdl/R+odtg
ldrItCTQJo3WsjmUuB/CdAbhGcUVxyMi1lhJovRrUcUFmwvgjvcYQrGrUrs7wdGK
5l09C2iVhhVMU8z8B4c15JE6uCbqMlz1DL5re0pNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUI48uDFF1dHvBBtuJ5vyiJ6T9z4kwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzY2MzJlOTExLWVlMTEtNGJjOS1hNTczLTAwZWY4M2ZkMzFkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwYAAwDQYJKoZIhvcNAQELBQADggEBAGhOFdB806njSLTGey26CF2x
YvLI2R+9gkOdoWIxC4H8wmMqxass0fSNYXsPfqD9ac2kBISjWLGkxa4VIJPhGoJv
BcLlez9AVByXM04D/lvu/jz++STkWQ9yQ2jyW/VuC8rQPtJ0V1a3wf5VYUAG+vTA
nrO586vDuNfTh0dVVqXVQJJlOefs4v5GLxn8UPgKxSC/yDQP9QgpGmc6pP1Nu91Y
cPbu/2z+bYE5FqkCIs1wuuEuk5U1E6yiS76Y0ffds40E7CLBKOteJyBESNNYgx0h
t7CcJHEhBvXWyQhdBKHk4EPr9E8ZaHKLRsBvyH6Nvj/xHn5g/vp/CZNccngTfm0=
-----END CERTIFICATE-----