Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/89848d84-ccf0-40c8-b12a-ac4d8910d997.roa
File:                     89848d84-ccf0-40c8-b12a-ac4d8910d997.roa (raw, json)
Hash identifier:          6KGHTmchkpBGXAX4wv1fB2jhXBGmjNk+kSdklNsD6Po=
Subject key identifier:   20:8B:8A:77:21:31:38:29:47:65:51:88:56:AF:8A:6E:B2:C1:E9:8A
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5088999EF03FC939DE9008E016F8184D2C9722E9
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/89848d84-ccf0-40c8-b12a-ac4d8910d997.roa
Signing time:             Tue 04 Mar 2025 22:40:44 +0000
ROA not before:           Tue 04 Mar 2025 22:40:44 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:3a7::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:88:99:9e:f0:3f:c9:39:de:90:08:e0:16:f8:18:4d:2c:97:22:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar  4 22:40:44 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1a:67:3b:07:ba:22:23:e1:d4:01:1f:c2:aa:
                    ff:3b:59:db:e5:79:98:d7:de:43:f0:9d:3c:45:8c:
                    31:16:c5:36:05:ff:7e:83:36:ae:c1:4e:8e:39:3d:
                    f2:b6:c6:d2:92:d1:50:56:76:90:04:3d:72:7c:68:
                    93:91:93:d9:de:d3:18:f8:2f:0b:dc:b8:bd:97:63:
                    16:81:cb:39:b4:da:23:9c:ac:44:80:bc:b6:81:da:
                    f3:60:2c:19:ec:85:c4:75:da:85:46:94:81:ec:84:
                    ab:a1:8d:8e:9b:38:0c:10:a3:66:e8:df:e6:2c:38:
                    34:3e:ab:9d:70:77:eb:f5:9a:35:2e:72:2d:ba:ae:
                    92:e4:c7:75:32:6f:c5:1d:ed:1a:53:6d:40:33:e8:
                    b8:a2:c1:46:66:77:cc:dc:0c:bc:f8:73:55:43:70:
                    13:96:76:e1:8b:51:45:0e:c3:5b:07:fd:56:6e:98:
                    26:e5:af:ac:43:3c:70:db:04:56:93:1f:98:f8:60:
                    b4:a2:de:5d:94:75:52:98:de:24:35:83:df:c3:d6:
                    21:9b:1f:61:a2:94:43:c5:97:df:40:51:7c:31:f2:
                    00:32:86:d6:71:fc:b8:24:cc:b3:d9:55:11:f1:3a:
                    7e:57:98:6c:74:e0:9f:e0:31:85:9c:27:64:f7:15:
                    51:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:8B:8A:77:21:31:38:29:47:65:51:88:56:AF:8A:6E:B2:C1:E9:8A
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/89848d84-ccf0-40c8-b12a-ac4d8910d997.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:3a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:5c:08:99:f4:a1:71:2b:db:bc:ac:fb:43:8f:12:8d:55:9b:
         e2:4a:7b:1b:8c:4c:a1:c2:ed:5e:e6:71:39:73:77:a4:06:0d:
         fb:81:d9:30:72:34:9e:d7:b6:a5:f4:52:03:e7:20:c5:2a:24:
         2c:30:3c:01:fd:39:5f:e0:d4:ad:56:78:8c:58:2b:1b:97:67:
         1d:a4:77:b5:8c:55:87:cc:fd:af:b0:23:a2:08:50:88:53:70:
         73:2c:00:d4:26:51:2a:40:9f:59:1d:f2:d1:b2:06:37:f4:aa:
         9b:63:d7:97:8d:c0:fc:a1:d6:a5:a8:90:c3:1e:79:0a:4e:90:
         e7:35:d8:29:a5:40:98:5b:f7:a3:11:45:90:50:73:5f:27:c8:
         18:e3:38:72:5f:d9:31:bb:5b:8c:d4:ac:c7:e1:5d:9f:0c:53:
         fb:23:a9:9f:97:55:ba:5d:6d:e8:a7:ad:af:b5:9a:3c:08:99:
         d9:83:19:c3:52:65:3d:e6:ab:16:b8:ef:50:ae:b5:71:9e:4c:
         a8:8e:43:d9:62:e5:2d:43:08:db:20:82:5a:7e:ec:de:c3:34:
         c3:9a:7e:f9:18:26:2b:5d:ac:19:f0:13:42:66:32:6f:e2:6d:
         c5:68:a0:2c:b9:5c:9b:6d:ca:ef:a7:73:95:ab:40:f9:a4:1b:
         82:7d:46:ee
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUIiZnvA/yTnekAjgFvgYTSyXIukwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzA0MjI0MDQ0WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGVkNzY2ODZlMjg1MTFlZjJkNGZiOGU0MWEyMmI0OTA2
MmM3NWYzMmMwNjg0ZDk3OWQ0MWIzMzE4NDRiNWVjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTGmc7B7oiI+HUAR/Cqv87WdvleZjX3kPwnTxFjDEWxTYF
/36DNq7BTo45PfK2xtKS0VBWdpAEPXJ8aJORk9ne0xj4LwvcuL2XYxaByzm02iOc
rESAvLaB2vNgLBnshcR12oVGlIHshKuhjY6bOAwQo2bo3+YsODQ+q51wd+v1mjUu
ci26rpLkx3Uyb8Ud7RpTbUAz6LiiwUZmd8zcDLz4c1VDcBOWduGLUUUOw1sH/VZu
mCblr6xDPHDbBFaTH5j4YLSi3l2UdVKY3iQ1g9/D1iGbH2GilEPFl99AUXwx8gAy
htZx/LgkzLPZVRHxOn5XmGx04J/gMYWcJ2T3FVGJAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUIIuKdyExOClHZVGIVq+KbrLB6YowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzg5ODQ4ZDg0LWNjZjAtNDBjOC1iMTJhLWFjNGQ4OTEwZDk5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA6cwDQYJKoZIhvcNAQELBQADggEBADZcCJn0oXEr27ys+0OPEo1V
m+JKexuMTKHC7V7mcTlzd6QGDfuB2TByNJ7XtqX0UgPnIMUqJCwwPAH9OV/g1K1W
eIxYKxuXZx2kd7WMVYfM/a+wI6IIUIhTcHMsANQmUSpAn1kd8tGyBjf0qptj15eN
wPyh1qWokMMeeQpOkOc12CmlQJhb96MRRZBQc18nyBjjOHJf2TG7W4zUrMfhXZ8M
U/sjqZ+XVbpdbeinra+1mjwImdmDGcNSZT3mqxa471CutXGeTKiOQ9li5S1DCNsg
glp+7N7DNMOafvkYJitdrBnwE0JmMm/ibcVooCy5XJttyu+nc5WrQPmkG4J9Ru4=
-----END CERTIFICATE-----