Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bb75fc4b-0627-4c79-b591-308eee344e77.roa
File:                     bb75fc4b-0627-4c79-b591-308eee344e77.roa (raw, json)
Hash identifier:          2BL5QgkQQwHyiq3J64j6tjT1sJGUrvBHWGzFqNSBA48=
Subject key identifier:   65:05:BB:9D:0B:8F:E6:C4:B6:D0:32:3B:7D:70:3F:4F:29:E7:62:F0
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6FE3902C9B26F6C0DCFA303EBE710888570C5533
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bb75fc4b-0627-4c79-b591-308eee344e77.roa
Signing time:             Fri 07 Mar 2025 15:00:59 +0000
ROA not before:           Fri 07 Mar 2025 15:00:59 +0000
ROA not after:            Fri 11 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:610::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:e3:90:2c:9b:26:f6:c0:dc:fa:30:3e:be:71:08:88:57:0c:55:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar  7 15:00:59 2025 GMT
            Not After : Apr 11 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:52:31:ec:8b:97:9f:6d:62:c1:26:62:49:dd:
                    af:47:0d:f9:e7:29:15:64:ee:db:b9:b7:ed:5e:b0:
                    ae:46:dd:cf:6d:87:51:f4:e0:34:d3:33:aa:ee:f2:
                    3f:f6:8c:cc:58:69:ff:18:27:77:75:0b:be:9a:a3:
                    f8:9e:8d:29:02:5c:55:97:e9:e9:44:3d:84:cd:44:
                    ac:5d:30:90:aa:fa:b0:47:f3:b6:77:24:6b:18:1d:
                    5a:4b:9f:1b:7c:13:e8:7c:94:da:ab:fe:7e:34:c6:
                    dd:ad:cf:22:77:60:f9:fc:be:2e:62:2c:da:0e:fe:
                    77:09:2a:fa:98:39:b4:e6:5c:f0:1c:a3:a0:f8:2a:
                    8d:01:8d:d8:32:44:dd:be:23:3a:0e:25:e2:d1:ba:
                    22:8b:bf:32:d0:86:e1:8f:b7:db:07:78:21:36:ec:
                    2e:85:bb:39:14:ae:99:18:d1:2b:af:04:9c:a0:cc:
                    90:18:e0:0b:30:22:0a:10:9c:29:a0:d0:f2:b8:18:
                    f6:2c:69:ea:9c:8f:f4:6b:5e:57:26:3e:b0:32:43:
                    d2:be:b0:5f:25:88:ec:68:91:ac:e1:77:f8:44:12:
                    7e:55:f1:96:fc:0e:e0:bf:a8:85:17:fe:7c:8a:11:
                    15:19:de:d7:53:b4:e0:c6:5a:40:48:a1:52:86:5e:
                    6b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:05:BB:9D:0B:8F:E6:C4:B6:D0:32:3B:7D:70:3F:4F:29:E7:62:F0
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bb75fc4b-0627-4c79-b591-308eee344e77.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:610::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:b2:13:89:b3:d2:78:1f:7f:ef:9d:20:19:23:22:86:5e:68:
         91:6f:cc:8d:74:1f:63:d5:a9:e6:ac:2f:1a:64:55:f6:fd:44:
         3a:17:cd:99:a2:de:24:89:ac:2a:dd:0c:da:6f:d6:9c:75:47:
         66:22:5a:be:e4:3e:f3:77:80:8f:85:b4:bd:41:32:a3:48:ca:
         42:56:7f:c4:47:a4:2b:f5:3f:5a:ca:97:08:2f:72:54:50:f5:
         83:9f:5d:d5:e8:7a:02:f2:e3:4e:d9:6c:d4:b8:8a:fe:ba:f7:
         f5:db:7e:2f:f7:e1:d7:90:21:c9:71:d3:ac:1e:62:8b:1c:f6:
         5e:16:e6:1b:69:78:6e:a1:4a:a1:1e:39:7d:a9:de:f2:a2:b0:
         b8:03:2d:64:61:ef:37:ef:c1:73:cb:b3:e4:d1:8e:60:ee:6d:
         f3:46:ae:2b:4f:4b:90:32:b0:09:80:72:e4:42:06:78:eb:90:
         95:6c:f0:74:aa:be:ab:bc:35:13:87:7c:b9:0a:7b:e3:ae:1a:
         d2:80:33:9d:e6:25:87:76:7b:65:3e:d4:e6:6b:ec:f5:6f:6b:
         aa:a9:1c:b5:26:78:d5:a3:ae:a0:38:a3:17:ed:57:de:c3:3d:
         f3:10:26:83:1e:0f:3f:99:59:49:3c:ca:87:a5:16:3d:74:de:
         e4:56:ac:16
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUb+OQLJsm9sDc+jA+vnEIiFcMVTMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzA3MTUwMDU5WhcNMjUwNDExMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTYyZTQwMTgxOWRmOTRlZTVkMWNhZDkxMmE5ZjU2Yjc1
MzIzNjNjZWM4M2U5OGNkZTU0ZDZiY2UxN2FjMmFkMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJUjHsi5efbWLBJmJJ3a9HDfnnKRVk7tu5t+1esK5G3c9t
h1H04DTTM6ru8j/2jMxYaf8YJ3d1C76ao/iejSkCXFWX6elEPYTNRKxdMJCq+rBH
87Z3JGsYHVpLnxt8E+h8lNqr/n40xt2tzyJ3YPn8vi5iLNoO/ncJKvqYObTmXPAc
o6D4Ko0BjdgyRN2+IzoOJeLRuiKLvzLQhuGPt9sHeCE27C6FuzkUrpkY0SuvBJyg
zJAY4AswIgoQnCmg0PK4GPYsaeqcj/RrXlcmPrAyQ9K+sF8liOxokazhd/hEEn5V
8Zb8DuC/qIUX/nyKERUZ3tdTtODGWkBIoVKGXmtLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZQW7nQuP5sS20DI7fXA/TynnYvAwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2JiNzVmYzRiLTA2MjctNGM3OS1iNTkxLTMwOGVlZTM0NGU3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABhAwDQYJKoZIhvcNAQELBQADggEBAAOyE4mz0ngff++dIBkjIoZe
aJFvzI10H2PVqeasLxpkVfb9RDoXzZmi3iSJrCrdDNpv1px1R2YiWr7kPvN3gI+F
tL1BMqNIykJWf8RHpCv1P1rKlwgvclRQ9YOfXdXoegLy407ZbNS4iv669/Xbfi/3
4deQIclx06weYosc9l4W5htpeG6hSqEeOX2p3vKisLgDLWRh7zfvwXPLs+TRjmDu
bfNGritPS5AysAmAcuRCBnjrkJVs8HSqvqu8NROHfLkKe+OuGtKAM53mJYd2e2U+
1OZr7PVva6qpHLUmeNWjrqA4oxftV97DPfMQJoMeDz+ZWUk8yoelFj103uRWrBY=
-----END CERTIFICATE-----