Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c319ba0a-ea65-46fe-845d-c4e2bb1f097e.roa
File:                     c319ba0a-ea65-46fe-845d-c4e2bb1f097e.roa (raw, json)
Hash identifier:          WTGMzO0/LN/4wF934d2z0wSwGP/ya19eT+VxxN3hNKw=
Subject key identifier:   EB:1D:28:97:21:A9:2A:88:42:3E:72:E8:6C:36:D8:43:E1:97:C5:BF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       06508D6BF01F6C4715E682E81B5EEE29E430154E
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c319ba0a-ea65-46fe-845d-c4e2bb1f097e.roa
Signing time:             Mon 17 Mar 2025 15:20:24 +0000
ROA not before:           Mon 17 Mar 2025 15:20:24 +0000
ROA not after:            Mon 21 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:648::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:50:8d:6b:f0:1f:6c:47:15:e6:82:e8:1b:5e:ee:29:e4:30:15:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 17 15:20:24 2025 GMT
            Not After : Apr 21 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:80:60:1b:5b:c7:54:fa:14:d9:69:93:fb:55:
                    d3:87:2a:4b:91:9a:fb:ea:41:2c:5b:82:54:2e:d4:
                    4e:42:b7:49:67:96:88:6e:30:d4:ac:e1:c6:5a:12:
                    cf:65:d9:d8:2d:c5:b6:e0:16:a0:d7:b5:31:1b:15:
                    d7:50:8e:08:10:55:1b:9b:9f:60:9b:9c:04:d9:6a:
                    52:74:1b:f6:9e:f1:e7:e2:95:c6:dd:3e:ff:43:8d:
                    54:4e:c0:8e:87:90:5c:a9:81:29:d5:77:5a:01:ee:
                    82:77:3a:43:da:44:d1:1d:5f:1a:d8:d4:1b:c3:28:
                    21:88:df:48:42:ca:4b:03:5b:1e:35:2e:f6:1f:ca:
                    e7:3f:cd:11:26:de:a4:8e:aa:24:99:31:d4:d0:51:
                    30:25:e5:d3:2a:24:c0:51:cd:49:af:85:2f:0d:2b:
                    c7:b1:93:2d:11:ea:af:8d:06:4a:f2:fb:a9:27:e2:
                    ea:b9:0e:27:5b:dd:92:92:df:c6:da:cf:ba:dc:bc:
                    76:e8:42:a5:64:a7:cd:35:eb:6f:32:dc:0e:b6:af:
                    aa:26:7b:d9:74:8a:27:5b:d1:3a:ce:c7:10:39:75:
                    78:56:8f:79:c6:b8:79:08:39:7c:f5:80:7c:36:9a:
                    27:a8:9a:a8:ed:3d:90:00:58:c1:4f:5a:c9:9e:3e:
                    50:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:1D:28:97:21:A9:2A:88:42:3E:72:E8:6C:36:D8:43:E1:97:C5:BF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c319ba0a-ea65-46fe-845d-c4e2bb1f097e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:648::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:3a:b3:b6:94:e8:31:c3:72:08:e8:57:68:30:b1:c7:9d:de:
         06:ba:2b:2d:0c:74:d1:6e:b1:54:c4:bf:8a:66:1a:ba:09:f4:
         4f:ae:15:0a:1a:67:ff:16:46:bb:72:62:31:5b:fe:1c:1b:26:
         f1:e3:8c:31:1e:5f:9d:06:94:51:7f:c5:f4:ec:bb:dd:3e:2d:
         d3:d6:46:47:8e:85:de:bb:b2:5a:cb:e1:34:d4:ce:00:25:93:
         15:73:a5:05:02:9a:b0:5a:36:c5:8d:14:9e:e4:d6:01:d8:48:
         21:b9:3b:b5:f1:29:37:c1:67:a9:e9:b4:97:b2:83:82:e9:b9:
         2d:36:0f:d9:e9:ce:7f:b0:cd:70:10:d8:d8:18:03:a0:14:c5:
         a4:90:b5:36:33:eb:7b:1b:25:41:b0:aa:d5:16:2f:53:f2:03:
         cc:a8:b4:ef:3f:5f:27:c8:62:c7:d7:22:4f:eb:07:bd:81:c2:
         6e:28:fc:4c:75:99:a3:e3:b0:24:5c:dc:d3:53:3b:bc:bb:1d:
         d7:9f:ef:b5:3f:90:af:72:eb:a8:1c:e4:ca:59:36:8d:d9:ab:
         e2:4e:55:e1:00:0b:5a:fb:b8:84:38:76:59:57:2c:31:d0:1f:
         aa:6a:1d:64:9f:98:fa:94:3c:08:e9:bd:49:6c:b8:79:55:53:
         e7:4e:68:ad
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBlCNa/AfbEcV5oLoG17uKeQwFU4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzE3MTUyMDI0WhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjFjOGQzNGQ0MWU3YmYyM2VjZTA4OWQ2NWZkYTM1Mzdj
ZjY0MGFiNzY1YTVjZDg4MDFjYWI0YjRiM2M3MTM0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCngGAbW8dU+hTZaZP7VdOHKkuRmvvqQSxbglQu1E5Ct0ln
lohuMNSs4cZaEs9l2dgtxbbgFqDXtTEbFddQjggQVRubn2CbnATZalJ0G/ae8efi
lcbdPv9DjVROwI6HkFypgSnVd1oB7oJ3OkPaRNEdXxrY1BvDKCGI30hCyksDWx41
LvYfyuc/zREm3qSOqiSZMdTQUTAl5dMqJMBRzUmvhS8NK8exky0R6q+NBkry+6kn
4uq5Didb3ZKS38baz7rcvHboQqVkp801628y3A62r6ome9l0iidb0TrOxxA5dXhW
j3nGuHkIOXz1gHw2mieomqjtPZAAWMFPWsmePlBVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6x0olyGpKohCPnLobDbYQ+GXxb8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2MzMTliYTBhLWVhNjUtNDZmZS04NDVkLWM0ZTJiYjFmMDk3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkgwDQYJKoZIhvcNAQELBQADggEBAEM6s7aU6DHDcgjoV2gwsced
3ga6Ky0MdNFusVTEv4pmGroJ9E+uFQoaZ/8WRrtyYjFb/hwbJvHjjDEeX50GlFF/
xfTsu90+LdPWRkeOhd67slrL4TTUzgAlkxVzpQUCmrBaNsWNFJ7k1gHYSCG5O7Xx
KTfBZ6nptJeyg4LpuS02D9npzn+wzXAQ2NgYA6AUxaSQtTYz63sbJUGwqtUWL1Py
A8yotO8/XyfIYsfXIk/rB72Bwm4o/Ex1maPjsCRc3NNTO7y7Hdef77U/kK9y66gc
5MpZNo3Zq+JOVeEAC1r7uIQ4dllXLDHQH6pqHWSfmPqUPAjpvUlsuHlVU+dOaK0=
-----END CERTIFICATE-----