Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa
File:                     c518c762-ddbf-4352-b9b9-1484318adaa8.roa (raw, json)
Hash identifier:          tXtGfWXUY8wuNrrc35EuFATRSbLECyNJB0tej/OnzqY=
Subject key identifier:   4A:07:97:0F:A6:83:38:3A:35:27:73:E5:CD:CD:BE:99:07:57:EC:7F
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       2CC527C6C354C367061CCC5A8EBD33C2B95AE4CC
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa
Signing time:             Tue 04 Mar 2025 22:50:03 +0000
ROA not before:           Tue 04 Mar 2025 22:50:03 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:c940::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:c5:27:c6:c3:54:c3:67:06:1c:cc:5a:8e:bd:33:c2:b9:5a:e4:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Mar  4 22:50:03 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b4:4e:8a:03:d4:0c:3e:b0:b5:77:9c:d5:5b:
                    df:d7:a3:cc:9d:4e:ca:5f:b9:c3:f8:72:11:b5:45:
                    d5:ab:c1:86:64:4a:33:a2:4c:a9:fc:78:6d:9a:ad:
                    da:0e:32:8e:53:d3:8e:b9:37:15:55:aa:db:6e:b6:
                    74:51:ab:95:81:6e:cd:a6:53:74:2e:25:d8:dc:32:
                    a0:b0:49:1f:35:eb:a5:ac:a7:37:3f:d3:6a:ca:f5:
                    cc:ca:6d:18:98:92:0a:9f:bc:75:28:94:82:a3:9f:
                    e8:7e:90:bd:32:9e:59:52:77:f4:e1:e4:17:12:f5:
                    03:5d:26:15:de:c5:f3:ae:15:d6:63:7e:28:ff:61:
                    d7:bc:dc:2d:b8:b5:bb:5f:1c:d5:86:81:9f:1b:c8:
                    f4:5a:c5:2b:bc:ed:d0:4d:c1:51:9a:de:94:bf:4a:
                    bf:bb:14:d4:ec:4a:27:bd:f9:29:a7:e8:8f:4c:09:
                    1c:be:65:43:02:4c:e1:84:02:39:45:71:ab:f9:b2:
                    ed:54:f4:b7:a9:49:28:54:48:bd:2d:2e:79:e1:0c:
                    10:44:06:3d:84:a1:cd:1a:34:ad:4d:b3:75:bc:04:
                    84:41:88:2e:35:e5:45:99:70:df:37:ff:55:33:f7:
                    99:23:05:8a:37:68:e6:86:5c:9f:40:ca:e5:48:35:
                    75:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:07:97:0F:A6:83:38:3A:35:27:73:E5:CD:CD:BE:99:07:57:EC:7F
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         84:1e:2e:55:34:4e:f3:f8:f7:ec:99:b6:81:e2:17:a6:43:c6:
         58:95:e3:ea:35:22:82:4e:1d:58:0c:e2:ae:4e:c2:0b:75:d6:
         35:97:b9:32:fd:38:25:57:1c:56:0b:20:bd:9b:a2:8a:9a:7e:
         46:9f:c1:b2:f4:1b:ae:20:73:8d:65:73:f3:98:28:9a:43:3f:
         29:55:a2:d2:4f:21:c2:25:5f:35:a2:59:dc:48:d9:72:77:56:
         0f:4b:88:f3:70:6f:1a:b8:d9:58:0e:10:a2:76:43:a1:bb:6e:
         90:8f:f7:48:19:ff:b5:c3:b6:b5:1f:91:36:03:2a:24:b2:95:
         b4:62:03:45:e5:c0:20:68:30:34:0f:00:50:dc:f1:42:4a:f6:
         b5:34:bf:9d:8e:f9:ec:34:13:5d:b4:f4:21:f0:06:60:fd:77:
         ec:9f:ac:75:16:3f:b9:9e:e6:20:92:5b:c5:c9:2f:14:7f:38:
         74:aa:a7:30:d0:43:2c:89:a8:cb:ff:d5:a3:c0:be:54:a6:83:
         a2:71:93:14:bb:bd:ea:05:80:15:ad:3d:db:0c:14:28:1b:87:
         62:1b:0c:29:d4:e0:dc:e1:2f:55:91:82:15:33:d9:29:85:87:
         47:d8:78:2a:5f:33:c6:5f:12:ac:02:70:e2:b6:99:5a:65:f8:
         9a:39:a3:c8
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIULMUnxsNUw2cGHMxajr0zwrla5MwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjUwMzA0MjI1MDAzWhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjY2VjZjMwOTVkMGJkYmRjMTQ4YTg5ZTE2ZjA4OGQzMmEx
YTY4MDAxMDUxNDkxMjJkNTE0YmVhMzI5ZWQzNzQ4MS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbtE6KA9QMPrC1d5zVW9/Xo8ydTspfucP4chG1RdWrwYZk
SjOiTKn8eG2ardoOMo5T0465NxVVqttutnRRq5WBbs2mU3QuJdjcMqCwSR8166Ws
pzc/02rK9czKbRiYkgqfvHUolIKjn+h+kL0ynllSd/Th5BcS9QNdJhXexfOuFdZj
fij/Yde83C24tbtfHNWGgZ8byPRaxSu87dBNwVGa3pS/Sr+7FNTsSie9+Smn6I9M
CRy+ZUMCTOGEAjlFcav5su1U9LepSShUSL0tLnnhDBBEBj2Eoc0aNK1Ns3W8BIRB
iC415UWZcN83/1Uz95kjBYo3aOaGXJ9AyuVINXWfAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUSgeXD6aDODo1J3Plzc2+mQdX7H8wHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlL2M1MThjNzYyLWRkYmYtNDM1Mi1iOWI5LTE0ODQzMThhZGFhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQCEHi5VNE7z+PfsmbaB4hemQ8ZY
lePqNSKCTh1YDOKuTsILddY1l7ky/TglVxxWCyC9m6KKmn5Gn8Gy9BuuIHONZXPz
mCiaQz8pVaLSTyHCJV81olncSNlyd1YPS4jzcG8auNlYDhCidkOhu26Qj/dIGf+1
w7a1H5E2AyokspW0YgNF5cAgaDA0DwBQ3PFCSva1NL+djvnsNBNdtPQh8AZg/Xfs
n6x1Fj+5nuYgklvFyS8Ufzh0qqcw0EMsiajL/9WjwL5UpoOicZMUu73qBYAVrT3b
DBQoG4diGwwp1ODc4S9VkYIVM9kphYdH2HgqXzPGXxKsAnDitplaZfiaOaPI
-----END CERTIFICATE-----