Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bedec2c-6f22-4399-a4c7-a5fe37e86127.roa
File:                     0bedec2c-6f22-4399-a4c7-a5fe37e86127.roa (raw, json)
Hash identifier:          BH/dqzWrj7uq7QVm3y6EzjHpDQjAqdJ2r7YtkhRMIYo=
Subject key identifier:   C2:EF:D4:A9:E3:62:7E:D4:CD:23:CD:87:17:2D:32:66:88:55:13:48
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       245B67AC774EBD32E682C75FFDE246B7DA96564D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bedec2c-6f22-4399-a4c7-a5fe37e86127.roa
Signing time:             Tue 15 Apr 2025 00:12:00 +0000
ROA not before:           Tue 15 Apr 2025 00:12:00 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:e000::/40 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:5b:67:ac:77:4e:bd:32:e6:82:c7:5f:fd:e2:46:b7:da:96:56:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 15 00:12:00 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=9582acf4528c53ec6441f06e142998798d673ea61588b984469e41f9ebb12e3b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3a:60:14:14:02:55:3e:7c:24:8e:61:18:82:
                    22:38:79:f1:5f:f0:1d:08:0a:94:1e:2f:4e:1f:a3:
                    03:13:5b:53:88:bc:8f:0a:3d:03:ff:ea:de:2d:82:
                    e9:0e:2a:a6:ca:d8:f3:30:a3:99:b8:b1:ca:dc:7e:
                    70:6a:49:e4:19:73:36:71:39:14:68:24:24:1e:ea:
                    f7:66:5d:2e:d8:54:fe:be:8c:13:0f:c1:c7:ee:e6:
                    6a:3c:e9:87:25:7b:f5:78:f0:97:d2:ef:7b:3e:df:
                    5a:e0:b2:fa:2f:ae:a2:5b:f5:8b:5c:96:ab:31:4c:
                    f1:36:e5:a6:e1:84:9b:d9:fb:dc:53:a0:af:52:d0:
                    fc:d2:a8:e4:a4:1d:57:ca:8f:3c:39:d4:1d:56:d3:
                    30:ab:a3:29:e3:46:3e:44:16:30:23:6e:5b:9b:f4:
                    61:e5:f0:ed:ee:82:1e:dd:32:1b:ec:9d:ba:9e:00:
                    b2:db:ce:26:9e:88:c6:20:ee:4d:8b:9c:a6:97:48:
                    f4:85:b2:21:e5:9f:e4:83:96:e4:37:41:35:f9:fb:
                    ca:e5:4a:34:5c:93:72:af:31:d9:c5:c4:9c:50:de:
                    be:49:64:3b:4f:44:78:21:a9:f0:1c:3b:12:8e:70:
                    10:9d:f8:94:d2:6d:b8:f6:55:f0:ac:4b:c6:c5:3b:
                    82:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:EF:D4:A9:E3:62:7E:D4:CD:23:CD:87:17:2D:32:66:88:55:13:48
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bedec2c-6f22-4399-a4c7-a5fe37e86127.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         1f:41:dc:bb:f2:d7:d2:10:23:22:34:00:2e:d2:6f:51:20:ce:
         d7:54:ff:6c:57:4f:45:12:08:87:10:b8:60:44:6c:22:f7:5e:
         74:81:50:ad:b7:ce:1b:60:c1:f8:7c:4e:61:1c:17:c9:1d:8b:
         3b:1a:e3:37:52:92:79:f2:a4:ff:42:f2:41:7e:35:f4:d8:d0:
         06:29:30:d8:c4:7d:42:43:e6:c3:06:89:5d:e7:21:d9:98:ce:
         2b:92:e5:ee:99:ad:36:9a:79:1c:fa:aa:3b:e3:0c:8a:1e:af:
         71:da:91:1f:5a:36:16:0c:03:cd:19:8f:3a:ac:84:e6:12:ea:
         59:40:b8:c9:f6:35:3a:6e:25:6a:4b:8a:69:3d:38:2a:70:71:
         cd:5b:6b:e4:27:e0:2e:f9:49:b7:d8:ba:e0:cf:43:a2:45:f1:
         52:08:c3:3e:50:ae:ff:94:4b:a0:df:4d:c7:5c:5a:98:55:23:
         c6:9b:b3:a4:b4:e7:50:ff:48:2f:36:e0:d9:bf:8d:3c:17:85:
         c2:38:8e:ec:de:b2:ff:27:c0:44:bb:83:fd:2e:4d:32:c2:39:
         ec:a5:d1:f8:fc:8e:46:cf:9c:c5:aa:2f:40:17:97:26:70:e4:
         99:fa:96:31:3a:de:a4:30:65:fb:ef:c8:6f:87:ad:92:2a:53:
         cf:92:69:91
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJFtnrHdOvTLmgsdf/eJGt9qWVk0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE1MDAxMjAwWhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTgyYWNmNDUyOGM1M2VjNjQ0MWYwNmUxNDI5OTg3OThk
NjczZWE2MTU4OGI5ODQ0NjllNDFmOWViYjEyZTNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZOmAUFAJVPnwkjmEYgiI4efFf8B0ICpQeL04fowMTW1OI
vI8KPQP/6t4tgukOKqbK2PMwo5m4scrcfnBqSeQZczZxORRoJCQe6vdmXS7YVP6+
jBMPwcfu5mo86Ycle/V48JfS73s+31rgsvovrqJb9YtclqsxTPE25abhhJvZ+9xT
oK9S0PzSqOSkHVfKjzw51B1W0zCroynjRj5EFjAjblub9GHl8O3ugh7dMhvsnbqe
ALLbziaeiMYg7k2LnKaXSPSFsiHln+SDluQ3QTX5+8rlSjRck3KvMdnFxJxQ3r5J
ZDtPRHghqfAcOxKOcBCd+JTSbbj2VfCsS8bFO4KxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUwu/UqeNiftTNI82HFy0yZohVE0gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBiZWRlYzJjLTZmMjItNDM5OS1hNGM3LWE1ZmUzN2U4NjEyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9g4DANBgkqhkiG9w0BAQsFAAOCAQEAH0Hcu/LX0hAjIjQALtJvUSDO
11T/bFdPRRIIhxC4YERsIvdedIFQrbfOG2DB+HxOYRwXyR2LOxrjN1KSefKk/0Ly
QX419NjQBikw2MR9QkPmwwaJXech2ZjOK5Ll7pmtNpp5HPqqO+MMih6vcdqRH1o2
FgwDzRmPOqyE5hLqWUC4yfY1Om4lakuKaT04KnBxzVtr5CfgLvlJt9i64M9DokXx
UgjDPlCu/5RLoN9Nx1xamFUjxpuzpLTnUP9ILzbg2b+NPBeFwjiO7N6y/yfARLuD
/S5NMsI57KXR+PyORs+cxaovQBeXJnDkmfqWMTrepDBl++/Ib4etkipTz5JpkQ==
-----END CERTIFICATE-----