Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa
File:                     cbcc547e-b103-4291-99b0-fb6ecff6531d.roa (raw, json)
Hash identifier:          8oq73BglIfMWwOhezly6T4HjT/lFm9/KeTdf6h5sJL8=
Subject key identifier:   27:CA:A3:06:33:6B:29:AE:21:9A:08:17:BB:13:BA:63:EA:BF:CB:3A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       64E3C5A6F5261DF6FC0893A04BBEC5BC344DEDC8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa
Signing time:             Tue 10 Dec 2024 00:00:00 +0000
ROA not before:           Tue 10 Dec 2024 00:00:00 +0000
ROA not after:            Tue 14 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5526::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:e3:c5:a6:f5:26:1d:f6:fc:08:93:a0:4b:be:c5:bc:34:4d:ed:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 10 00:00:00 2024 GMT
            Not After : Jan 14 23:59:59 2025 GMT
        Subject: serialNumber=5204a5ceb8faf93875dbd72a6a2866a475dcdc430968f1070704b022d6b971a7, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:94:b8:2c:1d:b8:a0:2c:0d:0a:83:ad:37:47:
                    cd:98:ea:f7:99:e7:53:a9:1c:bd:a1:a9:8a:8a:b6:
                    ab:bd:fd:6c:ab:19:98:59:fe:20:2e:e2:7e:59:f6:
                    ef:32:3c:0f:71:d7:af:b6:79:cf:c0:ec:ca:93:de:
                    76:91:47:86:5d:fa:bb:a4:2b:a3:30:c5:54:4e:e6:
                    8f:ca:2e:89:29:06:7b:1a:9f:0c:41:b8:82:c8:e1:
                    76:e0:73:f2:44:35:3b:ab:8c:50:70:1f:b4:81:96:
                    db:e7:d8:92:8b:86:54:c9:0c:d3:43:cd:62:f5:df:
                    e3:66:18:ca:6b:32:47:87:bc:51:38:af:5c:1c:01:
                    ad:03:d4:55:7d:59:00:66:28:39:24:07:94:d6:89:
                    35:d2:d4:01:b6:d2:76:d2:9a:24:65:0a:ec:08:21:
                    ee:71:ea:1b:5e:d4:2a:d1:90:5c:8f:5e:4e:33:a1:
                    52:92:08:01:cd:b7:84:f6:3d:01:77:bd:e1:b6:5e:
                    2f:44:50:9c:5c:ed:11:81:2a:63:63:fd:d3:10:4b:
                    04:39:78:e3:96:52:72:f4:07:30:42:31:c2:50:29:
                    02:7e:a3:aa:8f:04:94:7f:4d:3c:15:00:ea:d0:d5:
                    4b:cc:7b:b6:8c:62:12:1a:80:2f:58:ff:82:1c:6d:
                    0a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:CA:A3:06:33:6B:29:AE:21:9A:08:17:BB:13:BA:63:EA:BF:CB:3A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5526::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:df:5b:e5:ad:e2:67:ce:01:f7:25:14:a4:ab:b7:60:77:d2:
         41:ce:1d:e9:75:0e:1a:de:c8:fb:7b:4b:2a:fe:6b:12:83:88:
         38:bc:f1:80:84:f4:42:30:0f:10:7d:10:d0:6b:75:2b:87:04:
         9b:1d:28:d0:e8:fd:28:05:3b:e1:c7:f6:8e:c2:ac:f2:b9:20:
         0e:bf:77:ce:df:0c:a4:2d:7b:63:bb:92:c9:a2:9d:f9:d0:d5:
         a7:ef:8a:4f:8c:78:6b:35:c5:a6:a1:ce:2e:f3:45:e5:69:61:
         ab:4a:fc:b1:08:5a:29:91:c5:85:68:b4:ec:0d:4c:64:26:23:
         8d:97:14:49:dc:20:16:8e:70:d5:31:0f:c8:a7:e3:b9:c0:03:
         9d:4c:45:2f:14:03:bc:18:fd:c6:6d:68:22:44:9e:59:db:d2:
         f9:35:ba:11:7d:f9:39:f6:04:b0:92:bd:4e:d1:71:17:5b:99:
         a3:31:40:24:4c:ab:48:81:ae:e7:5a:bb:a1:4b:34:d1:46:50:
         78:7e:10:90:b2:ac:71:a3:81:05:77:fc:50:bd:0d:fc:5f:5c:
         ab:d8:0c:fa:d1:e0:43:63:00:75:d3:a4:69:38:e7:4c:eb:12:
         08:59:6a:d6:9f:00:a5:ac:3d:db:16:9e:b9:de:26:1a:84:cb:
         86:96:b1:1e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZOPFpvUmHfb8CJOgS77FvDRN7cgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjEwMDAwMDAwWhcNMjUwMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjA0YTVjZWI4ZmFmOTM4NzVkYmQ3MmE2YTI4NjZhNDc1
ZGNkYzQzMDk2OGYxMDcwNzA0YjAyMmQ2Yjk3MWE3MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzlLgsHbigLA0Kg603R82Y6veZ51OpHL2hqYqKtqu9/Wyr
GZhZ/iAu4n5Z9u8yPA9x16+2ec/A7MqT3naRR4Zd+rukK6MwxVRO5o/KLokpBnsa
nwxBuILI4Xbgc/JENTurjFBwH7SBltvn2JKLhlTJDNNDzWL13+NmGMprMkeHvFE4
r1wcAa0D1FV9WQBmKDkkB5TWiTXS1AG20nbSmiRlCuwIIe5x6hte1CrRkFyPXk4z
oVKSCAHNt4T2PQF3veG2Xi9EUJxc7RGBKmNj/dMQSwQ5eOOWUnL0BzBCMcJQKQJ+
o6qPBJR/TTwVAOrQ1UvMe7aMYhIagC9Y/4IcbQp9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJ8qjBjNrKa4hmggXuxO6Y+q/yzowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NiY2M1NDdlLWIxMDMtNDI5MS05OWIwLWZiNmVjZmY2NTMxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSYwDQYJKoZIhvcNAQELBQADggEBAKLfW+Wt4mfOAfclFKSrt2B3
0kHOHel1DhreyPt7Syr+axKDiDi88YCE9EIwDxB9ENBrdSuHBJsdKNDo/SgFO+HH
9o7CrPK5IA6/d87fDKQte2O7ksminfnQ1afvik+MeGs1xaahzi7zReVpYatK/LEI
WimRxYVotOwNTGQmI42XFEncIBaOcNUxD8in47nAA51MRS8UA7wY/cZtaCJEnlnb
0vk1uhF9+Tn2BLCSvU7RcRdbmaMxQCRMq0iBrudau6FLNNFGUHh+EJCyrHGjgQV3
/FC9DfxfXKvYDPrR4ENjAHXTpGk450zrEghZatafAKWsPdsWnrneJhqEy4aWsR4=
-----END CERTIFICATE-----