Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e0124927-afa7-4267-814d-16ec9e0135d2.roa
File:                     e0124927-afa7-4267-814d-16ec9e0135d2.roa (raw, json)
Hash identifier:          jj0pBpRzBKjmleuMcBF5vp+nObiP4nci3+EpRuOq6QA=
Subject key identifier:   CE:FC:56:07:DD:EE:94:1E:38:A0:09:53:23:39:BA:AB:AB:12:D5:49
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5FF46B05789A5229BD4A98D33FDED45374F32005
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e0124927-afa7-4267-814d-16ec9e0135d2.roa
Signing time:             Mon 31 Mar 2025 18:40:47 +0000
ROA not before:           Mon 31 Mar 2025 18:40:47 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:2::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:f4:6b:05:78:9a:52:29:bd:4a:98:d3:3f:de:d4:53:74:f3:20:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Mar 31 18:40:47 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: serialNumber=289ae90fddea699f4aac91f785036dfd5348c53af44aa2bb2dddf362cfce0286, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4a:a8:96:db:64:f9:69:27:0f:db:50:8a:9c:
                    db:18:f0:75:f9:9f:5a:d5:91:6b:10:4d:04:dd:68:
                    68:35:9b:1e:1d:9d:13:82:59:a7:c7:e9:a3:e2:ab:
                    36:3e:2d:09:d1:7e:93:74:8c:d9:4e:d0:75:0c:62:
                    d8:da:c9:ab:4e:d4:49:13:53:f3:19:ac:ec:f5:36:
                    96:11:a5:2b:f9:28:68:12:ae:58:87:b0:c1:4f:a8:
                    22:e1:87:3c:72:d8:0d:32:5c:0a:ce:b0:80:6a:6a:
                    b7:34:f1:ef:ed:71:10:7c:5d:aa:6b:87:2d:02:8c:
                    37:b5:a4:14:22:53:dc:35:e1:38:cb:9d:8e:0b:db:
                    13:d4:7a:8d:bd:ba:92:b8:19:ab:c3:eb:51:ac:a0:
                    4c:38:53:ea:d8:e1:18:dd:0b:2b:84:46:35:94:0a:
                    bd:b6:fa:d7:da:15:4d:05:8e:36:b4:d2:09:6e:5b:
                    f1:88:00:1f:b7:4f:e7:a5:45:27:cd:23:ac:04:c0:
                    2d:6a:40:a3:3e:89:bc:62:e5:52:06:d5:da:53:68:
                    df:0e:b7:f3:47:9d:87:29:8d:64:4b:69:08:58:ee:
                    d0:74:81:c9:bd:89:a3:ce:90:70:93:94:dd:8f:67:
                    5b:49:88:8c:db:18:d9:14:2b:af:89:b0:43:98:15:
                    57:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:FC:56:07:DD:EE:94:1E:38:A0:09:53:23:39:BA:AB:AB:12:D5:49
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e0124927-afa7-4267-814d-16ec9e0135d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:c7:17:67:4d:c9:9b:fb:da:c9:43:65:a7:df:67:11:5e:4b:
         a1:29:e1:7d:3c:ba:71:2e:12:b7:8a:5e:cf:b5:b7:1a:1a:72:
         40:4d:1a:80:6e:6f:9c:aa:88:0c:57:a1:ff:7b:97:09:09:96:
         5c:b1:8c:b5:54:03:26:58:7a:72:e6:ef:36:b6:6c:08:b6:40:
         9e:dc:cb:94:b0:e5:b8:ec:28:5a:5c:fe:e7:67:cf:6a:af:98:
         23:36:1e:bc:c8:7a:ee:8f:25:ae:ff:34:ac:f6:13:1c:7e:63:
         ad:62:af:c8:0d:46:a7:e4:4d:34:62:12:9a:d9:4c:7b:b7:bf:
         e0:6a:b7:f9:fa:64:36:63:76:00:ff:e6:ff:1f:f2:72:b1:95:
         3b:2f:bd:86:b9:d6:c1:c9:04:1f:df:8a:cc:21:3b:05:0a:29:
         be:1b:02:d0:d9:6f:10:d8:90:f1:91:2d:f0:65:cd:eb:71:c9:
         be:be:bd:09:39:3c:a3:86:c7:fc:df:3d:dc:59:a8:07:14:2e:
         a3:4f:3b:84:d8:27:3e:d2:56:39:ea:bf:12:f7:72:ae:d5:ae:
         c6:3d:20:71:f2:17:16:06:f8:de:31:67:0c:5d:d7:e4:1a:f4:
         4b:f8:c0:aa:d5:a1:38:71:f7:b7:4a:90:5c:31:0f:fc:31:b3:
         bc:82:51:fd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUX/RrBXiaUim9SpjTP97UU3TzIAUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzMxMTg0MDQ3WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODlhZTkwZmRkZWE2OTlmNGFhYzkxZjc4NTAzNmRmZDUz
NDhjNTNhZjQ0YWEyYmIyZGRkZjM2MmNmY2UwMjg2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbSqiW22T5aScP21CKnNsY8HX5n1rVkWsQTQTdaGg1mx4d
nROCWafH6aPiqzY+LQnRfpN0jNlO0HUMYtjayatO1EkTU/MZrOz1NpYRpSv5KGgS
rliHsMFPqCLhhzxy2A0yXArOsIBqarc08e/tcRB8Xaprhy0CjDe1pBQiU9w14TjL
nY4L2xPUeo29upK4GavD61GsoEw4U+rY4RjdCyuERjWUCr22+tfaFU0Fjja00glu
W/GIAB+3T+elRSfNI6wEwC1qQKM+ibxi5VIG1dpTaN8Ot/NHnYcpjWRLaQhY7tB0
gcm9iaPOkHCTlN2PZ1tJiIzbGNkUK6+JsEOYFVfRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzvxWB93ulB44oAlTIzm6q6sS1UkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2UwMTI0OTI3LWFmYTctNDI2Ny04MTRkLTE2ZWM5ZTAxMzVkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAIwDQYJKoZIhvcNAQELBQADggEBAALHF2dNyZv72slDZaffZxFe
S6Ep4X08unEuEreKXs+1txoackBNGoBub5yqiAxXof97lwkJllyxjLVUAyZYenLm
7za2bAi2QJ7cy5Sw5bjsKFpc/udnz2qvmCM2HrzIeu6PJa7/NKz2Exx+Y61ir8gN
RqfkTTRiEprZTHu3v+Bqt/n6ZDZjdgD/5v8f8nKxlTsvvYa51sHJBB/fiswhOwUK
Kb4bAtDZbxDYkPGRLfBlzetxyb6+vQk5PKOGx/zfPdxZqAcULqNPO4TYJz7SVjnq
vxL3cq7VrsY9IHHyFxYG+N4xZwxd1+Qa9Ev4wKrVoThx97dKkFwxD/wxs7yCUf0=
-----END CERTIFICATE-----