Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa
File:                     60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa (raw, json)
Hash identifier:          NNuUardzNaMxHGLx2mXDVzmNVK54SSXVHLSTSf042i0=
Subject key identifier:   71:E4:BE:07:D6:88:81:7F:02:A6:23:CF:67:FF:7B:A3:75:DE:F3:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       142563531BADA728F4E382C1EB8658DF8396C4EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa
Signing time:             Wed 01 Oct 2025 00:12:05 +0000
ROA not before:           Wed 01 Oct 2025 00:12:05 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:80a7::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:25:63:53:1b:ad:a7:28:f4:e3:82:c1:eb:86:58:df:83:96:c4:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:12:05 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=aceb76b1a187e02334a26a52eb519d333d6b5e69bdd94cfd0dcf27a642bda1f4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:55:be:8c:43:18:03:85:5f:7b:dc:d6:06:49:
                    19:63:2f:37:ee:73:38:8c:b0:31:bd:92:b2:fd:11:
                    9b:66:a9:d2:a9:25:dc:ab:45:8b:85:a7:1e:c9:f2:
                    d6:a1:94:58:b4:4d:94:a5:c4:b9:4c:8e:7d:6e:e9:
                    8e:3b:02:59:e9:e6:ec:4a:b3:c8:db:28:e3:3d:9d:
                    ff:d7:4b:a7:72:a4:14:db:f7:18:4d:5d:cf:6f:cf:
                    88:51:96:33:fb:b7:ae:23:77:8a:a3:e1:83:2c:21:
                    34:cf:86:c5:39:31:59:62:d5:3b:84:b9:f3:32:ee:
                    7e:30:36:bf:52:c6:2c:9f:14:43:a7:85:95:35:50:
                    a4:ed:92:a6:71:4e:40:8b:8f:d8:13:d6:dc:83:14:
                    46:5a:f8:e8:06:02:e2:9f:07:4d:56:33:ae:d7:30:
                    31:bb:9a:c1:fd:7f:11:b0:fe:47:7f:83:a3:7c:84:
                    d4:37:3a:1c:96:af:fb:d0:31:ec:af:fe:a9:68:56:
                    07:6e:09:0c:8c:4b:01:68:65:53:2a:65:84:87:ca:
                    72:b4:55:48:dc:a0:16:c9:d2:b0:57:be:b1:78:fe:
                    ae:ad:e9:3c:60:62:a3:c7:d8:1d:3c:c9:d8:fd:ce:
                    cf:ae:c3:65:1d:86:f8:c3:0d:fd:bd:9e:af:c9:c4:
                    77:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:E4:BE:07:D6:88:81:7F:02:A6:23:CF:67:FF:7B:A3:75:DE:F3:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:80a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:b0:49:59:de:fe:e4:77:d4:18:6a:be:eb:20:dd:9f:ac:ba:
         da:9a:2f:b1:b1:eb:54:77:04:2c:36:26:e5:85:25:fb:a8:ea:
         cd:43:7a:01:22:4c:e2:2d:b5:09:7c:f0:7e:81:ec:e0:10:df:
         c1:80:27:40:cb:94:94:89:c8:77:96:e3:a2:0b:34:48:a0:c0:
         f2:e2:7b:12:1b:53:38:86:88:d3:9c:94:18:1c:29:c2:fc:09:
         97:52:db:07:da:c3:fc:57:d6:60:9f:81:09:4f:42:05:43:5d:
         a0:45:71:a3:96:31:be:9c:89:0e:dd:d4:aa:4f:bf:fc:cd:22:
         e5:83:56:86:dd:d4:e4:bd:b3:be:cb:6d:b0:ee:d5:54:c0:2a:
         e8:e1:1e:aa:3e:22:df:17:87:46:a8:8a:56:7e:1d:b7:d7:36:
         83:94:ea:ba:cf:ed:34:dc:ad:ee:4c:4b:b3:a8:4e:cf:77:15:
         cc:6a:33:39:3a:97:5e:08:09:51:40:6f:92:f3:ba:97:06:10:
         36:9e:5e:ff:2f:5f:8e:43:0b:37:a5:06:0f:e9:2d:9a:a9:f6:
         92:c1:f3:f8:d9:86:aa:1a:21:e5:9a:c2:32:f3:cc:6b:d0:28:
         bf:5e:a1:aa:d2:1a:7d:43:2e:78:e6:05:25:d9:71:a3:9d:88:
         9a:5c:10:32
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFCVjUxutpyj044LB64ZY34OWxOwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMjA1WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2ViNzZiMWExODdlMDIzMzRhMjZhNTJlYjUxOWQzMzNk
NmI1ZTY5YmRkOTRjZmQwZGNmMjdhNjQyYmRhMWY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKVb6MQxgDhV973NYGSRljLzfucziMsDG9krL9EZtmqdKp
JdyrRYuFpx7J8tahlFi0TZSlxLlMjn1u6Y47Alnp5uxKs8jbKOM9nf/XS6dypBTb
9xhNXc9vz4hRljP7t64jd4qj4YMsITTPhsU5MVli1TuEufMy7n4wNr9SxiyfFEOn
hZU1UKTtkqZxTkCLj9gT1tyDFEZa+OgGAuKfB01WM67XMDG7msH9fxGw/kd/g6N8
hNQ3OhyWr/vQMeyv/qloVgduCQyMSwFoZVMqZYSHynK0VUjcoBbJ0rBXvrF4/q6t
6TxgYqPH2B08ydj9zs+uw2UdhvjDDf29nq/JxHe/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUceS+B9aIgX8CpiPPZ/97o3Xe8/IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZmExMzE2LTQ4OWMtNGMyZS05ZWNiLWU1YTYwYTcwNzc3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gKcwDQYJKoZIhvcNAQELBQADggEBAL6wSVne/uR31Bhqvusg3Z+s
utqaL7Gx61R3BCw2JuWFJfuo6s1DegEiTOIttQl88H6B7OAQ38GAJ0DLlJSJyHeW
46ILNEigwPLiexIbUziGiNOclBgcKcL8CZdS2wfaw/xX1mCfgQlPQgVDXaBFcaOW
Mb6ciQ7d1KpPv/zNIuWDVobd1OS9s77LbbDu1VTAKujhHqo+It8Xh0aoilZ+HbfX
NoOU6rrP7TTcre5MS7OoTs93FcxqMzk6l14ICVFAb5LzupcGEDaeXv8vX45DCzel
Bg/pLZqp9pLB8/jZhqoaIeWawjLzzGvQKL9eoarSGn1DLnjmBSXZcaOdiJpcEDI=
-----END CERTIFICATE-----