Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa
File:                     00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa (raw, json)
Hash identifier:          qHHPmL5JheE6jKNeRt+JhkYK6rfgZuex36E5pWS7Cls=
Subject key identifier:   86:74:C7:45:54:31:A1:59:F2:A9:29:DB:B1:A1:57:8F:C2:A4:A5:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7ECF2E71C0F655F30032355042850C6A5EA493B3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa
Signing time:             Tue 18 Mar 2025 00:30:58 +0000
ROA not before:           Tue 18 Mar 2025 00:30:58 +0000
ROA not after:            Tue 22 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.48.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:cf:2e:71:c0:f6:55:f3:00:32:35:50:42:85:0c:6a:5e:a4:93:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:30:58 2025 GMT
            Not After : Apr 22 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3c:17:00:23:ba:11:0e:0e:9c:9f:41:1e:15:
                    6c:e7:27:8e:dd:41:92:2f:f3:c5:26:30:12:f9:8d:
                    66:b7:6a:98:fd:34:39:bf:6e:69:86:ea:3d:ae:04:
                    1f:91:d2:0d:6f:f0:73:3f:55:81:6e:e9:3b:6a:16:
                    e2:42:6b:bc:16:a0:e8:c0:c5:c9:ff:fe:2c:10:27:
                    2e:0a:f6:b9:bf:3a:ba:ab:2e:bb:0a:12:06:b2:e1:
                    49:8f:24:f6:99:9c:b9:e6:88:57:3d:34:c1:de:ec:
                    f5:ac:b8:b4:6d:10:6b:ea:d4:d7:a3:18:77:d7:b4:
                    de:13:5d:b8:99:4c:da:bf:12:45:02:10:7c:90:df:
                    89:bd:17:e6:e2:33:b5:f9:e9:17:01:1c:49:42:6d:
                    f0:53:7a:c4:b6:55:92:99:7d:63:31:58:76:6c:f5:
                    41:c5:f3:c9:8a:e4:25:84:2c:b6:f5:a8:43:78:03:
                    34:c9:05:1c:82:8a:27:05:fd:8d:d3:6c:66:82:f4:
                    97:5a:af:ac:f1:8c:ff:ce:3f:a1:aa:bd:21:1b:0b:
                    95:b2:9e:a4:62:66:19:8c:2e:14:34:45:7e:c3:29:
                    2b:4c:ca:98:65:8a:db:43:02:7a:a8:24:ff:57:07:
                    12:c7:a5:b5:91:cf:f4:de:fe:65:8e:5b:e3:98:dc:
                    a1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:74:C7:45:54:31:A1:59:F2:A9:29:DB:B1:A1:57:8F:C2:A4:A5:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         bd:d0:d5:53:9b:59:ee:ac:af:ae:4c:c9:24:f0:35:3b:d5:f6:
         3d:af:7d:55:97:a7:79:4b:ec:d9:7f:21:20:07:c9:18:e0:ac:
         67:6b:c7:96:1b:3b:15:ba:09:17:8a:cc:61:44:fb:1d:89:9a:
         78:e8:79:f4:76:9b:a6:2e:52:f6:86:5a:66:83:a2:c4:b8:55:
         ad:f4:4a:16:6d:85:3a:ed:00:47:1e:b6:fd:bd:a6:0c:a5:97:
         56:8a:27:74:a8:60:82:1e:64:a3:20:c5:b4:45:73:fb:35:4f:
         fc:9d:75:08:c4:92:88:a8:4c:6e:f7:01:c9:45:89:66:30:f3:
         0d:f6:92:28:8a:16:64:78:9c:1c:cc:ed:8b:78:08:c2:b1:98:
         0f:c7:58:18:c9:ca:1c:cc:3c:c1:29:1d:aa:41:7a:32:c8:dd:
         34:de:8e:70:23:dc:b4:3e:59:84:b3:d9:e0:8b:69:b2:96:ab:
         0c:33:7a:8e:c9:d8:76:f8:07:3b:a9:06:99:46:cf:e6:98:76:
         02:2f:2f:ae:31:b6:1d:4f:dd:a6:f7:c5:cc:d7:9c:46:40:03:
         19:29:68:af:09:e8:7a:07:39:f8:98:6b:7d:46:21:fb:ce:b2:
         96:35:f3:6c:71:ce:a3:89:18:69:d7:47:86:23:89:78:6d:10:
         d8:20:3a:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfs8uccD2VfMAMjVQQoUMal6kk7MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE4MDAzMDU4WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDgyMmMxZjMyZWRkZjJhMGI3M2YxZGViODhhOGU4YjNk
ZDQ0NTFiYjRjZTIzMzIxYTQ5NjU0M2Q0NzU2OTVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyPBcAI7oRDg6cn0EeFWznJ47dQZIv88UmMBL5jWa3apj9
NDm/bmmG6j2uBB+R0g1v8HM/VYFu6TtqFuJCa7wWoOjAxcn//iwQJy4K9rm/Orqr
LrsKEgay4UmPJPaZnLnmiFc9NMHe7PWsuLRtEGvq1NejGHfXtN4TXbiZTNq/EkUC
EHyQ34m9F+biM7X56RcBHElCbfBTesS2VZKZfWMxWHZs9UHF88mK5CWELLb1qEN4
AzTJBRyCiicF/Y3TbGaC9Jdar6zxjP/OP6GqvSEbC5WynqRiZhmMLhQ0RX7DKStM
yphlittDAnqoJP9XBxLHpbWRz/Te/mWOW+OY3KFtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhnTHRVQxoVnyqSnbsaFXj8KkpX8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAwYzc5YTI3LWExZGYtNGU2Ny1hNThkLTQ0N2QzZmEyZGRlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEjAwDQYJKoZIhvcNAQELBQADggEBAL3Q1VObWe6sr65MySTwNTvV9j2v
fVWXp3lL7Nl/ISAHyRjgrGdrx5YbOxW6CReKzGFE+x2JmnjoefR2m6YuUvaGWmaD
osS4Va30ShZthTrtAEcetv29pgyll1aKJ3SoYIIeZKMgxbRFc/s1T/yddQjEkoio
TG73AclFiWYw8w32kiiKFmR4nBzM7Yt4CMKxmA/HWBjJyhzMPMEpHapBejLI3TTe
jnAj3LQ+WYSz2eCLabKWqwwzeo7J2Hb4BzupBplGz+aYdgIvL64xth1P3ab3xczX
nEZAAxkpaK8J6HoHOfiYa31GIfvOspY182xxzqOJGGnXR4YjiXhtENggOiQ=
-----END CERTIFICATE-----