Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1970fdae-d81d-4d44-bdc0-2931ee225a83.roa
File:                     1970fdae-d81d-4d44-bdc0-2931ee225a83.roa (raw, json)
Hash identifier:          jxsIr9YgM1oXrf2OjryBD6xJHWQrDOebWB6OuVi0o0c=
Subject key identifier:   73:14:17:20:25:84:51:C6:B9:64:C9:9D:8D:84:91:C9:41:59:D9:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       544F0098A78D7BC47087FE12B47AB3071645A61C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1970fdae-d81d-4d44-bdc0-2931ee225a83.roa
Signing time:             Fri 21 Mar 2025 00:30:59 +0000
ROA not before:           Fri 21 Mar 2025 00:30:59 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.186.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:4f:00:98:a7:8d:7b:c4:70:87:fe:12:b4:7a:b3:07:16:45:a6:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 21 00:30:59 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f7:f3:11:9d:37:8d:6e:df:30:d2:19:65:f0:
                    61:2d:ec:6d:d0:49:86:e8:7c:e0:af:55:d2:62:2a:
                    eb:9d:8f:b9:33:b0:33:98:fe:13:3e:63:52:98:88:
                    33:a1:7c:e2:4f:c4:6c:57:5b:62:cf:82:7a:50:2f:
                    05:3f:56:34:95:26:e9:3f:ab:8b:fb:a5:5f:ba:63:
                    fc:1e:b5:31:78:e0:ed:8a:3d:55:2d:7d:fb:58:27:
                    e7:b9:ac:3a:5e:a6:60:97:a9:31:26:cc:94:8c:e7:
                    d3:01:a4:37:69:ee:3c:02:9a:21:d0:2f:43:bb:63:
                    74:64:ad:c0:34:46:b9:7d:37:b9:73:b1:01:2f:01:
                    fd:be:e0:c6:94:4d:a7:ab:cd:a3:3a:52:d4:f4:ee:
                    6c:2d:c2:d5:4e:97:90:da:f8:56:e3:1e:96:3e:88:
                    c9:f4:92:c9:51:9a:b4:fb:49:60:50:d2:83:fa:ce:
                    d2:27:e6:0c:9a:b8:57:aa:c5:0a:5a:9d:98:5a:ee:
                    b2:72:e4:b8:42:aa:6c:0d:37:c4:2f:57:41:71:4a:
                    27:b7:b9:71:d9:d3:26:6b:98:00:1e:13:e0:95:71:
                    0c:c3:38:a4:9c:a1:ac:75:7e:10:bb:db:90:aa:e4:
                    ec:c4:60:cc:d4:1d:fa:f6:e5:d8:97:e5:29:74:55:
                    73:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:14:17:20:25:84:51:C6:B9:64:C9:9D:8D:84:91:C9:41:59:D9:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1970fdae-d81d-4d44-bdc0-2931ee225a83.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:b8:9d:76:66:a6:39:93:a9:0a:31:0d:7c:63:18:79:40:a0:
         29:6e:f6:6c:33:a4:d6:2c:5e:c3:05:91:08:60:af:01:5f:61:
         ea:16:0f:e0:bd:3f:a9:1c:3b:5b:b0:12:3e:17:3f:c9:c3:68:
         64:56:23:93:4d:ed:ee:8b:e1:d6:94:49:52:3a:fa:bb:f7:03:
         aa:f3:3c:39:6e:54:fe:58:4f:15:da:dc:5d:8c:75:12:02:05:
         18:d4:9d:f4:02:58:22:10:91:c7:e9:45:5b:e9:b4:df:c5:da:
         54:54:e7:e8:ba:95:d3:7a:fb:c9:28:89:1a:f7:3d:14:74:0e:
         1d:ef:04:9e:af:1c:40:c2:6b:2d:39:8c:08:80:1c:6d:3d:e3:
         c7:a4:e7:5e:ed:7c:42:ba:02:c6:67:ec:9c:1a:61:4c:ec:b3:
         51:e5:04:66:ba:03:4d:90:bc:08:dd:5f:c5:a7:13:4d:d8:78:
         80:fb:f3:de:b1:15:08:4d:57:54:3e:0c:69:d3:3b:36:0f:70:
         47:7e:0d:e3:33:0e:82:21:4b:b8:98:a4:22:57:31:8b:dc:7c:
         b7:e4:44:fe:e9:2f:e1:cb:59:9e:54:6f:7f:83:bb:a5:65:e1:
         32:77:39:92:2d:66:33:51:ce:0e:b3:5e:ff:0b:8d:4f:0c:17:
         8d:f1:77:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVE8AmKeNe8Rwh/4StHqzBxZFphwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAzMDU5WhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZWU5ZWU1M2JjOGRlZDAzMTc4YThkNGNkMTkzYTQ4M2I0
Yzc1ZjJlMzE5NGIzN2M0ZmJlMTc4MDVlMDBiY2Y0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC69/MRnTeNbt8w0hll8GEt7G3QSYbofOCvVdJiKuudj7kz
sDOY/hM+Y1KYiDOhfOJPxGxXW2LPgnpQLwU/VjSVJuk/q4v7pV+6Y/wetTF44O2K
PVUtfftYJ+e5rDpepmCXqTEmzJSM59MBpDdp7jwCmiHQL0O7Y3RkrcA0Rrl9N7lz
sQEvAf2+4MaUTaerzaM6UtT07mwtwtVOl5Da+FbjHpY+iMn0kslRmrT7SWBQ0oP6
ztIn5gyauFeqxQpanZha7rJy5LhCqmwNN8QvV0FxSie3uXHZ0yZrmAAeE+CVcQzD
OKScoax1fhC725Cq5OzEYMzUHfr25diX5Sl0VXNDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcxQXICWEUca5ZMmdjYSRyUFZ2cgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5NzBmZGFlLWQ4MWQtNGQ0NC1iZGMwLTI5MzFlZTIyNWE4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl7owDQYJKoZIhvcNAQELBQADggEBAIK4nXZmpjmTqQoxDXxjGHlAoClu
9mwzpNYsXsMFkQhgrwFfYeoWD+C9P6kcO1uwEj4XP8nDaGRWI5NN7e6L4daUSVI6
+rv3A6rzPDluVP5YTxXa3F2MdRICBRjUnfQCWCIQkcfpRVvptN/F2lRU5+i6ldN6
+8koiRr3PRR0Dh3vBJ6vHEDCay05jAiAHG0948ek517tfEK6AsZn7JwaYUzss1Hl
BGa6A02QvAjdX8WnE03YeID7896xFQhNV1Q+DGnTOzYPcEd+DeMzDoIhS7iYpCJX
MYvcfLfkRP7pL+HLWZ5Ub3+Du6Vl4TJ3OZItZjNRzg6zXv8LjU8MF43xd/Y=
-----END CERTIFICATE-----