Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/311720c1-10e8-4fac-9201-310eb27fafbd.roa
File:                     311720c1-10e8-4fac-9201-310eb27fafbd.roa (raw, json)
Hash identifier:          MMx/ES6CIZOG1jpDfuPxGZUY/UDbXsD9M8E/Snxenco=
Subject key identifier:   AC:F2:76:49:44:15:D2:C6:8A:18:71:D1:43:67:72:A1:F5:29:1F:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B609002B8C50323662A21B129C8B02DBB554C7C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/311720c1-10e8-4fac-9201-310eb27fafbd.roa
Signing time:             Tue 18 Mar 2025 00:11:38 +0000
ROA not before:           Tue 18 Mar 2025 00:11:38 +0000
ROA not after:            Tue 22 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.216.192.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:60:90:02:b8:c5:03:23:66:2a:21:b1:29:c8:b0:2d:bb:55:4c:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:11:38 2025 GMT
            Not After : Apr 22 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2b:2d:51:87:dd:1b:67:0f:20:34:cb:5e:15:
                    f1:94:d5:5b:57:46:ac:20:81:ea:ef:c6:bb:1e:09:
                    16:f6:de:bd:de:d3:bf:b0:be:59:03:d9:a9:aa:12:
                    e0:9b:30:ce:ae:38:4f:79:a5:f8:b0:ee:c2:19:01:
                    bb:f9:6d:47:f7:cd:53:0c:df:74:c8:0b:1b:27:ab:
                    ce:94:2a:ed:dd:44:9f:b2:b8:af:b0:55:d8:c5:8f:
                    54:20:f8:83:a4:c7:6c:e2:2e:29:f7:53:fc:32:57:
                    95:ec:32:89:77:4d:61:54:63:da:a7:5f:97:e9:5d:
                    08:0c:aa:1a:b6:21:48:f4:55:04:11:14:ce:7a:59:
                    7c:7f:f8:e7:92:22:58:ee:e3:3a:70:cb:ff:77:e4:
                    5e:b7:5d:04:06:fa:e6:54:d6:bc:d6:c0:94:97:a5:
                    9d:52:3b:d3:40:41:38:38:7b:4c:ff:8b:74:05:16:
                    67:da:b5:90:34:66:c4:39:c3:15:38:64:2b:6a:bf:
                    a7:25:dd:6b:85:31:7b:90:d1:ec:6b:e9:7b:34:75:
                    41:5c:1a:6f:be:fd:41:92:ca:30:17:85:0d:97:e7:
                    0e:94:59:6e:b6:90:2b:2c:7f:0d:b4:7b:2c:8e:32:
                    9b:c4:34:9d:e2:78:2a:c7:5c:bd:65:36:e5:42:e2:
                    89:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:F2:76:49:44:15:D2:C6:8A:18:71:D1:43:67:72:A1:F5:29:1F:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/311720c1-10e8-4fac-9201-310eb27fafbd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.216.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:86:c8:eb:fd:9e:6e:0d:b6:6d:e8:1d:4b:87:34:c5:43:48:
         b9:65:bc:9b:90:16:34:8b:48:84:1b:69:a4:01:ab:5b:43:e0:
         b0:42:00:a1:17:f9:5e:ce:ae:15:73:b4:6b:63:9e:31:9d:34:
         f9:96:2d:10:94:19:bf:34:77:45:10:39:72:b8:eb:16:02:5d:
         86:c8:61:19:e8:81:44:08:fc:ee:a5:23:d7:e3:5d:48:c7:b3:
         ac:2b:dc:48:7b:d0:eb:98:73:f4:84:95:6e:96:b0:45:0f:76:
         bd:73:62:9d:85:b3:ad:ca:cc:ef:88:ab:b0:d0:87:a4:f7:74:
         78:85:ef:b3:31:fa:23:6e:4f:c0:cd:ce:8f:f0:c6:e5:85:2d:
         7e:bb:87:3e:03:0d:aa:6d:d0:8e:a7:1b:78:50:c3:76:ac:7e:
         ea:62:ee:d2:7d:ad:32:cd:19:2f:d7:8e:c2:03:cd:f3:c1:54:
         a1:5a:7f:9a:4d:8a:d5:c5:89:d6:98:fb:ee:41:51:9a:47:e6:
         73:7a:22:76:29:db:7e:bd:e8:5a:ef:29:a0:d6:77:14:06:36:
         be:8b:e1:15:59:d3:d4:53:9e:4d:09:01:3b:6a:c3:c4:fb:f2:
         55:8b:76:9a:95:a8:71:da:c3:5d:95:37:b4:d8:63:74:10:89:
         33:3c:93:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG2CQArjFAyNmKiGxKciwLbtVTHwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE4MDAxMTM4WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDc0ODhjMzY0NzM1NjU4YzllNDRhMTQxYjZmNmNkMzlk
ZjBmMmZjMWUzMjkzYjA0NGRiZWJlOTQ5YzU2NDNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnKy1Rh90bZw8gNMteFfGU1VtXRqwggervxrseCRb23r3e
07+wvlkD2amqEuCbMM6uOE95pfiw7sIZAbv5bUf3zVMM33TICxsnq86UKu3dRJ+y
uK+wVdjFj1Qg+IOkx2ziLin3U/wyV5XsMol3TWFUY9qnX5fpXQgMqhq2IUj0VQQR
FM56WXx/+OeSIlju4zpwy/935F63XQQG+uZU1rzWwJSXpZ1SO9NAQTg4e0z/i3QF
FmfatZA0ZsQ5wxU4ZCtqv6cl3WuFMXuQ0exr6Xs0dUFcGm++/UGSyjAXhQ2X5w6U
WW62kCssfw20eyyOMpvENJ3ieCrHXL1lNuVC4okzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrPJ2SUQV0saKGHHRQ2dyofUpH8UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxMTcyMGMxLTEwZTgtNGZhYy05MjAxLTMxMGViMjdmYWZiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs2MAwDQYJKoZIhvcNAQELBQADggEBALCGyOv9nm4Ntm3oHUuHNMVDSLll
vJuQFjSLSIQbaaQBq1tD4LBCAKEX+V7OrhVztGtjnjGdNPmWLRCUGb80d0UQOXK4
6xYCXYbIYRnogUQI/O6lI9fjXUjHs6wr3Eh70OuYc/SElW6WsEUPdr1zYp2Fs63K
zO+Iq7DQh6T3dHiF77Mx+iNuT8DNzo/wxuWFLX67hz4DDapt0I6nG3hQw3asfupi
7tJ9rTLNGS/XjsIDzfPBVKFaf5pNitXFidaY++5BUZpH5nN6InYp23696FrvKaDW
dxQGNr6L4RVZ09RTnk0JATtqw8T78lWLdpqVqHHaw12VN7TYY3QQiTM8k2s=
-----END CERTIFICATE-----