Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59965eb9-a645-4fb7-a6d9-bdde9e726d3f.roa
File:                     59965eb9-a645-4fb7-a6d9-bdde9e726d3f.roa (raw, json)
Hash identifier:          yG0i1G6SEL9WRv3KDVZV51sUX7NWNqZYRhiVy9gJTzQ=
Subject key identifier:   4E:10:63:35:07:34:12:C8:16:23:6F:8E:68:78:C8:32:2E:00:C1:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       543A88D1B80CB55E9EBE335A81DF2FD57268921C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59965eb9-a645-4fb7-a6d9-bdde9e726d3f.roa
Signing time:             Mon 24 Mar 2025 15:41:57 +0000
ROA not before:           Mon 24 Mar 2025 15:41:57 +0000
ROA not after:            Mon 28 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.226.216.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:3a:88:d1:b8:0c:b5:5e:9e:be:33:5a:81:df:2f:d5:72:68:92:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 24 15:41:57 2025 GMT
            Not After : Apr 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:dc:ff:4c:5e:a8:1c:76:00:21:98:c5:30:73:
                    6c:26:73:0e:ac:81:85:5a:cd:26:ca:cf:7c:9d:c4:
                    19:1f:b1:50:75:ec:ee:44:27:4f:96:6c:91:54:ce:
                    0c:36:57:36:c9:7c:77:5f:03:5e:a4:e3:e7:69:09:
                    c9:60:fc:83:f0:2c:5e:0d:c4:5a:5f:91:6f:f6:e2:
                    58:36:43:6e:21:44:ee:07:c4:66:49:b4:8a:ae:98:
                    11:ac:2b:22:52:3e:14:ac:d3:29:be:fb:50:6a:bb:
                    79:13:c1:19:b6:df:fa:ef:b1:07:8b:4c:b6:6c:63:
                    d5:bd:de:1f:56:ac:09:4a:33:f0:7e:76:63:0a:cb:
                    c3:ef:15:e8:d5:6b:db:9a:53:78:d5:ad:0e:ab:e0:
                    e4:ce:3b:32:fe:fe:94:4f:0c:ab:dc:d9:50:f5:d4:
                    a2:a5:5f:27:ed:cc:17:b5:c2:38:67:ef:d8:ae:c0:
                    31:e3:56:e2:c1:0c:f9:39:e7:65:a7:3f:5b:5a:12:
                    ef:2c:5e:e4:79:de:05:4f:a2:27:06:53:14:48:a0:
                    31:a8:a4:fb:19:65:82:77:f4:16:6e:fa:80:f4:65:
                    44:d0:fe:65:2e:84:ce:ac:81:17:88:ab:ec:57:60:
                    9b:99:0a:d8:db:e9:af:f4:af:b6:96:7d:e1:e7:6d:
                    e8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:10:63:35:07:34:12:C8:16:23:6F:8E:68:78:C8:32:2E:00:C1:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59965eb9-a645-4fb7-a6d9-bdde9e726d3f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.226.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:a5:0d:2c:93:b7:79:b9:e8:4e:22:5b:6b:1b:56:10:21:a5:
         45:af:99:f3:79:d0:10:15:19:16:86:62:d6:7d:23:f8:81:da:
         59:e3:dc:45:28:a8:40:14:5a:e6:51:ea:3f:4d:b9:eb:38:7a:
         3b:5d:8f:72:0f:7b:9d:c0:2b:6a:9c:b0:4d:5f:a4:59:2f:25:
         d6:af:b1:1f:e0:82:3c:df:b9:88:c1:ef:c2:ef:b4:77:4a:a6:
         ef:5d:b5:21:97:4a:ea:d5:ca:b2:55:b0:db:7d:a6:d5:94:e1:
         71:27:e3:c7:92:35:f1:36:97:ed:31:a6:84:32:49:20:e7:73:
         e6:51:94:b7:29:9a:66:36:ce:de:9b:15:5d:33:bf:42:fb:b1:
         34:50:76:bb:6b:0d:aa:3b:9a:4d:69:55:22:86:cb:6b:2a:e5:
         88:6e:37:a6:3a:08:14:3d:f6:1c:d9:b4:b1:a9:f9:ca:c1:81:
         36:80:5c:45:04:f0:9c:8e:58:0a:a5:01:d1:49:f7:69:02:47:
         24:84:a1:e6:4b:70:dd:26:cb:84:be:d0:05:32:7a:f5:b3:d6:
         95:3d:a0:91:58:b6:46:a4:79:a7:6e:f4:48:9f:6e:c2:fe:a8:
         f1:cb:0b:cb:2a:d4:41:62:05:3f:b9:b2:d9:2e:ab:38:d1:27:
         b6:5e:fd:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVDqI0bgMtV6evjNagd8v1XJokhwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MTU3WhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZWI2OTUyMGZmOGFlMDk0NTNiNzQyOThlMGRkMDg4NGJl
ZGUxYTE3MDcwNDE2ZjNkY2FmMmMzZjkyMTRkMDU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg3P9MXqgcdgAhmMUwc2wmcw6sgYVazSbKz3ydxBkfsVB1
7O5EJ0+WbJFUzgw2VzbJfHdfA16k4+dpCclg/IPwLF4NxFpfkW/24lg2Q24hRO4H
xGZJtIqumBGsKyJSPhSs0ym++1Bqu3kTwRm23/rvsQeLTLZsY9W93h9WrAlKM/B+
dmMKy8PvFejVa9uaU3jVrQ6r4OTOOzL+/pRPDKvc2VD11KKlXyftzBe1wjhn79iu
wDHjVuLBDPk552WnP1taEu8sXuR53gVPoicGUxRIoDGopPsZZYJ39BZu+oD0ZUTQ
/mUuhM6sgReIq+xXYJuZCtjb6a/0r7aWfeHnbejxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUThBjNQc0EsgWI2+OaHjIMi4AwRcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5OTY1ZWI5LWE2NDUtNGZiNy1hNmQ5LWJkZGU5ZTcyNmQzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJA4tgwDQYJKoZIhvcNAQELBQADggEBACalDSyTt3m56E4iW2sbVhAhpUWv
mfN50BAVGRaGYtZ9I/iB2lnj3EUoqEAUWuZR6j9Nues4ejtdj3IPe53AK2qcsE1f
pFkvJdavsR/ggjzfuYjB78LvtHdKpu9dtSGXSurVyrJVsNt9ptWU4XEn48eSNfE2
l+0xpoQySSDnc+ZRlLcpmmY2zt6bFV0zv0L7sTRQdrtrDao7mk1pVSKGy2sq5Yhu
N6Y6CBQ99hzZtLGp+crBgTaAXEUE8JyOWAqlAdFJ92kCRySEoeZLcN0my4S+0AUy
evWz1pU9oJFYtkakeadu9EifbsL+qPHLC8sq1EFiBT+5stkuqzjRJ7Ze/aY=
-----END CERTIFICATE-----