Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
File:                     60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa (raw, json)
Hash identifier:          iMh8ouIt0NCKXk2I0ZS/VsIyzKxu4lKPZGavdTT2axE=
Subject key identifier:   2F:74:D2:14:17:5A:43:6C:8D:7C:62:00:47:12:C4:2A:3D:1C:25:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38415F836E1F8997B02AF8783D5FB73264EA19BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
Signing time:             Fri 21 Mar 2025 00:30:30 +0000
ROA not before:           Fri 21 Mar 2025 00:30:30 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.175.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:41:5f:83:6e:1f:89:97:b0:2a:f8:78:3d:5f:b7:32:64:ea:19:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 21 00:30:30 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f8:78:db:29:c4:43:48:e7:ca:fd:ea:8e:cc:
                    65:1e:ba:3a:00:6c:e1:7a:f4:8e:c8:80:a8:86:0b:
                    31:9c:eb:90:c6:89:a1:53:27:1a:09:43:9f:37:ea:
                    5a:df:90:2a:ae:4f:84:49:74:60:ec:42:86:14:ef:
                    49:73:86:fb:a2:3a:ba:df:83:85:d9:c6:4c:95:20:
                    21:c0:e7:fd:6f:10:76:f4:17:ca:77:92:b4:6c:de:
                    1f:8d:76:27:7a:e1:ae:d6:0c:1c:37:ba:f9:c2:7c:
                    1d:a4:9f:3b:03:0f:68:bc:c4:1c:d7:c7:49:3b:73:
                    85:22:65:4d:53:f8:d9:18:0d:c3:a5:77:dd:b7:e5:
                    fe:fc:84:74:58:53:b3:0b:ca:fb:66:7c:78:fa:e6:
                    e6:7a:69:0e:28:78:40:0f:48:c4:90:f0:72:e3:12:
                    70:d2:71:1d:28:dc:1e:3f:d6:3c:bb:1c:76:f8:d7:
                    c3:c2:5d:14:fd:2d:fd:5a:d0:d4:13:32:5f:e6:57:
                    7a:d9:d7:ac:45:40:3c:17:b5:73:f5:e5:b9:9e:71:
                    9d:f4:d3:c7:f2:88:75:d6:a7:ea:df:54:10:13:08:
                    e6:7d:5a:4d:3e:01:16:f6:01:ed:2b:74:07:36:b1:
                    59:37:90:bc:61:c7:65:3e:fc:b2:57:f0:53:bb:b9:
                    ce:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:74:D2:14:17:5A:43:6C:8D:7C:62:00:47:12:C4:2A:3D:1C:25:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:10:23:90:f7:a7:8f:fd:25:5c:fb:ad:3b:b0:78:12:e9:14:
         aa:4a:be:09:e8:b7:56:4f:53:18:50:26:bd:a0:35:ea:01:b9:
         b4:db:32:d0:91:68:47:dd:13:13:e0:20:5f:71:f3:a1:89:15:
         69:7e:49:6e:8e:e4:00:88:11:3f:27:e9:cc:e6:a7:f0:95:7b:
         0b:20:30:51:2b:75:af:51:e8:14:9c:7d:37:23:bf:d9:0b:f9:
         dd:a3:7a:29:88:ae:bb:c5:6c:04:e6:00:4b:0e:1d:75:04:9e:
         1c:4e:3e:3c:5c:3c:80:4b:50:cd:af:e2:82:72:86:83:30:00:
         3b:25:4b:a9:73:29:68:8b:50:b2:e2:3e:6a:80:a2:ef:6f:59:
         cd:92:1c:fa:41:64:97:da:34:8c:dd:09:b6:1c:48:2c:e2:ec:
         62:16:2f:a3:92:21:7d:b1:67:fd:77:53:8d:99:e1:28:db:c2:
         34:2e:28:6b:4d:44:8a:f7:94:01:57:56:61:5f:32:c2:4c:3a:
         e9:0b:af:a7:94:e1:02:2b:99:a8:56:f2:31:db:70:82:98:c3:
         e1:2f:c6:9c:b6:6d:23:a2:82:54:d0:eb:7e:be:7c:15:10:73:
         37:e5:9a:05:e8:a7:d4:40:e6:30:92:47:20:04:ae:b6:f9:7d:
         6d:57:7c:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOEFfg24fiZewKvh4PV+3MmTqGbswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAzMDMwWhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjNmOGE0OWRkMjIyNmQ4ZmZlMzgwZGNhZTE3MjdiZmZj
OTU0NGFlODA2MTBhNzcxMDQ5NmYyMmUyOGE0MWZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy+HjbKcRDSOfK/eqOzGUeujoAbOF69I7IgKiGCzGc65DG
iaFTJxoJQ5836lrfkCquT4RJdGDsQoYU70lzhvuiOrrfg4XZxkyVICHA5/1vEHb0
F8p3krRs3h+Ndid64a7WDBw3uvnCfB2knzsDD2i8xBzXx0k7c4UiZU1T+NkYDcOl
d9235f78hHRYU7MLyvtmfHj65uZ6aQ4oeEAPSMSQ8HLjEnDScR0o3B4/1jy7HHb4
18PCXRT9Lf1a0NQTMl/mV3rZ16xFQDwXtXP15bmecZ3008fyiHXWp+rfVBATCOZ9
Wk0+ARb2Ae0rdAc2sVk3kLxhx2U+/LJX8FO7uc6vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUL3TSFBdaQ2yNfGIARxLEKj0cJS0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZTc5OGYxLTJjNzItNDE5NS1iMzRjLTdjMWM2MTcxZTlhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl68wDQYJKoZIhvcNAQELBQADggEBACAQI5D3p4/9JVz7rTuweBLpFKpK
vgnot1ZPUxhQJr2gNeoBubTbMtCRaEfdExPgIF9x86GJFWl+SW6O5ACIET8n6czm
p/CVewsgMFErda9R6BScfTcjv9kL+d2jeimIrrvFbATmAEsOHXUEnhxOPjxcPIBL
UM2v4oJyhoMwADslS6lzKWiLULLiPmqAou9vWc2SHPpBZJfaNIzdCbYcSCzi7GIW
L6OSIX2xZ/13U42Z4SjbwjQuKGtNRIr3lAFXVmFfMsJMOukLr6eU4QIrmahW8jHb
cIKYw+Evxpy2bSOiglTQ636+fBUQczflmgXop9RA5jCSRyAErrb5fW1XfNY=
-----END CERTIFICATE-----