Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6282f4a8-f1f7-49a0-852f-808c201c5429.roa
File:                     6282f4a8-f1f7-49a0-852f-808c201c5429.roa (raw, json)
Hash identifier:          75tZ8wC0iitzDIbezIrP7S3jxzoCt4T+kF8fbg7jus0=
Subject key identifier:   C0:DC:3A:30:96:42:D5:BE:2E:05:B1:C3:D8:EF:FB:5D:60:64:66:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       276A18355511C6C750380E88D6EEC0F86580274A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6282f4a8-f1f7-49a0-852f-808c201c5429.roa
Signing time:             Tue 18 Mar 2025 00:10:59 +0000
ROA not before:           Tue 18 Mar 2025 00:10:59 +0000
ROA not after:            Tue 22 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        37.203.177.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:6a:18:35:55:11:c6:c7:50:38:0e:88:d6:ee:c0:f8:65:80:27:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:10:59 2025 GMT
            Not After : Apr 22 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5c:8c:96:52:62:14:0e:f4:8e:67:ef:4a:36:
                    61:41:3f:2f:8d:0e:f4:31:8d:bd:6a:66:dd:1c:26:
                    46:60:c1:c6:4e:f2:7b:9a:0b:21:3c:8b:12:d1:2b:
                    df:18:e3:43:80:64:bf:a6:07:1c:ba:38:98:7e:a6:
                    84:d6:13:6e:b5:d0:22:9d:05:87:2d:90:f4:b8:5b:
                    5a:0b:6b:12:07:3c:80:6d:58:7e:16:4f:ce:bf:60:
                    6f:81:04:b8:67:bd:16:3b:8c:61:8e:ff:8a:d4:25:
                    56:72:13:9a:ff:e1:b4:8d:ee:2b:b5:ff:bf:80:2e:
                    a7:45:21:7f:2f:f8:bc:0f:87:57:36:dd:95:26:e5:
                    aa:89:08:43:2a:44:bf:3c:e1:ca:8e:52:27:d7:fb:
                    63:b4:f9:97:a5:3f:76:9e:f7:ff:71:7a:7f:4d:33:
                    49:8b:f1:a1:a0:c6:64:ef:67:7e:5b:2d:a1:2d:f0:
                    4c:f0:f9:39:e1:d1:c7:97:e2:df:80:93:99:2e:52:
                    52:71:34:5e:62:8d:a4:fd:bf:ea:e9:7f:14:fc:a0:
                    ed:14:dc:c0:91:53:95:f6:a0:fd:4e:25:2d:55:f5:
                    ee:5d:1c:9d:16:95:60:7b:6c:eb:88:ce:0e:9b:1d:
                    ea:29:bc:4c:79:c0:a0:d8:3e:bb:94:fa:7a:61:38:
                    42:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:DC:3A:30:96:42:D5:BE:2E:05:B1:C3:D8:EF:FB:5D:60:64:66:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6282f4a8-f1f7-49a0-852f-808c201c5429.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.203.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:79:32:d2:1e:d6:99:4b:e8:58:70:2a:2f:41:a0:b7:ab:1f:
         e5:75:d7:c5:86:2c:9c:0a:76:7e:5a:0b:5a:6b:e5:95:93:98:
         f1:fa:b6:6b:70:80:13:11:12:66:d7:ea:8a:dc:4d:4f:2c:20:
         11:9d:ee:1e:a0:49:32:b3:94:fd:a0:39:7a:ae:8a:33:5e:27:
         f8:a7:36:d9:e9:09:64:58:c1:c0:9d:4f:98:53:72:b5:57:a8:
         f6:c7:f8:c8:e7:20:67:3d:70:91:86:b6:3b:df:c3:2a:cb:17:
         28:e4:ef:9d:cb:cf:49:19:1b:d6:19:d2:bb:1a:3b:ad:f9:0c:
         16:38:cb:74:81:6f:9e:9e:8f:c7:24:fd:dd:ee:f6:91:61:ac:
         3f:9c:11:59:15:3f:b7:95:b0:af:95:f0:89:a5:0f:43:6a:b1:
         a9:cf:e8:72:af:d3:48:11:32:98:5b:51:74:c4:1b:eb:b8:4c:
         eb:0c:a2:e2:db:24:15:80:97:04:e0:8e:e3:02:e7:02:b8:43:
         a7:03:be:3e:e0:82:24:6c:71:6d:e5:0b:ce:a4:03:1f:08:1c:
         9f:a0:79:74:38:95:2e:1e:8f:fc:f5:58:61:e9:56:9d:03:03:
         9e:0e:98:1b:dc:13:b7:6d:8c:45:ab:1f:d5:67:45:c1:c6:b3:
         35:b0:30:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ2oYNVURxsdQOA6I1u7A+GWAJ0owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE4MDAxMDU5WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTIyZjBkYmU4NGYxYWE4YWM1ZjIxYTgyN2Q4NjM0NzNk
OGE5MWFjZDFjMzgzYzI3ZGRhMTQxZDVkZWExOWMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdXIyWUmIUDvSOZ+9KNmFBPy+NDvQxjb1qZt0cJkZgwcZO
8nuaCyE8ixLRK98Y40OAZL+mBxy6OJh+poTWE2610CKdBYctkPS4W1oLaxIHPIBt
WH4WT86/YG+BBLhnvRY7jGGO/4rUJVZyE5r/4bSN7iu1/7+ALqdFIX8v+LwPh1c2
3ZUm5aqJCEMqRL884cqOUifX+2O0+ZelP3ae9/9xen9NM0mL8aGgxmTvZ35bLaEt
8Ezw+Tnh0ceX4t+Ak5kuUlJxNF5ijaT9v+rpfxT8oO0U3MCRU5X2oP1OJS1V9e5d
HJ0WlWB7bOuIzg6bHeopvEx5wKDYPruU+nphOEK5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwNw6MJZC1b4uBbHD2O/7XWBkZl0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyODJmNGE4LWYxZjctNDlhMC04NTJmLTgwOGMyMDFjNTQyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAly7EwDQYJKoZIhvcNAQELBQADggEBAAJ5MtIe1plL6FhwKi9BoLerH+V1
18WGLJwKdn5aC1pr5ZWTmPH6tmtwgBMREmbX6orcTU8sIBGd7h6gSTKzlP2gOXqu
ijNeJ/inNtnpCWRYwcCdT5hTcrVXqPbH+MjnIGc9cJGGtjvfwyrLFyjk753Lz0kZ
G9YZ0rsaO635DBY4y3SBb56ej8ck/d3u9pFhrD+cEVkVP7eVsK+V8ImlD0NqsanP
6HKv00gRMphbUXTEG+u4TOsMouLbJBWAlwTgjuMC5wK4Q6cDvj7ggiRscW3lC86k
Ax8IHJ+geXQ4lS4ej/z1WGHpVp0DA54OmBvcE7dtjEWrH9VnRcHGszWwMG0=
-----END CERTIFICATE-----