Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dbdebba-e361-477e-ae11-d68def64ccc4.roa
File:                     6dbdebba-e361-477e-ae11-d68def64ccc4.roa (raw, json)
Hash identifier:          OhutPTH20yf+a32SLea3yp8aM+gNqyboFuUesiJb2xM=
Subject key identifier:   A4:25:3F:40:69:8C:0C:6D:65:B1:CB:E7:91:17:92:3E:31:04:03:92
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A5D62DD48A5FE158278010C9FBA3F65B4DDF9DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dbdebba-e361-477e-ae11-d68def64ccc4.roa
Signing time:             Tue 11 Mar 2025 00:01:42 +0000
ROA not before:           Tue 11 Mar 2025 00:01:42 +0000
ROA not after:            Tue 15 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.17.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:5d:62:dd:48:a5:fe:15:82:78:01:0c:9f:ba:3f:65:b4:dd:f9:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 11 00:01:42 2025 GMT
            Not After : Apr 15 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:27:d7:26:d7:7f:d1:bb:38:a3:3c:72:68:2f:
                    01:07:21:d5:47:dc:f1:ae:9f:ec:98:ed:fc:6e:5d:
                    89:6f:44:23:16:5a:ff:dd:c1:f2:62:b7:3e:33:bc:
                    bc:b8:c1:75:46:f1:ae:02:1a:4d:73:65:14:5c:87:
                    bb:1f:f3:34:6c:f9:ed:83:d4:5e:28:be:ad:f0:07:
                    94:97:79:f3:33:c2:65:ca:8f:47:c8:a6:22:ab:20:
                    1a:6d:54:c8:53:f0:5a:83:f9:b7:4e:75:ef:f7:a4:
                    b9:cc:f4:0d:14:22:c3:bc:1a:93:a7:98:a8:41:19:
                    b3:8b:06:e1:c5:d2:e9:10:d0:b2:65:6d:77:0a:4d:
                    b6:fd:13:76:9b:74:04:ce:ae:0c:46:04:6c:33:87:
                    47:80:99:77:38:ed:db:1e:54:9c:83:e7:89:3a:51:
                    52:08:98:db:6b:75:db:0d:5e:09:55:20:4f:9c:ff:
                    e2:45:59:30:f8:c0:af:38:b6:c6:c9:e0:24:e6:6c:
                    94:49:43:b0:35:5f:06:6b:ee:aa:ee:39:3a:f4:c4:
                    97:4b:5b:87:a3:93:55:6f:5a:8e:3f:e5:50:b8:84:
                    b3:3c:02:42:85:60:47:6a:33:e5:0f:f1:7d:88:65:
                    aa:3a:dd:b6:8f:d6:5d:31:60:38:63:0d:3a:6d:9f:
                    1c:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:25:3F:40:69:8C:0C:6D:65:B1:CB:E7:91:17:92:3E:31:04:03:92
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dbdebba-e361-477e-ae11-d68def64ccc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.17.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         56:97:8f:11:30:04:4d:a8:cf:87:69:35:21:89:23:ce:b3:b8:
         5f:95:da:3f:be:ef:3c:82:e9:3a:e8:84:7d:c7:58:52:15:e4:
         78:8b:96:87:a2:a6:54:15:58:1c:79:83:71:64:0d:0f:72:f0:
         e7:b2:e4:b9:de:37:dd:79:42:4b:f8:f1:5c:74:41:cf:16:e4:
         29:48:36:44:8f:39:74:81:0f:9d:f1:f7:f7:18:f9:87:d9:ce:
         f5:22:e3:4f:c4:6a:d4:60:ec:9f:f4:c5:49:f7:4c:8e:47:11:
         78:ac:ed:5e:0e:fd:93:53:1d:27:09:d5:c2:7b:33:c2:19:28:
         bf:22:4e:b2:b4:f3:5a:55:b2:2b:62:6b:f8:d0:b6:45:7d:42:
         59:3d:34:31:94:6f:e7:cd:84:0d:b5:2e:fb:46:f5:33:4b:96:
         20:d9:60:08:86:7e:d9:45:94:ac:6c:a8:c4:46:8c:2c:1d:3f:
         05:3b:0b:1c:51:ca:b2:52:21:f8:b6:e7:25:bb:ad:ad:26:9d:
         df:bf:ee:18:27:3d:18:ed:ac:89:ff:8b:aa:d6:57:05:4b:15:
         4a:19:b5:c8:2b:53:43:d3:3e:d9:b8:f5:3d:e5:e3:f1:48:69:
         50:ed:e4:12:ab:9b:39:32:bf:0f:c9:f2:cc:b9:41:12:97:78:
         ad:fd:b5:2b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUal1i3Uil/hWCeAEMn7o/ZbTd+dswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzExMDAwMTQyWhcNMjUwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2Y1N2JmOGQwNjUxYzRkODQ2OTc0ZDA1MjgzNGNhOTFi
NTIxNDM5YmRkOGQ1ZDg1NWZlYmEwMWI1NWQzNTEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfJ9cm13/RuzijPHJoLwEHIdVH3PGun+yY7fxuXYlvRCMW
Wv/dwfJitz4zvLy4wXVG8a4CGk1zZRRch7sf8zRs+e2D1F4ovq3wB5SXefMzwmXK
j0fIpiKrIBptVMhT8FqD+bdOde/3pLnM9A0UIsO8GpOnmKhBGbOLBuHF0ukQ0LJl
bXcKTbb9E3abdATOrgxGBGwzh0eAmXc47dseVJyD54k6UVIImNtrddsNXglVIE+c
/+JFWTD4wK84tsbJ4CTmbJRJQ7A1XwZr7qruOTr0xJdLW4ejk1VvWo4/5VC4hLM8
AkKFYEdqM+UP8X2IZao63baP1l0xYDhjDTptnxzjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpCU/QGmMDG1lscvnkReSPjEEA5IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkYmRlYmJhLWUzNjEtNDc3ZS1hZTExLWQ2OGRlZjY0Y2NjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIETANBgkqhkiG9w0BAQsFAAOCAQEAVpePETAETajPh2k1IYkjzrO4X5Xa
P77vPILpOuiEfcdYUhXkeIuWh6KmVBVYHHmDcWQND3Lw57Lkud433XlCS/jxXHRB
zxbkKUg2RI85dIEPnfH39xj5h9nO9SLjT8Rq1GDsn/TFSfdMjkcReKztXg79k1Md
JwnVwnszwhkovyJOsrTzWlWyK2Jr+NC2RX1CWT00MZRv582EDbUu+0b1M0uWINlg
CIZ+2UWUrGyoxEaMLB0/BTsLHFHKslIh+LbnJbutrSad37/uGCc9GO2sif+LqtZX
BUsVShm1yCtTQ9M+2bj1PeXj8UhpUO3kEqubOTK/D8nyzLlBEpd4rf21Kw==
-----END CERTIFICATE-----