Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/721aa7be-d4b7-4d44-97d2-6fbc2144f45f.roa
File:                     721aa7be-d4b7-4d44-97d2-6fbc2144f45f.roa (raw, json)
Hash identifier:          8vhfbx3n2Ckipbf2f3tWlQLqgfbFPwlzX4jOe7kHw6Q=
Subject key identifier:   B7:B2:5B:3F:C5:81:1F:23:B2:B4:2A:CF:8D:E7:95:79:94:0E:FE:CA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       252FE34BA5EE7393E2C64FE10AD10992BF9D3009
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/721aa7be-d4b7-4d44-97d2-6fbc2144f45f.roa
Signing time:             Wed 12 Mar 2025 00:02:06 +0000
ROA not before:           Wed 12 Mar 2025 00:02:06 +0000
ROA not after:            Wed 16 Apr 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        107.176.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:2f:e3:4b:a5:ee:73:93:e2:c6:4f:e1:0a:d1:09:92:bf:9d:30:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 12 00:02:06 2025 GMT
            Not After : Apr 16 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a0:d1:6a:56:7e:1c:23:24:eb:a8:32:c1:e8:
                    00:66:f1:de:a8:72:5c:e1:3d:59:43:e4:e4:eb:c5:
                    d8:8b:85:40:49:42:a3:a3:41:61:49:aa:23:36:40:
                    83:10:7f:20:23:81:48:dd:80:70:3e:1d:b2:b6:8c:
                    1b:c7:8c:db:cb:94:22:26:31:9a:44:f0:59:b8:af:
                    89:4b:0c:64:66:4d:2e:2b:ef:7b:96:f5:4c:0c:a5:
                    52:bc:8b:b0:e4:ef:9e:c2:b5:9f:d4:0f:60:03:af:
                    0d:a3:c7:f7:88:99:25:1d:a3:b8:0c:ed:86:0a:55:
                    f6:3e:68:6e:ad:90:c4:47:0b:79:19:b7:e4:16:9a:
                    c6:30:df:2c:5a:47:e5:9b:98:72:88:7e:f9:3b:51:
                    b4:60:b8:1a:12:61:7a:56:db:a5:c7:7e:f1:76:8b:
                    cb:2b:81:6a:3f:0b:ae:a5:95:d2:8e:dd:34:f0:e8:
                    f7:f3:af:38:4b:41:30:f9:c9:0e:3f:ea:29:e0:89:
                    c8:74:5f:8b:7a:e0:dd:37:5b:dc:9f:9c:74:b7:c5:
                    e5:4e:ea:ce:82:1e:6b:61:3a:fc:2b:de:2b:21:3f:
                    13:12:6e:84:7d:41:45:c4:d9:da:6b:0e:72:08:db:
                    5f:f9:62:e8:fc:7d:8d:13:ec:84:00:a3:bc:d0:c2:
                    f2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B2:5B:3F:C5:81:1F:23:B2:B4:2A:CF:8D:E7:95:79:94:0E:FE:CA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/721aa7be-d4b7-4d44-97d2-6fbc2144f45f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.176.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         86:98:43:eb:e3:8b:5f:da:50:82:dc:9d:7b:7a:22:4a:07:ad:
         13:7c:c4:b3:22:cd:5e:d0:0f:4e:34:d9:fd:57:c6:45:a3:61:
         1e:a4:99:f2:4a:43:a3:e6:9b:b2:dd:8e:eb:85:11:9a:3c:bd:
         5b:59:df:81:70:ae:f2:ee:88:af:7d:29:72:2c:72:51:34:28:
         8f:10:57:42:d3:08:91:7a:fd:59:26:e8:a2:ef:b6:10:9e:79:
         8f:92:28:85:36:05:b8:0e:b9:9e:bf:8b:69:90:7c:8e:69:af:
         9d:5d:02:ce:cc:fa:39:d7:2f:22:17:5c:c8:ba:02:52:1c:07:
         e7:26:fc:18:90:98:f2:7e:29:6e:e1:86:19:e5:16:74:fc:30:
         7a:b6:3e:25:aa:d5:43:6c:96:de:66:4e:56:df:f3:f6:64:37:
         ef:15:73:7e:f6:9f:7e:86:b0:78:e8:2d:32:2d:85:b2:95:8f:
         94:67:5b:20:db:e5:3f:07:4f:4f:ec:da:6e:d2:f7:c9:4f:39:
         5d:a5:0a:3f:6a:d3:41:4c:64:2b:9e:e3:bb:bc:40:4d:86:db:
         8b:be:a8:ef:e2:9f:c2:74:63:3c:e9:d4:92:34:8f:03:c3:d1:
         a3:6f:8a:52:17:3d:87:df:8b:fb:4e:2a:1f:3a:d3:77:47:bd:
         0a:43:69:f8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJS/jS6Xuc5Pixk/hCtEJkr+dMAkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAwMjA2WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZDk0YTBiODdiOWU2YWI0ODM1NDRiMGNlMWYzMzVhMDFl
NTMyMTNjNzczMWY3MDlhZWExNzNjOTA5YmRkMmExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqoNFqVn4cIyTrqDLB6ABm8d6oclzhPVlD5OTrxdiLhUBJ
QqOjQWFJqiM2QIMQfyAjgUjdgHA+HbK2jBvHjNvLlCImMZpE8Fm4r4lLDGRmTS4r
73uW9UwMpVK8i7Dk757CtZ/UD2ADrw2jx/eImSUdo7gM7YYKVfY+aG6tkMRHC3kZ
t+QWmsYw3yxaR+WbmHKIfvk7UbRguBoSYXpW26XHfvF2i8srgWo/C66lldKO3TTw
6PfzrzhLQTD5yQ4/6ingich0X4t64N03W9yfnHS3xeVO6s6CHmthOvwr3ishPxMS
boR9QUXE2dprDnII21/5Yuj8fY0T7IQAo7zQwvKfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUt7JbP8WBHyOytCrPjeeVeZQO/sowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcyMWFhN2JlLWQ0YjctNGQ0NC05N2QyLTZmYmMyMTQ0ZjQ1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFrsDANBgkqhkiG9w0BAQsFAAOCAQEAhphD6+OLX9pQgtyde3oiSgetE3zE
syLNXtAPTjTZ/VfGRaNhHqSZ8kpDo+abst2O64URmjy9W1nfgXCu8u6Ir30pcixy
UTQojxBXQtMIkXr9WSboou+2EJ55j5IohTYFuA65nr+LaZB8jmmvnV0Czsz6Odcv
IhdcyLoCUhwH5yb8GJCY8n4pbuGGGeUWdPwwerY+JarVQ2yW3mZOVt/z9mQ37xVz
fvaffoaweOgtMi2FspWPlGdbINvlPwdPT+zabtL3yU85XaUKP2rTQUxkK57ju7xA
TYbbi76o7+KfwnRjPOnUkjSPA8PRo2+KUhc9h9+L+04qHzrTd0e9CkNp+A==
-----END CERTIFICATE-----