Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5250ee-2b70-49b1-9d07-e2e8ac674436.roa
File:                     9f5250ee-2b70-49b1-9d07-e2e8ac674436.roa (raw, json)
Hash identifier:          /bCdNeRfPZNERMCn91VN//DcHW1vA7Vlcpld/iWLKUk=
Subject key identifier:   BF:8B:BC:64:2D:33:4B:D4:F9:E1:8C:39:AD:9E:DF:5C:D1:5C:D0:55
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E34F5E32BE41D18A9B086858448BDBAC44EB3DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5250ee-2b70-49b1-9d07-e2e8ac674436.roa
Signing time:             Mon 24 Mar 2025 15:41:25 +0000
ROA not before:           Mon 24 Mar 2025 15:41:25 +0000
ROA not after:            Mon 28 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.190.146.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:34:f5:e3:2b:e4:1d:18:a9:b0:86:85:84:48:bd:ba:c4:4e:b3:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 24 15:41:25 2025 GMT
            Not After : Apr 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:44:80:79:f4:e7:e5:ea:cd:42:c3:07:be:c2:
                    d7:e1:0e:08:b6:b4:8e:d5:f6:64:96:bb:2b:19:a1:
                    cc:56:e1:91:54:c6:fb:fc:dd:ed:cf:6b:31:61:02:
                    39:99:ad:0e:92:fe:e3:63:40:09:5d:76:05:c4:86:
                    c6:c3:f5:53:55:7e:f1:f4:2d:65:7f:5d:60:c5:f3:
                    3c:c2:cc:db:f4:20:25:21:d9:56:d7:d2:92:90:5a:
                    7b:c0:9d:89:2b:6c:a4:8f:60:1f:3e:64:72:51:b3:
                    aa:37:2d:90:57:df:cd:3f:df:fc:bc:ae:60:4b:3f:
                    30:5c:c0:aa:b2:5d:6a:48:ed:e7:1f:d0:57:9e:77:
                    f5:47:83:c8:e1:09:dc:6c:23:ca:aa:c3:f5:11:1a:
                    4f:bc:e9:18:51:80:d0:f1:54:8c:ca:dd:76:da:15:
                    32:9a:a8:47:21:90:16:a2:91:d0:e9:52:fd:f1:59:
                    7d:af:f7:c1:0c:40:0d:45:83:f7:d0:8b:e3:fb:d7:
                    49:b6:7a:fe:a2:d0:cd:82:25:e6:d3:c5:6e:2d:02:
                    f7:61:98:06:11:a2:b1:2a:d6:5c:08:08:d4:1d:69:
                    20:00:03:cc:0c:6a:91:c8:ae:06:7e:f5:16:02:2f:
                    f4:c1:40:2c:89:82:98:75:d2:6a:a5:98:0a:3d:99:
                    db:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:8B:BC:64:2D:33:4B:D4:F9:E1:8C:39:AD:9E:DF:5C:D1:5C:D0:55
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5250ee-2b70-49b1-9d07-e2e8ac674436.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.190.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:eb:45:1e:51:c6:a9:cd:a5:d4:44:c3:a8:23:8e:6b:44:0a:
         fe:ff:f0:a1:22:dc:24:47:bd:28:b6:29:63:f4:11:d5:5d:9d:
         c2:e1:db:25:d0:db:1d:e1:1c:84:e2:62:76:ba:f2:5d:6e:4d:
         25:c4:a4:56:a9:4f:fc:c8:af:a7:6b:c0:7e:19:98:cb:14:3d:
         e6:ae:c7:36:e6:74:7f:a1:62:c9:1a:3a:1e:34:7f:bc:fb:2a:
         78:09:b1:64:db:2f:e1:b2:fe:d4:4d:53:5c:e4:71:8f:ad:ce:
         84:99:01:c0:1e:50:ad:a9:ca:14:98:45:ed:4a:75:ec:b3:41:
         ac:40:61:fb:24:c1:c8:86:3c:63:e9:98:90:2d:3c:c4:3e:91:
         89:24:80:c7:44:7b:32:d3:61:5f:5c:b8:92:24:0d:da:3f:62:
         31:26:af:5d:9c:24:ae:49:e8:ac:b8:57:7a:fb:14:1f:f2:f3:
         27:fc:ae:c8:5c:20:96:2d:71:cf:87:85:3e:f9:16:35:73:e5:
         cc:82:05:a7:41:9c:dd:1c:76:66:7e:cc:91:d3:b2:be:34:18:
         ea:42:58:91:3a:d2:03:2e:48:9e:90:d2:11:da:56:f4:4f:d1:
         dc:4d:0f:4f:0a:e4:53:50:2d:85:a0:b8:e7:9a:79:e7:48:54:
         c2:eb:bd:95
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULjT14yvkHRipsIaFhEi9usROs9swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MTI1WhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTEwMzM3YTM2MzI3ZGE3Y2Y2NTM4YTczOTQzYjhkNWIz
ZDdhY2NhMDFiMWM2ZjFmYTdmNWZkOGRmYWZlMmU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDERIB59Ofl6s1Cwwe+wtfhDgi2tI7V9mSWuysZocxW4ZFU
xvv83e3PazFhAjmZrQ6S/uNjQAlddgXEhsbD9VNVfvH0LWV/XWDF8zzCzNv0ICUh
2VbX0pKQWnvAnYkrbKSPYB8+ZHJRs6o3LZBX380/3/y8rmBLPzBcwKqyXWpI7ecf
0Feed/VHg8jhCdxsI8qqw/URGk+86RhRgNDxVIzK3XbaFTKaqEchkBaikdDpUv3x
WX2v98EMQA1Fg/fQi+P710m2ev6i0M2CJebTxW4tAvdhmAYRorEq1lwICNQdaSAA
A8wMapHIrgZ+9RYCL/TBQCyJgph10mqlmAo9mdsFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUv4u8ZC0zS9T54Yw5rZ7fXNFc0FUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmNTI1MGVlLTJiNzAtNDliMS05ZDA3LWUyZThhYzY3NDQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABAvpIwDQYJKoZIhvcNAQELBQADggEBAFnrRR5RxqnNpdREw6gjjmtECv7/
8KEi3CRHvSi2KWP0EdVdncLh2yXQ2x3hHITiYna68l1uTSXEpFapT/zIr6drwH4Z
mMsUPeauxzbmdH+hYskaOh40f7z7KngJsWTbL+Gy/tRNU1zkcY+tzoSZAcAeUK2p
yhSYRe1KdeyzQaxAYfskwciGPGPpmJAtPMQ+kYkkgMdEezLTYV9cuJIkDdo/YjEm
r12cJK5J6Ky4V3r7FB/y8yf8rshcIJYtcc+HhT75FjVz5cyCBadBnN0cdmZ+zJHT
sr40GOpCWJE60gMuSJ6Q0hHaVvRP0dxND08K5FNQLYWguOeaeedIVMLrvZU=
-----END CERTIFICATE-----