Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af2ec907-ffb6-4c22-a884-4c64b9f09a12.roa
File:                     af2ec907-ffb6-4c22-a884-4c64b9f09a12.roa (raw, json)
Hash identifier:          Nyp2ShWm2TK6s0E/2UDuZbg5/o/5h5dGqEYvoREgJ60=
Subject key identifier:   95:BC:63:3C:CF:05:9D:4A:56:47:34:1D:3C:D6:1E:C2:FF:05:32:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D82A7BFC960262E929828BAE32F1BC43391FFBB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af2ec907-ffb6-4c22-a884-4c64b9f09a12.roa
Signing time:             Sat 08 Mar 2025 00:00:20 +0000
ROA not before:           Sat 08 Mar 2025 00:00:20 +0000
ROA not after:            Sat 12 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        108.175.48.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:82:a7:bf:c9:60:26:2e:92:98:28:ba:e3:2f:1b:c4:33:91:ff:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar  8 00:00:20 2025 GMT
            Not After : Apr 12 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a9:ae:ac:28:c4:f4:4b:c5:49:bb:5e:41:32:
                    e4:f4:af:46:35:c4:73:df:70:32:8b:53:a1:ac:63:
                    64:90:e5:40:5e:f0:4e:c7:61:ed:08:a3:3e:a5:91:
                    f9:18:f6:f3:94:cb:74:e5:12:a4:8d:d1:e9:2d:8a:
                    62:c9:d6:a4:aa:61:2b:a6:01:a5:8a:99:85:6b:bc:
                    ae:50:e1:e2:fc:4f:30:ea:ae:46:73:d4:14:09:1d:
                    f7:ff:39:95:30:ce:62:64:ee:0c:9b:d2:9f:3f:bf:
                    99:12:fd:4a:68:d6:93:67:86:3b:2f:95:0e:3b:3f:
                    66:13:63:b4:3e:a0:81:b6:76:8d:84:94:2b:2b:dd:
                    0b:84:33:a7:79:b5:56:36:46:83:a5:9d:f4:91:12:
                    df:ad:27:29:ff:95:65:8a:d2:77:8a:a1:43:38:c0:
                    52:35:78:d5:2c:c8:2e:3f:91:77:d6:be:84:d1:b0:
                    32:33:c4:20:43:be:a0:3f:16:33:54:66:b7:f2:34:
                    69:8a:88:e1:76:12:11:03:e6:18:7e:72:85:1e:78:
                    0a:d8:84:20:2e:17:b0:51:64:96:a9:7b:d5:d8:96:
                    17:93:92:1f:2b:a7:2e:fa:e3:f8:8c:44:dd:13:d8:
                    4d:03:58:8e:18:83:76:f7:82:ff:79:e5:38:6d:c3:
                    8f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:BC:63:3C:CF:05:9D:4A:56:47:34:1D:3C:D6:1E:C2:FF:05:32:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af2ec907-ffb6-4c22-a884-4c64b9f09a12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.175.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:1e:f6:5e:c6:e9:c0:f6:43:3b:e7:32:cc:ff:b1:31:fc:0b:
         98:71:fc:aa:17:62:0e:94:c1:95:3e:f3:70:1c:66:36:7d:d0:
         8b:40:d8:4b:ad:b2:99:6f:6d:05:16:a2:45:5b:6e:aa:f0:33:
         09:73:d7:84:31:35:8d:12:13:fd:5b:2d:15:ab:21:5c:08:81:
         a3:c2:f4:dc:f5:cb:4f:24:80:1d:42:cd:a9:6b:3b:39:08:9a:
         9b:b8:05:38:79:57:b3:f1:1d:7d:3a:f1:bb:3f:7e:34:5f:21:
         75:87:9f:01:01:7b:8a:7e:dd:8f:a7:9c:ec:d2:d0:2a:52:92:
         61:ed:c8:df:0c:e5:b5:fd:90:5d:6b:96:d8:a3:fc:2e:72:3b:
         c6:fc:79:f7:66:52:81:73:6c:aa:77:a2:b9:d7:33:5f:bd:d1:
         9f:ac:f1:ae:0e:68:23:bc:2b:68:49:1b:51:e8:9a:54:98:be:
         df:8d:df:79:05:ea:e0:10:c0:e6:78:13:4c:53:3c:96:3a:17:
         6c:af:b7:08:84:37:fb:9a:fd:f2:53:83:57:9a:92:4a:07:bd:
         22:63:db:5c:23:cc:2e:73:71:52:e1:da:49:58:06:e5:58:51:
         24:40:74:04:d7:cb:60:55:37:2d:19:87:e1:20:6b:32:fa:48:
         8b:fb:97:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbYKnv8lgJi6SmCi64y8bxDOR/7swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA4MDAwMDIwWhcNMjUwNDEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3M2ZjODVkNzdiNTc5NDUzOTY0NDQ4YzYzYzY0ZDdiMTE2
NGMwYzc1Y2RlNTk1MjQwMTFkZmE1NWVmZjk2Y2Y2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXqa6sKMT0S8VJu15BMuT0r0Y1xHPfcDKLU6GsY2SQ5UBe
8E7HYe0Ioz6lkfkY9vOUy3TlEqSN0ektimLJ1qSqYSumAaWKmYVrvK5Q4eL8TzDq
rkZz1BQJHff/OZUwzmJk7gyb0p8/v5kS/Upo1pNnhjsvlQ47P2YTY7Q+oIG2do2E
lCsr3QuEM6d5tVY2RoOlnfSREt+tJyn/lWWK0neKoUM4wFI1eNUsyC4/kXfWvoTR
sDIzxCBDvqA/FjNUZrfyNGmKiOF2EhED5hh+coUeeArYhCAuF7BRZJape9XYlheT
kh8rpy764/iMRN0T2E0DWI4Yg3b3gv955Thtw49rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlbxjPM8FnUpWRzQdPNYewv8FMpowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FmMmVjOTA3LWZmYjYtNGMyMi1hODg0LTRjNjRiOWYwOWExMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsrzAwDQYJKoZIhvcNAQELBQADggEBAA4e9l7G6cD2QzvnMsz/sTH8C5hx
/KoXYg6UwZU+83AcZjZ90ItA2EutsplvbQUWokVbbqrwMwlz14QxNY0SE/1bLRWr
IVwIgaPC9Nz1y08kgB1CzalrOzkImpu4BTh5V7PxHX068bs/fjRfIXWHnwEBe4p+
3Y+nnOzS0CpSkmHtyN8M5bX9kF1rltij/C5yO8b8efdmUoFzbKp3ornXM1+90Z+s
8a4OaCO8K2hJG1HomlSYvt+N33kF6uAQwOZ4E0xTPJY6F2yvtwiEN/ua/fJTg1ea
kkoHvSJj21wjzC5zcVLh2klYBuVYUSRAdATXy2BVNy0Zh+EgazL6SIv7l98=
-----END CERTIFICATE-----