Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa
File:                     bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa (raw, json)
Hash identifier:          N/K875NFKfsQxbB0xMFiWUw1I972CIwmX0Phia/+wr0=
Subject key identifier:   97:EB:4E:5A:0E:8D:9D:05:A6:BC:2F:91:77:91:D2:9E:6B:A8:46:06
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       304A162E5D1197C533E5612F9CAE64AB20DA2B3D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa
Signing time:             Tue 04 Mar 2025 17:31:36 +0000
ROA not before:           Tue 04 Mar 2025 17:31:36 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        70.224.224.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:4a:16:2e:5d:11:97:c5:33:e5:61:2f:9c:ae:64:ab:20:da:2b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar  4 17:31:36 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3b:10:6d:74:62:00:4a:e5:d7:f9:57:5b:d2:
                    8b:cb:82:bf:27:3e:2c:17:14:09:b6:34:1e:58:12:
                    07:72:91:30:a1:30:6e:94:0d:75:d7:f9:e6:67:51:
                    93:5c:b2:f0:7e:ab:4e:fc:b7:2e:90:d5:52:1a:5a:
                    a2:db:48:5b:63:8e:4b:25:38:4d:04:c6:6b:83:d5:
                    ed:43:80:2f:92:0b:3a:7b:ca:b6:16:70:97:4e:b0:
                    59:f1:09:f5:d2:51:75:b6:81:27:ea:b6:05:33:62:
                    66:ed:0f:ec:c9:65:02:3c:28:59:d5:3a:0f:30:7b:
                    e7:14:d8:1b:72:c9:d1:0b:e3:e9:1d:5e:8c:bc:5a:
                    ca:df:cf:53:eb:32:17:8e:a1:63:bd:96:3f:d0:90:
                    37:6c:62:28:69:58:ba:43:7f:9b:b2:4d:57:85:9e:
                    0f:b3:b1:67:38:8a:c8:b5:af:cc:6f:8f:f7:71:1a:
                    ac:dc:40:1a:bd:20:28:d8:07:ff:22:95:87:24:00:
                    f0:eb:8e:b9:bf:4d:c7:59:49:72:2e:a1:1c:a6:b1:
                    c0:31:6e:af:19:7e:6f:d9:e2:33:01:b0:7a:bc:64:
                    99:0e:d0:5f:f7:49:b7:95:59:a4:c5:1c:de:c1:9e:
                    bf:96:e6:74:a1:88:c6:7d:b1:12:63:e8:49:15:37:
                    47:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:EB:4E:5A:0E:8D:9D:05:A6:BC:2F:91:77:91:D2:9E:6B:A8:46:06
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.224.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         87:a2:59:82:ca:ff:42:20:ef:c2:b8:fa:bc:a3:80:d4:f1:fb:
         8b:8b:8e:c3:3b:e2:24:b6:8b:0c:b2:c9:c9:7e:79:91:b7:a9:
         24:1a:48:6b:0d:4b:fd:f4:b2:60:13:97:57:86:54:20:d7:46:
         11:58:b8:41:35:d5:ff:92:80:9f:5d:f2:f5:12:4e:b1:67:80:
         d6:07:e1:70:68:5e:5b:61:35:b1:e7:2c:32:a5:ce:f4:5c:63:
         3a:39:55:8c:09:f8:e9:c1:ab:d7:a4:46:d1:ab:37:af:f2:4f:
         1c:b4:a6:9e:1d:4d:30:ae:b4:6a:0c:c5:ed:04:d0:dd:ef:8a:
         c4:08:d5:f4:f7:ff:69:28:a0:a5:39:6d:c0:c3:81:74:c4:8b:
         49:9e:8e:c4:8e:50:8a:a7:6d:57:29:24:7b:26:96:ba:d4:00:
         3d:cf:8a:10:a6:c3:31:dd:75:48:27:97:65:85:b5:a2:79:5e:
         29:5d:31:c1:63:36:b5:b5:7c:52:de:43:b9:6c:c4:7d:7c:1f:
         32:88:7f:72:93:b8:65:16:69:40:6c:bf:80:2a:d7:9e:04:3a:
         b1:c1:d5:52:89:61:d5:51:f2:84:a5:06:d5:15:e5:52:6b:53:
         ed:7f:43:84:c6:2c:f2:cf:96:2f:5c:32:04:9e:b6:a3:e4:3f:
         86:55:4a:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMEoWLl0Rl8Uz5WEvnK5kqyDaKz0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA0MTczMTM2WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTlmNjJhOTllMGUyMTAyMzBjOGE3Nzg2ZDkzOGE5NGI0
MWY2N2ViYjE0MjhjNTQ4MGJlOGMxNzc1OTM1OTI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChOxBtdGIASuXX+Vdb0ovLgr8nPiwXFAm2NB5YEgdykTCh
MG6UDXXX+eZnUZNcsvB+q078ty6Q1VIaWqLbSFtjjkslOE0ExmuD1e1DgC+SCzp7
yrYWcJdOsFnxCfXSUXW2gSfqtgUzYmbtD+zJZQI8KFnVOg8we+cU2BtyydEL4+kd
Xoy8Wsrfz1PrMheOoWO9lj/QkDdsYihpWLpDf5uyTVeFng+zsWc4isi1r8xvj/dx
GqzcQBq9ICjYB/8ilYckAPDrjrm/TcdZSXIuoRymscAxbq8Zfm/Z4jMBsHq8ZJkO
0F/3SbeVWaTFHN7Bnr+W5nShiMZ9sRJj6EkVN0fhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUl+tOWg6NnQWmvC+Rd5HSnmuoRgYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JjNjUzZTk2LTBkOTUtNGVlZi1hM2M4LThlNDYyYmRlOTllNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVG4OAwDQYJKoZIhvcNAQELBQADggEBAIeiWYLK/0Ig78K4+ryjgNTx+4uL
jsM74iS2iwyyycl+eZG3qSQaSGsNS/30smATl1eGVCDXRhFYuEE11f+SgJ9d8vUS
TrFngNYH4XBoXlthNbHnLDKlzvRcYzo5VYwJ+OnBq9ekRtGrN6/yTxy0pp4dTTCu
tGoMxe0E0N3visQI1fT3/2kooKU5bcDDgXTEi0mejsSOUIqnbVcpJHsmlrrUAD3P
ihCmwzHddUgnl2WFtaJ5XildMcFjNrW1fFLeQ7lsxH18HzKIf3KTuGUWaUBsv4Aq
154EOrHB1VKJYdVR8oSlBtUV5VJrU+1/Q4TGLPLPli9cMgSetqPkP4ZVSgw=
-----END CERTIFICATE-----