Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa
File:                     f6b39c3e-9738-436a-82b3-baacdf83c549.roa (raw, json)
Hash identifier:          MLjqR5wrMDtYpEiUQykQRQLXUBSjCUHzflSqKRJcJFo=
Subject key identifier:   CF:D4:10:0A:68:D1:23:85:68:7B:B9:85:C3:4E:C5:98:DE:4E:18:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       27DB34CE76BE57575CA202E20ABEE8E4658AFCD1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa
Signing time:             Fri 28 Mar 2025 18:38:48 +0000
ROA not before:           Fri 28 Mar 2025 18:38:48 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        110.238.28.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:db:34:ce:76:be:57:57:5c:a2:02:e2:0a:be:e8:e4:65:8a:fc:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 18:38:48 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3a:41:dc:b4:4f:02:41:f5:fd:1b:1e:09:81:
                    24:91:46:e0:0e:14:69:8c:c1:4b:33:d2:84:f5:6d:
                    8e:0b:9d:ea:eb:49:ae:bc:8c:a8:e2:8e:69:88:aa:
                    31:49:a1:2a:9f:1c:57:bb:85:16:bb:08:c0:d8:9f:
                    ee:c0:a6:13:98:f4:a0:72:31:ba:c4:9e:63:c1:0e:
                    33:cd:f0:ef:5d:a1:55:d7:5a:62:04:78:73:8f:2f:
                    ea:62:d2:a3:4a:31:cc:fa:8b:ad:c7:9d:03:d5:6c:
                    86:a5:cf:6d:57:cc:73:0b:ab:ca:c3:43:76:14:64:
                    2b:43:e3:ae:1b:e8:9b:6a:cf:6f:3a:a0:cf:db:aa:
                    7d:f4:c5:39:8a:ab:31:50:b2:19:d1:06:1b:26:91:
                    e3:ee:77:3e:95:9c:04:15:e8:79:ed:3f:0c:6f:dc:
                    7c:3a:d6:6a:8b:76:f0:ac:1b:ea:0e:38:c0:13:2b:
                    b8:06:3f:08:f0:14:7f:5b:33:05:e9:74:2a:65:39:
                    bd:7a:57:36:73:0f:d7:65:54:93:ca:84:37:57:47:
                    6e:46:f8:c7:4b:52:98:32:b4:57:bf:40:49:a1:d0:
                    8f:fe:ac:5c:5e:cb:68:fa:80:f3:f8:a5:0c:88:81:
                    5a:51:a8:10:1a:57:55:e7:8e:8a:ba:e2:26:de:4c:
                    58:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:D4:10:0A:68:D1:23:85:68:7B:B9:85:C3:4E:C5:98:DE:4E:18:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.238.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:29:2a:e3:3b:d4:f0:b8:0d:7e:65:f2:57:5a:03:97:65:95:
         28:40:c5:83:1a:19:3d:88:53:c5:5a:8c:88:7b:03:57:b7:85:
         c4:96:67:0a:d3:79:2f:b7:32:b5:b0:1f:0d:54:40:69:ea:c5:
         88:23:76:c2:1f:c7:e5:85:c5:8b:28:c5:eb:0f:04:ee:fe:69:
         13:ff:69:24:5b:f6:cb:96:5b:73:df:3a:76:17:24:67:07:13:
         73:86:e1:68:64:4d:0b:de:b3:2f:d0:e4:9d:31:2d:8e:85:78:
         38:a4:a8:5a:8b:0b:a2:17:6e:23:9b:ff:92:f5:ed:41:ec:63:
         f4:2b:47:a3:f7:23:9e:ab:6f:1a:60:75:f5:b5:7f:d0:55:52:
         53:53:f7:b2:96:54:71:c8:7c:bf:8a:06:e2:c0:20:e5:c5:9c:
         40:d8:54:cb:14:6a:81:e2:2f:0d:8a:84:89:1d:e1:ec:5c:6f:
         ae:77:e8:84:7e:d3:1e:8c:88:be:a5:77:db:e4:0f:6a:29:14:
         a3:fc:91:56:fc:b2:ed:e7:e5:7e:7c:b3:ab:74:93:a5:78:60:
         ca:19:02:91:ce:53:3d:af:eb:cb:27:26:c0:e1:2c:af:61:39:
         9c:8e:79:b2:6d:53:9f:f1:0d:1e:1a:7f:33:ec:9d:79:01:26:
         96:3a:41:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ9s0zna+V1dcogLiCr7o5GWK/NEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTgzODQ4WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmE5ZTRmOWU1Mjc0OTMwNWQ0M2ZmNzA1YTY0OTRhNmJh
Yzk2MWQ5ZDgyNDg0Zjc1YmNiYTRhNjJkYTk3Mzk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQOkHctE8CQfX9Gx4JgSSRRuAOFGmMwUsz0oT1bY4Lnerr
Sa68jKjijmmIqjFJoSqfHFe7hRa7CMDYn+7AphOY9KByMbrEnmPBDjPN8O9doVXX
WmIEeHOPL+pi0qNKMcz6i63HnQPVbIalz21XzHMLq8rDQ3YUZCtD464b6Jtqz286
oM/bqn30xTmKqzFQshnRBhsmkePudz6VnAQV6HntPwxv3Hw61mqLdvCsG+oOOMAT
K7gGPwjwFH9bMwXpdCplOb16VzZzD9dlVJPKhDdXR25G+MdLUpgytFe/QEmh0I/+
rFxey2j6gPP4pQyIgVpRqBAaV1Xnjoq64ibeTFhzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz9QQCmjRI4Voe7mFw07FmN5OGPQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2YjM5YzNlLTk3MzgtNDM2YS04MmIzLWJhYWNkZjgzYzU0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJu7hwwDQYJKoZIhvcNAQELBQADggEBADIpKuM71PC4DX5l8ldaA5dllShA
xYMaGT2IU8VajIh7A1e3hcSWZwrTeS+3MrWwHw1UQGnqxYgjdsIfx+WFxYsoxesP
BO7+aRP/aSRb9suWW3PfOnYXJGcHE3OG4WhkTQvesy/Q5J0xLY6FeDikqFqLC6IX
biOb/5L17UHsY/QrR6P3I56rbxpgdfW1f9BVUlNT97KWVHHIfL+KBuLAIOXFnEDY
VMsUaoHiLw2KhIkd4excb6536IR+0x6MiL6ld9vkD2opFKP8kVb8su3n5X58s6t0
k6V4YMoZApHOUz2v68snJsDhLK9hOZyOebJtU5/xDR4afzPsnXkBJpY6QV4=
-----END CERTIFICATE-----