Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa
File:                     fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa (raw, json)
Hash identifier:          OgH8S+egomySG511YI8a8HUCsxlmuRuvnMwF7oSWIk4=
Subject key identifier:   7D:F0:D3:2C:21:B6:DD:DF:4D:61:AE:01:89:AF:5F:FC:3F:34:67:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2C6E0059BE12521A67D547A7471A5638E58F6AFF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa
Signing time:             Sat 29 Mar 2025 00:41:17 +0000
ROA not before:           Sat 29 Mar 2025 00:41:17 +0000
ROA not after:            Sat 03 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.78.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:6e:00:59:be:12:52:1a:67:d5:47:a7:47:1a:56:38:e5:8f:6a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 29 00:41:17 2025 GMT
            Not After : May  3 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:91:fb:2d:ee:9b:4d:c2:a3:59:26:4d:29:46:
                    a2:c8:5d:94:ba:d5:93:62:7b:a9:29:e3:83:d2:e6:
                    49:30:43:fe:b7:71:ee:37:3a:d7:25:14:51:8f:50:
                    8d:93:ee:a0:f6:37:f9:aa:11:6f:a4:6f:f2:58:c7:
                    2b:a3:84:aa:9d:a7:01:2b:14:b2:47:80:91:5c:e5:
                    fd:d3:ca:e6:82:28:eb:7e:47:7b:7d:a0:3c:1f:67:
                    2a:46:b5:a7:1b:2c:e8:af:bb:50:a6:2d:c7:ae:1e:
                    03:e7:be:fa:98:ae:48:fe:75:18:e7:5a:d2:29:d7:
                    8f:0f:2e:32:38:e2:0a:d1:24:4c:aa:b1:0d:ec:9f:
                    e8:ae:e3:ae:a8:3b:83:82:11:04:d3:2f:84:4d:0f:
                    50:b4:97:e0:55:01:07:3a:54:8e:67:fb:5b:67:f3:
                    6e:05:8a:0e:28:e4:93:34:9a:62:8e:54:42:e7:1d:
                    5d:63:39:7f:52:b5:f0:a2:76:b1:8d:80:b7:3a:d8:
                    e7:a1:85:ac:a2:8a:99:1e:f8:86:e6:9b:2d:99:e7:
                    14:48:fb:57:6e:d2:b5:f4:dc:1e:87:97:23:c9:bd:
                    ae:92:ae:cd:1f:17:c0:a7:b0:8d:16:f8:5d:2e:2f:
                    83:aa:99:c0:5f:ef:9b:e4:b9:71:05:62:60:0b:9e:
                    36:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:F0:D3:2C:21:B6:DD:DF:4D:61:AE:01:89:AF:5F:FC:3F:34:67:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.78.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         83:da:51:5f:64:fa:d0:f5:38:11:32:c0:1f:05:de:cd:09:9d:
         dd:de:e5:bb:be:7a:f8:4f:4f:9d:00:e1:f4:12:b9:a8:24:52:
         fd:b6:54:61:ba:66:79:58:a1:27:c7:e7:33:b5:79:91:a5:44:
         c4:14:f5:fc:d0:4f:88:59:3d:f9:bc:8e:60:c2:32:85:0f:16:
         b0:3e:db:c5:ca:18:85:58:ba:d3:94:e3:80:7e:41:1d:7e:1e:
         1a:31:5f:e2:1d:ec:7e:14:47:c2:80:e2:c1:d8:1a:75:14:f3:
         ee:cb:d4:c6:cc:bd:d2:95:aa:b8:fd:ca:2b:ea:29:d6:fd:b2:
         08:7a:d1:3f:ff:c9:c7:8d:19:42:57:06:c0:74:5f:b6:d1:7e:
         a3:df:85:74:32:f8:98:ec:d8:c6:da:7d:af:ed:c2:7d:f6:72:
         f5:95:a0:be:12:0c:e8:4e:39:a9:6e:25:dd:56:33:d3:fe:ec:
         8f:80:18:41:dd:e4:24:19:c7:ec:40:a8:f5:20:1c:6b:46:1b:
         cf:4f:a3:e5:2a:cd:20:84:75:8b:da:1b:d5:61:79:db:c3:aa:
         b4:cc:a8:be:cc:42:a1:06:01:47:6b:94:5f:6a:1e:a3:3e:5a:
         b9:c0:d0:52:05:bc:be:66:46:5e:2a:4f:6c:21:b1:5c:4d:2f:
         8e:4d:15:9f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULG4AWb4SUhpn1UenRxpWOOWPav8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI5MDA0MTE3WhcNMjUwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmQ0MmVhYWQzMTYxNDM3ZjIzMjNhMzMzYjMyNDcyOGFm
NDExMmIzMWRiZTlhY2YyZjk2NDk0MTVlYWRiMDJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPkfst7ptNwqNZJk0pRqLIXZS61ZNie6kp44PS5kkwQ/63
ce43OtclFFGPUI2T7qD2N/mqEW+kb/JYxyujhKqdpwErFLJHgJFc5f3TyuaCKOt+
R3t9oDwfZypGtacbLOivu1CmLceuHgPnvvqYrkj+dRjnWtIp148PLjI44grRJEyq
sQ3sn+iu466oO4OCEQTTL4RND1C0l+BVAQc6VI5n+1tn824Fig4o5JM0mmKOVELn
HV1jOX9StfCidrGNgLc62Oehhayiipke+Ibmmy2Z5xRI+1du0rX03B6HlyPJva6S
rs0fF8CnsI0W+F0uL4OqmcBf75vkuXEFYmALnjbnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUffDTLCG23d9NYa4Bia9f/D80Z7swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlMDYxZmU0LTdmNzItNGViNy04ZWY5LTI4ZjU1YmI3NjJlNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQTjANBgkqhkiG9w0BAQsFAAOCAQEAg9pRX2T60PU4ETLAHwXezQmd3d7l
u756+E9PnQDh9BK5qCRS/bZUYbpmeVihJ8fnM7V5kaVExBT1/NBPiFk9+byOYMIy
hQ8WsD7bxcoYhVi605TjgH5BHX4eGjFf4h3sfhRHwoDiwdgadRTz7svUxsy90pWq
uP3KK+op1v2yCHrRP//Jx40ZQlcGwHRfttF+o9+FdDL4mOzYxtp9r+3CffZy9ZWg
vhIM6E45qW4l3VYz0/7sj4AYQd3kJBnH7ECo9SAca0Ybz0+j5SrNIIR1i9ob1WF5
28OqtMyovsxCoQYBR2uUX2oeoz5aucDQUgW8vmZGXipPbCGxXE0vjk0Vnw==
-----END CERTIFICATE-----