Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c210291d-680f-4b5c-9812-d774ab27912e.roa
File:                     c210291d-680f-4b5c-9812-d774ab27912e.roa (raw, json)
Hash identifier:          4r3OQUR6pCqANBqRXyyAYBIBpftgAiLp8VcGCJS9me4=
Subject key identifier:   36:0C:83:DD:24:46:27:C1:3E:10:28:E7:C5:51:4A:2A:06:B2:B2:76
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       1C2A03B2716F15FAE2A83980484B20BA08015A12
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c210291d-680f-4b5c-9812-d774ab27912e.roa
Signing time:             Sat 04 Jan 2025 00:00:00 +0000
ROA not before:           Sat 04 Jan 2025 00:00:00 +0000
ROA not after:            Sat 08 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.55.141.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:2a:03:b2:71:6f:15:fa:e2:a8:39:80:48:4b:20:ba:08:01:5a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan  4 00:00:00 2025 GMT
            Not After : Feb  8 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:60:12:d7:c5:8c:b9:4f:8d:a5:6b:b8:a5:16:
                    c9:72:1b:90:1e:92:0b:9c:42:de:2f:7e:2b:bd:ff:
                    18:d8:99:a0:e0:ba:0f:d1:bc:e0:be:56:4f:72:98:
                    09:7b:82:be:0a:d1:6a:69:4e:99:22:5d:cf:3d:e5:
                    6d:ac:c0:99:48:38:62:1b:0b:96:c9:de:ef:59:45:
                    49:33:8f:14:d3:55:08:06:60:83:a8:00:eb:e1:39:
                    a8:5f:90:72:c6:a7:79:32:47:be:c7:4b:bf:4f:f9:
                    66:ad:41:29:09:23:09:58:0a:89:06:33:63:bc:60:
                    3e:8d:19:b5:7d:b6:50:57:0d:f2:6c:ae:4a:fc:a8:
                    ca:26:d8:08:7c:34:26:83:eb:99:aa:fe:94:a7:62:
                    a8:7e:71:b2:16:11:5f:15:08:df:b2:55:65:60:cb:
                    50:f4:a4:e1:7b:82:63:e4:88:bd:1f:cb:d2:f3:7e:
                    12:2b:59:5e:e8:08:37:27:37:c7:a4:4f:6c:4d:c3:
                    05:2e:7c:4f:12:a9:fd:20:b8:90:9c:13:15:d5:bb:
                    04:92:a7:10:10:83:cc:ed:c5:4e:51:e0:77:e6:5d:
                    da:0f:c2:dc:67:90:3e:5e:67:29:34:8d:29:68:7a:
                    5c:db:16:54:52:61:cf:e6:e9:32:7d:70:fc:41:6c:
                    47:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0C:83:DD:24:46:27:C1:3E:10:28:E7:C5:51:4A:2A:06:B2:B2:76
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c210291d-680f-4b5c-9812-d774ab27912e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.55.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:fe:ed:8a:2f:34:14:06:e7:18:9a:5c:20:ca:10:48:08:18:
         e5:a1:20:43:8e:d5:d6:8a:43:cd:e9:45:df:b3:85:86:93:62:
         df:41:b8:a3:33:88:24:10:f2:5b:1e:af:5c:07:95:2b:b0:cb:
         2b:10:0e:8f:0a:6c:10:14:ef:46:7d:52:5d:1d:cd:88:98:e7:
         26:3a:b4:f8:25:ea:67:59:72:a7:04:3b:8b:db:97:e4:95:1e:
         4a:4d:02:a1:08:28:1b:df:59:26:bf:b2:27:bf:0e:63:32:89:
         c6:96:5b:2e:03:d6:19:8e:f9:27:c5:fb:6b:6a:e8:99:66:e2:
         48:7f:de:b3:c7:1c:ac:ec:88:50:1c:9b:b1:93:d1:90:13:74:
         af:c0:55:e9:ba:39:2a:c3:fb:1b:bc:a8:07:ac:84:49:3e:2f:
         d1:f0:fe:41:ae:e8:9e:0f:31:e0:b2:8a:5c:a2:56:50:2a:21:
         af:f5:c2:49:a7:2f:4e:59:d2:30:f2:6c:d7:5c:ba:b7:5d:58:
         22:39:78:1e:94:ec:cc:3c:6e:71:c8:e3:5e:12:91:fb:78:fb:
         5d:cb:ed:2c:d8:2f:50:e3:18:86:9c:e7:4a:2f:03:90:ab:42:
         66:9b:c3:ee:1a:5b:b7:bb:75:01:20:6e:6e:2a:68:93:a9:5c:
         d0:52:7c:35
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHCoDsnFvFfriqDmASEsguggBWhIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWVhMzEwMzBmMjM2Zjk4MmQxNmMwMjZlZWI5NDA0MmNi
ZGIzOGIyYTJiNTEwMzA0NDliNjgxYzlkN2FiMTE0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+YBLXxYy5T42la7ilFslyG5AekgucQt4vfiu9/xjYmaDg
ug/RvOC+Vk9ymAl7gr4K0WppTpkiXc895W2swJlIOGIbC5bJ3u9ZRUkzjxTTVQgG
YIOoAOvhOahfkHLGp3kyR77HS79P+WatQSkJIwlYCokGM2O8YD6NGbV9tlBXDfJs
rkr8qMom2Ah8NCaD65mq/pSnYqh+cbIWEV8VCN+yVWVgy1D0pOF7gmPkiL0fy9Lz
fhIrWV7oCDcnN8ekT2xNwwUufE8Sqf0guJCcExXVuwSSpxAQg8ztxU5R4HfmXdoP
wtxnkD5eZyk0jSloelzbFlRSYc/m6TJ9cPxBbEcbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNgyD3SRGJ8E+ECjnxVFKKgaysnYwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2MyMTAyOTFkLTY4MGYtNGI1Yy05ODEyLWQ3NzRhYjI3OTEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADON40wDQYJKoZIhvcNAQELBQADggEBAC7+7YovNBQG5xiaXCDKEEgIGOWh
IEOO1daKQ83pRd+zhYaTYt9BuKMziCQQ8lser1wHlSuwyysQDo8KbBAU70Z9Ul0d
zYiY5yY6tPgl6mdZcqcEO4vbl+SVHkpNAqEIKBvfWSa/sie/DmMyicaWWy4D1hmO
+SfF+2tq6Jlm4kh/3rPHHKzsiFAcm7GT0ZATdK/AVem6OSrD+xu8qAeshEk+L9Hw
/kGu6J4PMeCyilyiVlAqIa/1wkmnL05Z0jDybNdcurddWCI5eB6U7Mw8bnHI414S
kft4+13L7SzYL1DjGIac50ovA5CrQmabw+4aW7e7dQEgbm4qaJOpXNBSfDU=
-----END CERTIFICATE-----