Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa
File:                     26191af3-5d36-4e52-a2b7-00dda51fdbff.roa (raw, json)
Hash identifier:          TlahW6tRTXnsN9wqU91WM8N8RBGnGJcVHv8es6Ra+Yw=
Subject key identifier:   5C:5E:EB:07:C0:89:CF:42:EF:FC:45:7C:BF:CB:72:B3:73:57:63:05
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       721303F3C48D9234AAEC5291E1ADDD3476E23647
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa
Signing time:             Mon 10 Mar 2025 15:01:47 +0000
ROA not before:           Mon 10 Mar 2025 15:01:47 +0000
ROA not after:            Mon 14 Apr 2025 23:59:59 +0000
asID:                     6167
IP address blocks:        162.208.122.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:13:03:f3:c4:8d:92:34:aa:ec:52:91:e1:ad:dd:34:76:e2:36:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 10 15:01:47 2025 GMT
            Not After : Apr 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:12:b9:ba:a9:3d:63:da:04:9f:a5:99:7a:53:
                    b8:00:db:89:92:9a:7b:2a:bb:73:7e:d1:6b:3a:91:
                    ac:c3:30:44:71:a0:f7:76:d9:18:70:7d:cc:94:ae:
                    10:6e:06:4b:6c:6b:98:0e:c7:f4:71:32:56:25:94:
                    8d:23:78:23:6c:b2:62:10:0f:8d:62:61:dc:90:bd:
                    ba:16:6a:7e:d4:95:43:fa:62:04:ce:6a:3f:be:5c:
                    09:83:f3:97:f9:e5:66:5e:4a:9d:66:ee:3b:4f:ce:
                    2f:36:6e:21:36:58:31:80:80:e9:34:a4:ae:ed:ca:
                    d2:fc:9d:ca:29:4d:02:26:ed:58:3d:3e:8a:66:84:
                    e8:f8:40:73:14:02:cf:e6:3b:7e:1b:b0:23:0a:31:
                    61:e6:42:6e:82:52:4e:bd:59:bd:98:5d:bd:68:fe:
                    04:9e:22:e2:50:13:d6:c0:e3:71:f2:c7:45:a1:63:
                    1f:8c:5e:73:18:b0:06:f9:de:f3:f1:f2:e8:ee:55:
                    3d:b5:7b:1c:55:23:6e:ab:23:40:5a:af:7f:0d:49:
                    f6:26:be:f1:39:d9:58:04:a1:c6:4b:cd:c3:44:94:
                    1b:6e:66:01:5f:56:e9:8f:7c:99:8d:3f:58:95:f2:
                    b0:35:69:49:e2:14:92:5d:d6:90:ec:ea:9f:0e:b5:
                    b6:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:5E:EB:07:C0:89:CF:42:EF:FC:45:7C:BF:CB:72:B3:73:57:63:05
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.208.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:0e:1b:c4:cd:18:df:fc:a8:3e:7a:73:c1:0a:aa:81:53:b7:
         9c:c1:67:7a:33:b3:14:5a:06:ec:ab:6c:4e:0d:66:db:92:c4:
         48:cf:ae:35:3f:66:cc:3d:a0:3f:0a:68:2d:7f:f5:02:a1:9b:
         51:2e:1f:67:73:46:b1:a4:1a:9b:60:35:16:be:1a:5a:01:e6:
         84:4e:e5:89:08:ac:21:0f:3c:b3:a7:f3:6d:d2:65:e8:38:1c:
         e9:de:af:b5:31:54:82:2a:56:0f:3d:96:ed:f0:ff:06:b1:31:
         3f:6b:19:2e:3c:b0:86:2e:1f:41:7a:53:64:59:26:8a:dc:0c:
         36:61:0f:79:89:4e:08:02:ca:10:2f:f5:b4:d4:ce:9e:e4:88:
         3c:a1:5a:2f:97:53:25:ed:50:bc:52:78:dd:8e:4e:a1:f7:95:
         2a:f6:6f:8b:2e:cf:4e:3c:f9:1b:6e:8c:29:74:c9:dd:87:b6:
         2c:2f:cc:f2:c1:70:51:a9:5b:1b:37:42:9a:55:1f:48:f1:24:
         89:99:57:e7:d6:a1:9b:6a:dc:37:55:26:a5:8e:64:23:f3:73:
         24:e1:61:e0:be:3a:b8:65:a8:41:e0:52:2d:f7:de:8b:f3:c3:
         12:2c:78:9c:1b:10:27:73:ab:f0:42:68:56:79:31:f6:98:e7:
         ba:a1:6b:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUchMD88SNkjSq7FKR4a3dNHbiNkcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEwMTUwMTQ3WhcNMjUwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTg4OWJjOTg1YjI3Y2Y0OGRmY2QzMjY1ODRhZWFlZGU3
MzA1OTc2ODVmYmE2ZDgwZTUyMTA4YWNjZTNhYzM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9Erm6qT1j2gSfpZl6U7gA24mSmnsqu3N+0Ws6kazDMERx
oPd22RhwfcyUrhBuBktsa5gOx/RxMlYllI0jeCNssmIQD41iYdyQvboWan7UlUP6
YgTOaj++XAmD85f55WZeSp1m7jtPzi82biE2WDGAgOk0pK7tytL8ncopTQIm7Vg9
PopmhOj4QHMUAs/mO34bsCMKMWHmQm6CUk69Wb2YXb1o/gSeIuJQE9bA43Hyx0Wh
Yx+MXnMYsAb53vPx8ujuVT21exxVI26rI0Bar38NSfYmvvE52VgEocZLzcNElBtu
ZgFfVumPfJmNP1iV8rA1aUniFJJd1pDs6p8OtbZ/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXF7rB8CJz0Lv/EV8v8tys3NXYwUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2MTkxYWYzLTVkMzYtNGU1Mi1hMmI3LTAwZGRhNTFmZGJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi0HowDQYJKoZIhvcNAQELBQADggEBALIOG8TNGN/8qD56c8EKqoFTt5zB
Z3ozsxRaBuyrbE4NZtuSxEjPrjU/Zsw9oD8KaC1/9QKhm1EuH2dzRrGkGptgNRa+
GloB5oRO5YkIrCEPPLOn823SZeg4HOner7UxVIIqVg89lu3w/waxMT9rGS48sIYu
H0F6U2RZJorcDDZhD3mJTggCyhAv9bTUzp7kiDyhWi+XUyXtULxSeN2OTqH3lSr2
b4suz048+RtujCl0yd2HtiwvzPLBcFGpWxs3QppVH0jxJImZV+fWoZtq3DdVJqWO
ZCPzcyThYeC+OrhlqEHgUi333ovzwxIseJwbECdzq/BCaFZ5MfaY57qha6o=
-----END CERTIFICATE-----