Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa
File:                     815dbd30-4974-4c77-9a27-6ac45a9fb646.roa (raw, json)
Hash identifier:          prukisqHwNFEkcZ0sdYdYp5n+LYACKrXppqVCMv8vi0=
Subject key identifier:   71:7D:DA:07:D3:53:85:0A:D6:50:E5:18:35:F1:FE:BC:06:6A:86:96
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6951D9F20FC4C9CDB427A91CC9A78A339C553A38
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa
Signing time:             Mon 10 Mar 2025 15:01:46 +0000
ROA not before:           Mon 10 Mar 2025 15:01:46 +0000
ROA not after:            Mon 14 Apr 2025 23:59:59 +0000
asID:                     22394
IP address blocks:        162.208.122.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:51:d9:f2:0f:c4:c9:cd:b4:27:a9:1c:c9:a7:8a:33:9c:55:3a:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 10 15:01:46 2025 GMT
            Not After : Apr 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:60:89:55:6e:53:bd:84:37:3a:ee:7b:88:50:
                    cf:45:01:de:0f:8d:42:1d:4e:79:2a:5c:a7:3c:83:
                    ae:7c:05:6b:f8:e9:72:fc:e9:f5:da:cc:1d:88:33:
                    db:1e:a9:fc:03:6d:aa:15:75:ad:1f:42:2f:05:1c:
                    c7:82:d5:bd:42:b9:44:9e:ea:c5:c1:2d:ff:bc:c5:
                    89:86:67:3d:ac:3f:31:ac:05:84:1f:1d:cd:4b:98:
                    1c:db:e9:6a:d4:cd:85:ec:45:45:21:06:24:b7:0d:
                    e1:f8:a5:b9:af:c4:a1:31:31:4b:b0:9c:20:8f:b1:
                    47:d4:f9:c2:17:58:84:d7:29:5c:7f:60:ce:11:c1:
                    a9:e1:7e:f7:48:4f:c6:c9:78:92:f3:cf:9b:78:54:
                    a5:5a:43:80:b9:a5:95:2e:9b:41:47:cf:58:b3:77:
                    c1:84:6a:35:93:12:95:f0:ad:6b:69:e0:ac:27:3f:
                    46:d5:fe:8c:4a:10:fe:42:01:b6:81:d8:37:2e:9f:
                    24:b2:82:72:63:03:7d:eb:18:9e:f5:8d:61:41:ac:
                    be:44:ab:b9:a5:da:51:b8:54:c9:78:1f:67:02:0f:
                    f0:40:d5:65:ce:41:ec:a8:17:7f:0c:0b:64:19:91:
                    d5:4d:51:32:de:f5:bc:84:3a:5e:79:9e:50:fb:10:
                    59:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:7D:DA:07:D3:53:85:0A:D6:50:E5:18:35:F1:FE:BC:06:6A:86:96
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.208.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:4b:6d:09:7e:12:b4:19:ae:53:7e:9e:75:04:16:78:86:40:
         2c:4b:d0:93:e0:47:b8:fc:84:e1:12:12:42:f5:c2:64:9f:7b:
         e6:4e:40:24:76:d3:6e:46:25:09:57:12:a3:c7:e0:30:62:6c:
         23:45:66:f3:39:75:bf:27:f4:71:13:09:bb:65:c0:f7:d7:da:
         ed:ff:5b:8a:e2:56:59:8a:ad:b3:6f:aa:e7:60:ad:2e:0c:2f:
         ef:82:ef:cb:ca:3a:e1:7d:0a:cd:99:70:4d:9c:2e:bf:6d:6c:
         56:04:2f:7b:cb:5e:7a:b8:cd:94:d0:fe:08:0f:23:b4:bc:35:
         c1:1d:2f:67:f4:79:e0:29:17:7d:2f:17:13:c9:cb:0e:5e:ea:
         a7:2b:bf:63:19:0f:33:a2:e6:3a:ac:f1:cb:f2:bd:aa:8c:90:
         18:e6:e3:77:25:3d:14:ee:01:30:e8:e0:1c:0a:13:00:9f:c7:
         aa:dd:75:89:0a:0b:82:79:ca:e2:bc:ac:43:15:d0:b0:66:96:
         cb:72:0b:a2:8c:a2:66:59:89:ed:45:50:70:06:95:0a:81:83:
         ab:62:70:09:86:38:84:0d:d2:6a:25:b2:59:aa:bc:c8:c4:23:
         f3:97:e7:23:f5:25:c9:5e:c9:df:cb:69:95:6c:53:c5:9c:dd:
         a6:a1:5f:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaVHZ8g/Eyc20J6kcyaeKM5xVOjgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEwMTUwMTQ2WhcNMjUwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZjVmMDM2YzM5ZGVmZmRiYjUzZDRkMGRjMjAzOTY4ZmY3
M2YwNjk4ZGU0YTA3ZDA3MTJlYzQ5ZTAwMDY3NzU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyYIlVblO9hDc67nuIUM9FAd4PjUIdTnkqXKc8g658BWv4
6XL86fXazB2IM9seqfwDbaoVda0fQi8FHMeC1b1CuUSe6sXBLf+8xYmGZz2sPzGs
BYQfHc1LmBzb6WrUzYXsRUUhBiS3DeH4pbmvxKExMUuwnCCPsUfU+cIXWITXKVx/
YM4RwanhfvdIT8bJeJLzz5t4VKVaQ4C5pZUum0FHz1izd8GEajWTEpXwrWtp4Kwn
P0bV/oxKEP5CAbaB2DcunySygnJjA33rGJ71jWFBrL5Eq7ml2lG4VMl4H2cCD/BA
1WXOQeyoF38MC2QZkdVNUTLe9byEOl55nlD7EFlzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcX3aB9NThQrWUOUYNfH+vAZqhpYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxNWRiZDMwLTQ5NzQtNGM3Ny05YTI3LTZhYzQ1YTlmYjY0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi0HowDQYJKoZIhvcNAQELBQADggEBAGhLbQl+ErQZrlN+nnUEFniGQCxL
0JPgR7j8hOESEkL1wmSfe+ZOQCR2025GJQlXEqPH4DBibCNFZvM5db8n9HETCbtl
wPfX2u3/W4riVlmKrbNvqudgrS4ML++C78vKOuF9Cs2ZcE2cLr9tbFYEL3vLXnq4
zZTQ/ggPI7S8NcEdL2f0eeApF30vFxPJyw5e6qcrv2MZDzOi5jqs8cvyvaqMkBjm
43clPRTuATDo4BwKEwCfx6rddYkKC4J5yuK8rEMV0LBmlstyC6KMomZZie1FUHAG
lQqBg6ticAmGOIQN0molslmqvMjEI/OX5yP1Jcleyd/LaZVsU8Wc3aahX9w=
-----END CERTIFICATE-----