Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa
File:                     e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa (raw, json)
Hash identifier:          ISqnFhNFix3SeCyhgTupney0H1eFJLyRwc+HUDnyNv4=
Subject key identifier:   87:EA:03:E3:8D:CE:B9:5A:60:CF:E0:6F:59:D9:47:29:89:0F:3D:BC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40A7AB757F0482996752063FC5B3B444B341A4AF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa
Signing time:             Mon 10 Mar 2025 15:00:28 +0000
ROA not before:           Mon 10 Mar 2025 15:00:28 +0000
ROA not after:            Mon 14 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.228.192.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:a7:ab:75:7f:04:82:99:67:52:06:3f:c5:b3:b4:44:b3:41:a4:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 10 15:00:28 2025 GMT
            Not After : Apr 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c7:62:7a:7c:a9:21:06:82:0f:70:54:17:aa:
                    67:c3:2a:c5:53:8f:35:2f:e6:9e:64:95:a1:6f:2f:
                    11:42:da:bf:1f:34:9c:3b:86:d2:17:c4:e1:92:de:
                    e0:4e:da:c1:41:f8:b2:51:25:fe:d7:6c:32:1b:a3:
                    7a:f7:88:b0:6e:40:4e:46:99:07:5f:ad:23:2e:4b:
                    07:dc:0d:70:c3:ea:96:62:cc:bb:4b:c6:39:5d:f2:
                    77:39:c0:38:5c:21:25:0a:09:f8:80:0f:b2:de:94:
                    91:5a:c6:dc:ee:d3:19:ed:15:24:0f:ae:ca:6d:98:
                    da:90:d3:7b:ed:a1:63:86:a0:fa:a1:3b:7b:4f:c6:
                    50:a6:ad:49:17:e1:51:e2:6e:e1:4d:95:02:32:41:
                    13:5f:00:9a:80:1f:72:75:3b:6c:43:81:54:2c:30:
                    cd:6f:7f:a8:3b:50:d6:28:db:cf:db:39:56:20:e3:
                    89:d0:d4:bb:a5:f8:f6:2a:bd:3b:14:9a:5c:a7:9f:
                    0f:2d:9a:55:9a:65:d4:eb:07:7f:95:79:55:c6:cd:
                    ee:a4:66:a5:8d:40:a9:b6:4a:13:ab:03:ae:0a:ea:
                    fa:2c:14:34:91:fe:c4:ae:3e:0b:b2:15:42:32:a0:
                    bc:1d:bd:70:2d:71:f4:cc:f2:33:b2:95:1f:e0:43:
                    11:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:EA:03:E3:8D:CE:B9:5A:60:CF:E0:6F:59:D9:47:29:89:0F:3D:BC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.228.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         c6:96:05:04:fd:76:af:7f:a4:38:e9:15:0f:d3:ba:88:e0:71:
         69:95:f7:9d:33:0e:9c:e0:12:97:35:b2:0f:c2:96:34:c5:e8:
         b7:9b:a4:d7:2a:25:32:27:8d:fe:4b:57:89:db:95:50:5a:c6:
         a0:29:d8:87:8a:72:53:60:ca:94:c5:ea:5a:66:0b:96:a0:96:
         b5:3b:a2:74:1e:67:21:7b:5f:81:3e:f1:70:07:be:df:7d:a6:
         4e:22:b6:5d:4a:fc:55:55:ab:95:ac:74:f1:58:d7:5d:2c:da:
         ec:23:41:43:d6:e2:48:cd:09:eb:d0:ce:0a:45:6c:df:4f:86:
         9d:bf:fa:c1:fb:64:71:5e:a0:a3:d0:b3:01:a1:2d:7c:b7:cb:
         fc:36:09:c2:1c:05:00:e2:94:7f:09:68:c4:92:8f:6f:a8:ed:
         a8:33:3d:35:0e:bd:3c:65:77:af:cd:fa:7d:e3:27:5a:53:2b:
         ee:a5:12:e6:2d:8c:0a:22:e4:fc:30:f7:c4:6f:8c:23:08:9f:
         38:52:18:41:0f:e5:37:77:71:65:eb:67:3c:a7:f1:db:a8:66:
         a9:50:45:41:df:a7:a6:7d:5c:e2:cd:08:20:78:52:4c:5e:27:
         92:70:0b:9a:ac:ed:e8:8a:49:96:b7:68:37:5e:b1:8c:1e:2a:
         c1:0f:aa:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQKerdX8EgplnUgY/xbO0RLNBpK8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEwMTUwMDI4WhcNMjUwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDBmNjIyMDg3YjVlMmM3ZjdiNGFkYWUzNzRiZTNlY2Rh
YWVmNTA1YTBlOGRjMmE3NGZjY2NkZDE1NzJkZmIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRx2J6fKkhBoIPcFQXqmfDKsVTjzUv5p5klaFvLxFC2r8f
NJw7htIXxOGS3uBO2sFB+LJRJf7XbDIbo3r3iLBuQE5GmQdfrSMuSwfcDXDD6pZi
zLtLxjld8nc5wDhcISUKCfiAD7LelJFaxtzu0xntFSQPrsptmNqQ03vtoWOGoPqh
O3tPxlCmrUkX4VHibuFNlQIyQRNfAJqAH3J1O2xDgVQsMM1vf6g7UNYo28/bOVYg
44nQ1Lul+PYqvTsUmlynnw8tmlWaZdTrB3+VeVXGze6kZqWNQKm2ShOrA64K6vos
FDSR/sSuPguyFUIyoLwdvXAtcfTM8jOylR/gQxEXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh+oD443OuVpgz+BvWdlHKYkPPbwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyZmQ5MTU1LThhY2EtNGYwZS1iMGQ0LTFhYzQ3YmIxN2IyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYX5MAwDQYJKoZIhvcNAQELBQADggEBAMaWBQT9dq9/pDjpFQ/TuojgcWmV
950zDpzgEpc1sg/CljTF6LebpNcqJTInjf5LV4nblVBaxqAp2IeKclNgypTF6lpm
C5aglrU7onQeZyF7X4E+8XAHvt99pk4itl1K/FVVq5WsdPFY110s2uwjQUPW4kjN
CevQzgpFbN9Php2/+sH7ZHFeoKPQswGhLXy3y/w2CcIcBQDilH8JaMSSj2+o7agz
PTUOvTxld6/N+n3jJ1pTK+6lEuYtjAoi5Pww98RvjCMInzhSGEEP5Td3cWXrZzyn
8duoZqlQRUHfp6Z9XOLNCCB4UkxeJ5JwC5qs7eiKSZa3aDdesYweKsEPqms=
-----END CERTIFICATE-----