Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c6c1299-3889-43ce-9e59-ee74809e695b.roa
File:                     1c6c1299-3889-43ce-9e59-ee74809e695b.roa (raw, json)
Hash identifier:          ZCeOQRtcqefAMTHCDXfQSz+58KldY/ieVf0/eV8HAjE=
Subject key identifier:   DE:82:52:AA:0C:4A:6F:EB:DD:A0:55:A6:2F:6E:22:2F:DD:D5:26:CD
Certificate issuer:       /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial:       02A7A0462DA0BE569FCB73A46608EAA6E51FD60D
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c6c1299-3889-43ce-9e59-ee74809e695b.roa
Signing time:             Thu 08 Jun 2023 00:00:00 +0000
ROA not before:           Thu 08 Jun 2023 00:00:00 +0000
ROA not after:            Sun 11 Jun 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:a7:a0:46:2d:a0:be:56:9f:cb:73:a4:66:08:ea:a6:e5:1f:d6:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
        Validity
            Not Before: Jun  8 00:00:00 2023 GMT
            Not After : Jun 11 23:59:59 2023 GMT
        Subject: serialNumber=4e36e7a8aea28d611407986528ac50772c1ef22b8401e7324671f7ad20f7e1bb, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6a:67:1b:1d:03:b2:ab:1c:e6:16:b4:88:60:
                    eb:2d:59:47:e9:dc:11:d5:6b:d0:86:17:ff:be:9e:
                    c6:4e:6f:3a:e3:ca:d4:19:0c:38:78:10:e6:6c:be:
                    0b:5c:fd:01:f3:52:e2:9e:b9:aa:66:75:45:a6:ac:
                    e0:a6:bd:9c:cb:f7:09:44:5c:01:9d:a7:56:3e:d8:
                    55:58:fe:05:f9:41:c7:d5:85:ad:1e:77:0c:9e:15:
                    6a:e9:cc:ea:01:b4:e2:a4:bb:00:8f:15:4a:41:b5:
                    6c:f6:89:f6:c2:cc:58:e1:f5:59:8b:37:d5:78:7b:
                    0c:d7:e4:f3:80:8e:bf:35:3b:43:0f:62:49:a2:5b:
                    9f:7e:c4:9f:0a:bd:1e:68:e9:21:bb:29:e0:94:91:
                    aa:2d:e1:3a:37:fd:25:69:91:cb:80:7d:8e:4b:cd:
                    6a:df:67:63:55:91:34:22:3a:d9:25:dc:9d:a5:a0:
                    32:8f:5f:d3:7b:fb:7a:a8:37:f1:9c:6e:51:b9:61:
                    48:fd:27:cf:65:57:31:df:3d:fb:78:bf:11:b0:65:
                    0e:48:e1:d9:35:6a:52:65:6e:79:61:60:82:5b:05:
                    5e:5e:6e:b4:b3:a8:70:08:a4:16:ed:b1:00:81:f0:
                    b8:fa:4b:38:af:c0:04:24:dd:16:dd:f0:85:63:8c:
                    09:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:82:52:AA:0C:4A:6F:EB:DD:A0:55:A6:2F:6E:22:2F:DD:D5:26:CD
            X509v3 Authority Key Identifier:
                keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c6c1299-3889-43ce-9e59-ee74809e695b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:9a:82:72:6c:59:be:1d:db:04:e9:58:35:f9:78:96:cc:3a:
         82:90:d6:f9:a1:91:cd:1c:4e:ca:74:6b:1b:85:f4:68:c2:4e:
         da:77:fa:f9:92:c7:49:71:85:70:59:a1:70:13:a0:52:ea:1e:
         49:1e:70:0e:0d:ac:9f:08:59:01:30:a9:85:33:a5:50:af:ff:
         9f:df:8b:3a:e5:cb:6b:31:1b:a7:f8:08:2a:5d:c4:73:34:5f:
         91:fa:1e:57:90:c6:36:06:19:64:67:8f:b8:c4:12:a5:3a:a5:
         e9:fb:66:fe:be:5c:d1:85:48:82:a1:6e:e6:15:2d:83:04:a0:
         1a:60:4d:62:5c:ee:a7:66:d9:d5:14:ef:fa:97:26:7d:da:e6:
         ec:f8:74:2a:10:34:3f:5a:26:8c:e6:59:25:18:1a:49:9b:f6:
         72:94:97:65:ec:4e:70:67:24:77:9c:6c:8c:e0:c6:d4:54:0d:
         22:23:8c:63:06:4e:f2:12:06:87:89:aa:8f:5a:6c:22:06:ec:
         70:50:0e:97:76:bd:b9:70:bf:dc:15:30:5b:48:89:24:55:4d:
         42:e7:6f:32:f5:f0:f5:80:84:d5:26:70:36:05:13:94:8c:b0:
         44:36:56:b6:0d:e8:61:11:a4:8f:82:a8:a5:c7:40:30:8c:09:
         38:0a:56:06
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgIUAqegRi2gvlafy3OkZgjqpuUf1g0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNjA4MDAwMDAwWhcNMjMwNjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZTM2ZTdhOGFlYTI4ZDYxMTQwNzk4NjUyOGFjNTA3NzJj
MWVmMjJiODQwMWU3MzI0NjcxZjdhZDIwZjdlMWJiMS0wKwYDVQQDEyQ2YWU0ZTU2
Ny02MzQ4LTRjNGYtOThhOC0wNDIyYzRjNTJmZjMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5amcbHQOyqxzmFrSIYOstWUfp3BHVa9CGF/++nsZObzrj
ytQZDDh4EOZsvgtc/QHzUuKeuapmdUWmrOCmvZzL9wlEXAGdp1Y+2FVY/gX5QcfV
ha0edwyeFWrpzOoBtOKkuwCPFUpBtWz2ifbCzFjh9VmLN9V4ewzX5POAjr81O0MP
YkmiW59+xJ8KvR5o6SG7KeCUkaot4To3/SVpkcuAfY5LzWrfZ2NVkTQiOtkl3J2l
oDKPX9N7+3qoN/GcblG5YUj9J89lVzHfPft4vxGwZQ5I4dk1alJlbnlhYIJbBV5e
brSzqHAIpBbtsQCB8Lj6SzivwAQk3Rbd8IVjjAm7AgMBAAGjggK+MIICujAdBgNV
HQ4EFgQU3oJSqgxKb+vdoFWmL24iL93VJs0wHwYDVR0jBBgwFoAUkUTtx6QO6ZC3
+jZv9uF9ea3Eg5cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy83M2YyMWMyYi04
ODIzLTRjMjQtYjI1Yi00M2M4MGNiNmQxYmIvMjc4YWFiODc4ZjI4MzFiYjE4MjNi
NTg3OTRiMDkyZDg2ZmIxZDdhMGY3NGUyODE2MTEuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjY4YTMyZWUtNDU1ZC00ODNhLTk0M2QtMWE1
YmU3NDhiZmVhLzFjNmMxMjk5LTM4ODktNDNjZS05ZTU5LWVlNzQ4MDllNjk1Yi5y
b2EwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVz
LWVhc3QtMi5hbWF6b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2Et
OTQzZC0xYTViZTc0OGJmZWEvNGJiOGFlNWMtMTI0Yy00MmYzLTg3ZmItNGYzNGU3
NGUzZGEyLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAxyR4MA0GCSqGSIb3DQEBCwUAA4IBAQA1moJybFm+
HdsE6Vg1+XiWzDqCkNb5oZHNHE7KdGsbhfRowk7ad/r5ksdJcYVwWaFwE6BS6h5J
HnAODayfCFkBMKmFM6VQr/+f34s65ctrMRun+AgqXcRzNF+R+h5XkMY2BhlkZ4+4
xBKlOqXp+2b+vlzRhUiCoW7mFS2DBKAaYE1iXO6nZtnVFO/6lyZ92ubs+HQqEDQ/
WiaM5lklGBpJm/ZylJdl7E5wZyR3nGyM4MbUVA0iI4xjBk7yEgaHiaqPWmwiBuxw
UA6Xdr25cL/cFTBbSIkkVU1C528y9fD1gITVJnA2BROUjLBENla2DehhEaSPgqil
x0AwjAk4ClYG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:51 2024 by rpki-client on console-ams.rpki-client.org