Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4b847893-4aea-442a-b81c-619bfedf3ca5.roa
File:                     4b847893-4aea-442a-b81c-619bfedf3ca5.roa (raw, json)
Hash identifier:          kfenJars4yfyhAIxBTpc7Qeio6SkuZUzsLHe7h9y7p0=
Subject key identifier:   0C:8C:9B:19:DF:4C:6C:26:B8:4C:2E:33:E0:0C:6F:00:EA:8F:F0:DD
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       5C18FA46062B344D3816C55A23F4DE91B1341895
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4b847893-4aea-442a-b81c-619bfedf3ca5.roa
Signing time:             Sat 15 Mar 2025 00:00:04 +0000
ROA not before:           Sat 15 Mar 2025 00:00:04 +0000
ROA not after:            Sat 19 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        206.55.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:18:fa:46:06:2b:34:4d:38:16:c5:5a:23:f4:de:91:b1:34:18:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Mar 15 00:00:04 2025 GMT
            Not After : Apr 19 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:62:b1:bd:28:47:79:1b:69:02:d4:26:56:5e:
                    4d:88:97:36:7e:20:43:0d:fc:2f:c6:f4:2f:e7:66:
                    6b:a1:3c:14:29:a3:d4:c7:8f:c5:4f:20:f0:06:ef:
                    0a:08:79:ad:ce:60:cf:37:40:c5:a8:06:75:4f:69:
                    a8:02:ca:05:5c:5b:27:2e:eb:8e:b7:7f:35:9f:da:
                    8e:0d:56:e4:ce:cc:fd:40:ef:1a:d1:18:12:89:33:
                    64:97:e9:a9:c0:45:22:f8:94:97:95:99:ab:dc:b1:
                    10:d9:14:68:3a:f3:94:e7:01:a5:cd:c4:08:9c:a8:
                    d3:2f:b3:34:84:c5:71:e9:2d:c9:f1:c8:85:6d:98:
                    60:2f:9a:fd:c6:7c:36:cb:b3:25:8a:cb:4f:0c:e2:
                    52:b0:d7:76:76:cf:e5:e1:24:46:8a:48:3d:31:05:
                    64:8a:5e:60:a4:e4:09:e2:a8:43:7a:e4:6f:a2:ab:
                    b7:a7:0a:e4:0f:cd:f2:6d:41:cf:7f:9e:46:d1:4a:
                    b2:6f:f8:e2:09:38:6b:cd:10:3c:ca:35:d7:1f:f7:
                    e1:12:0d:6b:30:29:f0:5a:37:74:85:e2:ba:a4:32:
                    15:58:08:ce:94:fd:40:35:3c:5c:9d:2c:31:7c:99:
                    bb:ef:45:56:50:d8:c4:70:85:1a:e1:0a:6b:b6:d0:
                    cd:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:8C:9B:19:DF:4C:6C:26:B8:4C:2E:33:E0:0C:6F:00:EA:8F:F0:DD
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4b847893-4aea-442a-b81c-619bfedf3ca5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.55.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:f9:49:a6:5d:99:ef:51:85:80:8f:c1:38:ed:6a:39:fb:dc:
         7c:e5:53:55:da:52:6b:37:26:87:3f:a2:5d:10:da:b1:5f:11:
         42:02:f9:ce:38:d4:f3:2e:c1:0a:df:c1:e3:9d:e6:6f:7f:7c:
         00:1d:38:cc:12:24:33:be:a3:7d:4b:93:11:0f:f9:58:45:c1:
         c4:11:6d:24:17:8c:54:ee:80:64:75:90:d6:33:6f:4f:b4:dc:
         9b:ce:38:80:d5:70:1e:95:92:3d:4d:1f:3f:a2:0f:83:48:e8:
         ac:85:a3:c6:e6:90:19:88:33:37:55:64:a2:e3:7b:d2:ac:c2:
         e7:06:fa:42:e5:00:fd:10:ef:fa:67:0e:f6:87:35:fb:e3:56:
         bc:dd:5e:cb:1c:84:cd:29:5b:01:a3:0a:0c:41:50:11:5c:d1:
         58:5e:44:8e:c9:e4:32:2c:15:1a:6b:19:c4:60:e0:ad:08:06:
         4d:b5:de:17:94:9e:3d:3a:43:1b:46:3b:51:fe:62:4b:7b:9b:
         38:f0:c8:3d:ad:2a:ad:7a:a4:5e:93:f2:ca:45:4a:9e:94:cf:
         92:6f:04:80:ef:00:ec:79:fc:b4:b0:3f:13:d3:cf:48:8c:ec:
         41:f2:57:b7:ae:76:74:9b:21:e5:b0:d5:c8:51:fb:3f:af:09:
         1d:d6:2a:b3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXBj6RgYrNE04FsVaI/TekbE0GJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMzE1MDAwMDA0WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MmRjOGRjNzU3YjY2M2E0ZmJmYzQ1MDdjY2RiYzAyNzZi
ZmRiNTNiZTUyMWY5OTkwYzE4ZDFmZWU4M2QxNjZmMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzYrG9KEd5G2kC1CZWXk2IlzZ+IEMN/C/G9C/nZmuhPBQp
o9THj8VPIPAG7woIea3OYM83QMWoBnVPaagCygVcWycu6463fzWf2o4NVuTOzP1A
7xrRGBKJM2SX6anARSL4lJeVmavcsRDZFGg685TnAaXNxAicqNMvszSExXHpLcnx
yIVtmGAvmv3GfDbLsyWKy08M4lKw13Z2z+XhJEaKSD0xBWSKXmCk5AniqEN65G+i
q7enCuQPzfJtQc9/nkbRSrJv+OIJOGvNEDzKNdcf9+ESDWswKfBaN3SF4rqkMhVY
CM6U/UA1PFydLDF8mbvvRVZQ2MRwhRrhCmu20M3bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDIybGd9MbCa4TC4z4AxvAOqP8N0wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzRiODQ3ODkzLTRhZWEtNDQyYS1iODFjLTYxOWJmZWRmM2NhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADON4EwDQYJKoZIhvcNAQELBQADggEBAHj5SaZdme9RhYCPwTjtajn73Hzl
U1XaUms3Joc/ol0Q2rFfEUIC+c441PMuwQrfweOd5m9/fAAdOMwSJDO+o31LkxEP
+VhFwcQRbSQXjFTugGR1kNYzb0+03JvOOIDVcB6Vkj1NHz+iD4NI6KyFo8bmkBmI
MzdVZKLje9KswucG+kLlAP0Q7/pnDvaHNfvjVrzdXsschM0pWwGjCgxBUBFc0Vhe
RI7J5DIsFRprGcRg4K0IBk213heUnj06QxtGO1H+Ykt7mzjwyD2tKq16pF6T8spF
Sp6Uz5JvBIDvAOx5/LSwPxPTz0iM7EHyV7eudnSbIeWw1chR+z+vCR3WKrM=
-----END CERTIFICATE-----