Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647b88e7-5e8c-4a24-a5d3-68e79aeee6f7.roa
File:                     647b88e7-5e8c-4a24-a5d3-68e79aeee6f7.roa (raw, json)
Hash identifier:          5f6noW9n8gFs3ht8tMmoSFCdJdJ2ccCO9qXfT1JVbOw=
Subject key identifier:   84:8C:D5:EC:C3:F1:68:84:08:1E:00:B8:28:74:C4:88:B6:7F:D1:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D58A5C31AF49F72D182283BFD37892FDE10A32A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647b88e7-5e8c-4a24-a5d3-68e79aeee6f7.roa
Signing time:             Tue 28 Jan 2025 00:00:00 +0000
ROA not before:           Tue 28 Jan 2025 00:00:00 +0000
ROA not after:            Tue 04 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.72.224.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:58:a5:c3:1a:f4:9f:72:d1:82:28:3b:fd:37:89:2f:de:10:a3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 28 00:00:00 2025 GMT
            Not After : Mar  4 23:59:59 2025 GMT
        Subject: serialNumber=c01ea9abf1b7669b57643dda8987d9d884abc531353749983a86bb39da4790df, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d8:7d:c2:19:c2:7d:c2:4f:3d:8d:38:ca:37:
                    d1:d2:6e:60:a4:9e:21:50:87:44:8b:e6:5b:24:38:
                    dc:c8:61:4a:ef:bf:f0:df:5f:ac:b6:a0:c0:eb:96:
                    e3:b4:d2:31:a1:dc:2c:9d:ef:85:59:7c:a8:78:3d:
                    04:14:cc:e2:e7:b1:f7:86:88:3f:82:e6:f6:35:32:
                    51:3c:bf:c8:29:31:0b:83:53:68:35:0b:73:61:ed:
                    1c:58:9c:3b:73:2b:5f:1e:bb:97:ea:d9:48:a1:68:
                    78:8b:09:bf:31:bb:21:a3:69:11:17:5f:3e:f8:75:
                    dd:3e:1f:30:e5:b4:90:87:7d:43:f7:69:fb:3a:5b:
                    6d:59:29:a4:2a:5e:d2:58:99:a8:75:89:ad:7b:dd:
                    03:d5:3c:86:a0:25:3f:3c:35:a5:35:b7:04:37:84:
                    3e:82:64:3e:9b:89:00:79:7d:53:59:58:fa:a6:72:
                    e6:a7:56:b4:69:f2:b0:8e:d6:1f:3d:e5:3b:47:19:
                    75:3d:e5:01:58:b1:c1:d1:0a:2b:bc:ac:ad:52:96:
                    09:23:c9:6d:7d:13:01:25:23:ee:07:13:72:3e:02:
                    05:d7:60:97:87:d1:47:27:88:88:e6:ac:00:fe:54:
                    8c:56:00:87:53:4a:2e:da:07:e7:52:d5:26:94:77:
                    9b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:8C:D5:EC:C3:F1:68:84:08:1E:00:B8:28:74:C4:88:B6:7F:D1:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/647b88e7-5e8c-4a24-a5d3-68e79aeee6f7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         57:a5:15:19:06:88:83:5e:d5:3c:22:5b:11:40:fd:02:98:5a:
         8d:bb:13:fe:92:06:c5:63:61:5b:78:37:ae:39:91:89:c2:76:
         15:b5:b8:09:a2:65:f2:91:db:78:83:57:11:3d:24:fe:0c:2e:
         8b:b7:db:64:73:9e:84:a4:68:34:3c:1e:ea:e1:7e:e2:aa:40:
         00:e2:de:8c:5e:74:09:1d:c2:9d:9c:6e:19:31:a0:08:26:9a:
         61:f4:ab:c3:49:ea:00:26:82:f8:e6:34:35:41:8c:64:23:49:
         84:78:68:33:d8:6e:cf:ff:36:f4:2e:5b:08:e5:39:a7:6b:2b:
         4b:2a:cc:c7:4b:ef:97:62:0f:e4:e6:e6:bd:fa:b3:50:f5:37:
         5b:d1:39:fd:95:cf:60:b9:84:04:0a:5c:8b:49:35:bc:6c:e2:
         d4:f9:d6:e0:1b:e7:7f:02:6a:62:82:e4:6b:f1:d1:9f:08:21:
         c7:2a:bf:d2:8e:f5:03:d4:31:24:38:da:72:28:a8:0d:08:b4:
         5d:d1:e9:3b:9c:37:55:35:b6:94:e9:2b:05:8c:a7:08:3f:46:
         34:0b:cd:4e:e5:91:c7:59:2d:91:60:29:03:f1:46:ae:26:b1:
         e5:70:8f:32:8e:fd:f3:ff:04:ac:d9:1d:75:43:c8:0e:01:8e:
         5c:9d:76:fe
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPVilwxr0n3LRgig7/TeJL94QoyowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDFlYTlhYmYxYjc2NjliNTc2NDNkZGE4OTg3ZDlkODg0
YWJjNTMxMzUzNzQ5OTgzYTg2YmIzOWRhNDc5MGRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDR2H3CGcJ9wk89jTjKN9HSbmCkniFQh0SL5lskONzIYUrv
v/DfX6y2oMDrluO00jGh3Cyd74VZfKh4PQQUzOLnsfeGiD+C5vY1MlE8v8gpMQuD
U2g1C3Nh7RxYnDtzK18eu5fq2UihaHiLCb8xuyGjaREXXz74dd0+HzDltJCHfUP3
afs6W21ZKaQqXtJYmah1ia173QPVPIagJT88NaU1twQ3hD6CZD6biQB5fVNZWPqm
cuanVrRp8rCO1h895TtHGXU95QFYscHRCiu8rK1SlgkjyW19EwElI+4HE3I+AgXX
YJeH0UcniIjmrAD+VIxWAIdTSi7aB+dS1SaUd5vxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhIzV7MPxaIQIHgC4KHTEiLZ/0V8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY0N2I4OGU3LTVlOGMtNGEyNC1hNWQzLTY4ZTc5YWVlZTZmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAW4SOAwDQYJKoZIhvcNAQELBQADggEBAFelFRkGiINe1TwiWxFA/QKYWo27
E/6SBsVjYVt4N645kYnCdhW1uAmiZfKR23iDVxE9JP4MLou322RznoSkaDQ8Hurh
fuKqQADi3oxedAkdwp2cbhkxoAgmmmH0q8NJ6gAmgvjmNDVBjGQjSYR4aDPYbs//
NvQuWwjlOadrK0sqzMdL75diD+Tm5r36s1D1N1vROf2Vz2C5hAQKXItJNbxs4tT5
1uAb538CamKC5Gvx0Z8IIccqv9KO9QPUMSQ42nIoqA0ItF3R6TucN1U1tpTpKwWM
pwg/RjQLzU7lkcdZLZFgKQPxRq4mseVwjzKO/fP/BKzZHXVDyA4Bjlyddv4=
-----END CERTIFICATE-----