Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa
File:                     65258b34-5141-4495-8461-b0210b9b4965.roa (raw, json)
Hash identifier:          /V7Ud/v4xRpBbjpnyomOjvxZimfmcpN9YwA1b+5+N9o=
Subject key identifier:   10:29:16:47:7D:53:3C:84:CA:B6:EE:7A:0D:93:73:CF:10:6B:30:4B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D2E15FD147AFCA33CEA838945F40AACFCC60156
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa
Signing time:             Sat 18 Jan 2025 00:00:00 +0000
ROA not before:           Sat 18 Jan 2025 00:00:00 +0000
ROA not after:            Sat 22 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.164.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:2e:15:fd:14:7a:fc:a3:3c:ea:83:89:45:f4:0a:ac:fc:c6:01:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 18 00:00:00 2025 GMT
            Not After : Feb 22 23:59:59 2025 GMT
        Subject: serialNumber=024d2884e41529270c3ca8a214691d931dbc70233a37564733d0bc1536dfed34, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:17:fe:a1:1a:cb:10:2c:73:5c:d3:86:7f:ad:
                    27:f7:4c:5d:9e:e2:20:31:f7:6d:06:f8:cf:19:37:
                    02:fb:0f:b4:79:d8:c4:68:bc:fe:15:7d:86:db:e8:
                    43:03:e1:b2:f8:ee:7b:78:06:55:97:e0:2c:96:1d:
                    4d:90:fc:84:08:af:da:96:e5:12:09:19:a5:a1:d5:
                    96:8b:15:01:48:4c:bf:f0:bd:1f:33:ab:bd:b3:d0:
                    de:d0:02:5e:88:e3:e0:1b:e8:78:79:a9:99:e8:6e:
                    b6:16:68:43:59:ad:5d:2a:9a:91:c8:bb:fc:5a:e0:
                    c0:b6:49:a5:49:20:4b:b4:da:2f:d5:8a:94:3d:e7:
                    fa:b7:2b:bc:f6:75:54:3e:57:66:55:e3:15:b0:08:
                    fc:8a:e6:ab:68:ec:cc:2c:dd:77:c5:e5:86:96:78:
                    c2:a8:01:1e:f6:71:1e:2e:ef:c3:d3:4e:60:a5:42:
                    0c:49:d2:bd:b6:cd:00:d7:a3:48:b8:cd:e6:ba:46:
                    d8:34:9b:5d:bc:24:3c:9b:5b:01:b4:fb:d1:1f:42:
                    32:78:79:d2:2f:7b:82:fe:0f:5e:d4:a3:b2:54:04:
                    51:e8:4a:bd:f5:61:67:33:ee:24:11:bc:5b:6a:2d:
                    d2:83:38:56:10:55:43:e0:3f:1e:72:e8:3d:89:68:
                    e5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:29:16:47:7D:53:3C:84:CA:B6:EE:7A:0D:93:73:CF:10:6B:30:4B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.164.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9f:9a:cb:e3:db:59:27:8a:87:05:35:fa:b1:c6:9b:86:eb:05:
         63:d8:39:31:2d:75:cc:32:08:42:f9:91:2c:7e:aa:58:a4:25:
         13:7a:2f:14:87:de:24:2e:67:22:5b:f9:e7:ca:0d:03:bd:f7:
         09:da:63:75:97:8a:af:54:62:f1:65:ba:cf:68:44:cf:d8:32:
         5d:f5:ca:b2:64:31:7c:79:82:21:23:20:f9:f0:1e:39:91:cd:
         b1:2e:ab:3c:16:08:94:37:c9:b9:e5:12:9b:4f:7f:b8:2c:c3:
         7a:0d:5d:ae:b4:df:0c:de:bd:50:6f:d2:ef:65:94:f2:b4:bf:
         7d:c9:c7:36:f0:ca:e4:5b:5b:0e:4c:c1:fd:58:96:26:7d:64:
         38:14:00:95:77:b2:1f:e3:af:3c:ee:02:01:3a:89:f2:10:34:
         0c:ad:55:9b:e5:a7:4e:7a:59:f2:17:0b:87:e7:e8:8e:77:f8:
         38:fb:e4:bd:7b:2e:c9:49:bb:28:57:40:bb:97:02:0d:f6:31:
         77:81:f4:56:df:4f:09:c1:c1:d4:a0:ae:4a:a9:b8:cb:a0:19:
         66:ac:1b:ac:22:32:64:ba:a0:41:e3:4a:4a:68:33:a8:da:13:
         d6:d6:f4:47:3d:0b:71:74:92:3b:32:4c:fa:29:5c:e2:35:6f:
         60:05:54:af
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTS4V/RR6/KM86oOJRfQKrPzGAVYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE4MDAwMDAwWhcNMjUwMjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjRkMjg4NGU0MTUyOTI3MGMzY2E4YTIxNDY5MWQ5MzFk
YmM3MDIzM2EzNzU2NDczM2QwYmMxNTM2ZGZlZDM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvF/6hGssQLHNc04Z/rSf3TF2e4iAx920G+M8ZNwL7D7R5
2MRovP4VfYbb6EMD4bL47nt4BlWX4CyWHU2Q/IQIr9qW5RIJGaWh1ZaLFQFITL/w
vR8zq72z0N7QAl6I4+Ab6Hh5qZnobrYWaENZrV0qmpHIu/xa4MC2SaVJIEu02i/V
ipQ95/q3K7z2dVQ+V2ZV4xWwCPyK5qto7Mws3XfF5YaWeMKoAR72cR4u78PTTmCl
QgxJ0r22zQDXo0i4zea6Rtg0m128JDybWwG0+9EfQjJ4edIve4L+D17Uo7JUBFHo
Sr31YWcz7iQRvFtqLdKDOFYQVUPgPx5y6D2JaOULAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUECkWR31TPITKtu56DZNzzxBrMEswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1MjU4YjM0LTUxNDEtNDQ5NS04NDYxLWIwMjEwYjliNDk2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4pDANBgkqhkiG9w0BAQsFAAOCAQEAn5rL49tZJ4qHBTX6scabhusFY9g5
MS11zDIIQvmRLH6qWKQlE3ovFIfeJC5nIlv558oNA733CdpjdZeKr1Ri8WW6z2hE
z9gyXfXKsmQxfHmCISMg+fAeOZHNsS6rPBYIlDfJueUSm09/uCzDeg1drrTfDN69
UG/S72WU8rS/fcnHNvDK5FtbDkzB/ViWJn1kOBQAlXeyH+OvPO4CATqJ8hA0DK1V
m+WnTnpZ8hcLh+fojnf4OPvkvXsuyUm7KFdAu5cCDfYxd4H0Vt9PCcHB1KCuSqm4
y6AZZqwbrCIyZLqgQeNKSmgzqNoT1tb0Rz0LcXSSOzJM+ilc4jVvYAVUrw==
-----END CERTIFICATE-----