Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9016d464-470c-4275-ad72-fec6b76b99c4.roa
File:                     9016d464-470c-4275-ad72-fec6b76b99c4.roa (raw, json)
Hash identifier:          7bnHV0JP5dHDrrOZKQbi/etjXxUZJySRyi+IUgQCnto=
Subject key identifier:   6A:3A:D5:0B:C6:9F:C5:12:EA:C3:E1:AA:BB:42:81:39:B6:41:E6:E3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D715A595C9E7590FE2CF308CE330A4E1D989D26
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9016d464-470c-4275-ad72-fec6b76b99c4.roa
Signing time:             Wed 15 Jan 2025 00:00:00 +0000
ROA not before:           Wed 15 Jan 2025 00:00:00 +0000
ROA not after:            Wed 19 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        143.227.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:71:5a:59:5c:9e:75:90:fe:2c:f3:08:ce:33:0a:4e:1d:98:9d:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 15 00:00:00 2025 GMT
            Not After : Feb 19 23:59:59 2025 GMT
        Subject: serialNumber=2ad76b16b51af276d3e9d2781986635e90b0261a92788816958cec1490c04ed4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b4:ab:bf:c8:af:cd:ac:70:c4:b9:31:e9:b9:
                    5f:54:14:92:cc:e7:39:98:be:23:e2:1d:ee:f8:df:
                    29:ff:e9:16:1b:2c:fc:8b:20:fa:25:f0:a5:ec:41:
                    e5:f5:28:4a:4c:f2:e4:4b:d8:5d:7e:98:3d:fa:da:
                    f8:58:fa:7e:e7:6a:0f:13:7f:8f:dd:97:e4:c5:67:
                    1d:2e:a1:f1:0c:13:60:9a:60:7e:10:08:4c:d7:b3:
                    b6:5d:b8:81:e4:ba:42:ad:9c:d2:24:bc:4c:7b:be:
                    b5:5f:7f:6b:0f:51:9f:aa:46:7b:f1:06:77:b2:25:
                    36:98:f6:93:1b:8a:ab:a4:2c:0c:8a:0a:34:91:81:
                    08:9f:16:62:1d:94:a6:1e:62:d7:d6:d9:9a:55:02:
                    b4:5e:7b:d9:f2:9b:1d:18:63:85:68:06:26:56:74:
                    be:53:5b:81:d3:5c:aa:3c:4a:9b:11:2f:43:45:99:
                    0f:7b:7f:12:65:4c:3e:3e:86:b9:b4:b0:31:b8:f3:
                    67:f9:fa:d5:7a:ff:88:41:b1:71:16:b0:e8:c4:86:
                    d9:b0:99:01:b9:47:61:10:75:30:2f:69:6d:2b:8c:
                    66:2f:71:60:94:b3:0a:5c:4b:c5:fa:85:f3:3c:2c:
                    c9:ee:0c:60:28:7c:bb:be:00:e4:01:57:1a:62:7b:
                    4b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:3A:D5:0B:C6:9F:C5:12:EA:C3:E1:AA:BB:42:81:39:B6:41:E6:E3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9016d464-470c-4275-ad72-fec6b76b99c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.227.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6c:49:c5:de:18:16:0e:78:de:e6:d8:2e:0b:33:ec:d8:57:e5:
         a1:93:dd:a3:e4:39:49:b9:eb:05:8f:c1:7e:64:e6:3c:74:1c:
         52:5f:fb:2f:9c:ef:87:5a:1e:d7:cc:21:c1:34:bc:38:24:c2:
         99:83:3a:6e:a3:40:96:8b:e9:f2:3d:e8:68:a4:c2:99:51:2d:
         25:71:5b:78:4d:82:1b:29:34:88:a4:00:fd:5d:a9:1d:86:63:
         de:fd:8f:1d:1c:23:2a:c2:72:4c:91:41:f4:e6:78:4f:48:f1:
         27:6c:53:57:60:85:80:dc:23:d8:a9:49:3f:08:30:5d:1e:13:
         a4:2b:61:e5:e4:d8:46:aa:4c:3f:19:39:2d:81:a8:21:18:bd:
         ec:12:ba:c3:c9:0c:f0:60:33:96:f9:18:25:b5:77:61:32:f6:
         83:f1:c0:d7:26:20:7c:a6:30:0e:b3:23:96:a5:8f:e2:43:ea:
         62:c6:13:9d:1c:ae:55:49:94:c3:f8:27:82:0c:be:4f:d4:c3:
         40:13:8d:95:bd:7c:d2:39:a3:1d:de:56:60:33:d8:36:8a:36:
         80:9b:31:59:82:c1:5d:d9:52:e2:27:ee:cc:8d:40:25:c1:39:
         ff:60:a0:69:ae:2e:f5:8f:c7:17:cd:e7:d2:c7:6d:fb:c0:70:
         71:3b:de:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPXFaWVyedZD+LPMIzjMKTh2YnSYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYWQ3NmIxNmI1MWFmMjc2ZDNlOWQyNzgxOTg2NjM1ZTkw
YjAyNjFhOTI3ODg4MTY5NThjZWMxNDkwYzA0ZWQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChtKu/yK/NrHDEuTHpuV9UFJLM5zmYviPiHe743yn/6RYb
LPyLIPol8KXsQeX1KEpM8uRL2F1+mD362vhY+n7nag8Tf4/dl+TFZx0uofEME2Ca
YH4QCEzXs7ZduIHkukKtnNIkvEx7vrVff2sPUZ+qRnvxBneyJTaY9pMbiqukLAyK
CjSRgQifFmIdlKYeYtfW2ZpVArRee9nymx0YY4VoBiZWdL5TW4HTXKo8SpsRL0NF
mQ97fxJlTD4+hrm0sDG482f5+tV6/4hBsXEWsOjEhtmwmQG5R2EQdTAvaW0rjGYv
cWCUswpcS8X6hfM8LMnuDGAofLu+AOQBVxpie0vfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUajrVC8afxRLqw+Gqu0KBObZB5uMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwMTZkNDY0LTQ3MGMtNDI3NS1hZDcyLWZlYzZiNzZiOTljNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCP4zANBgkqhkiG9w0BAQsFAAOCAQEAbEnF3hgWDnje5tguCzPs2FfloZPd
o+Q5SbnrBY/BfmTmPHQcUl/7L5zvh1oe18whwTS8OCTCmYM6bqNAlovp8j3oaKTC
mVEtJXFbeE2CGyk0iKQA/V2pHYZj3v2PHRwjKsJyTJFB9OZ4T0jxJ2xTV2CFgNwj
2KlJPwgwXR4TpCth5eTYRqpMPxk5LYGoIRi97BK6w8kM8GAzlvkYJbV3YTL2g/HA
1yYgfKYwDrMjlqWP4kPqYsYTnRyuVUmUw/gnggy+T9TDQBONlb180jmjHd5WYDPY
Noo2gJsxWYLBXdlS4ifuzI1AJcE5/2Cgaa4u9Y/HF83n0sdt+8BwcTvefw==
-----END CERTIFICATE-----