Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e81d9f6-5425-4345-a797-38781819acdc.roa
File:                     9e81d9f6-5425-4345-a797-38781819acdc.roa (raw, json)
Hash identifier:          9Aok1I1Wc1XyHBwIjq9tiP2pNhG3daRGsSigWfBQ2CA=
Subject key identifier:   F1:AA:00:B2:BA:40:E3:CF:C1:9F:79:53:AE:93:2A:67:AC:5F:43:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1891013F2C985F33C5C6A8441153CC8E160567C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e81d9f6-5425-4345-a797-38781819acdc.roa
Signing time:             Tue 28 Jan 2025 00:00:00 +0000
ROA not before:           Tue 28 Jan 2025 00:00:00 +0000
ROA not after:            Tue 04 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.72.64.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:91:01:3f:2c:98:5f:33:c5:c6:a8:44:11:53:cc:8e:16:05:67:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 28 00:00:00 2025 GMT
            Not After : Mar  4 23:59:59 2025 GMT
        Subject: serialNumber=d293bc21f1a63c54eb1b437f614529197a7f767cfee149e5ec0f4b5336694cc1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:96:4c:1b:a3:e5:e9:e0:58:fc:6f:a9:d3:6a:
                    6e:6a:cd:a6:fe:3c:1c:a1:66:f8:52:4f:60:05:60:
                    8a:c4:c5:2e:39:b9:b0:af:44:dd:fe:12:69:77:7e:
                    7d:d5:90:dc:d2:ca:05:e5:d4:8c:d1:8a:e4:26:76:
                    91:99:db:d7:84:e6:bc:f8:4d:d1:7a:d1:18:97:86:
                    18:73:c1:4e:1e:8f:aa:08:8c:fc:fa:10:fa:65:e5:
                    50:2c:36:f2:f5:0d:93:15:37:d2:70:92:c4:1a:cf:
                    9f:c3:14:79:1a:fa:45:cb:a5:43:a8:80:88:73:e4:
                    38:9e:28:ec:9c:61:0f:76:4a:39:12:aa:ca:d4:2b:
                    5e:62:e3:82:75:c1:48:37:89:4f:1f:00:0f:2a:c7:
                    55:9f:b9:65:21:76:a7:42:a7:5a:7a:4c:98:ba:37:
                    c2:27:05:50:21:f3:3c:b4:19:7d:6a:d4:b7:a8:4b:
                    dd:b9:c8:02:50:90:e1:fc:6e:b3:bc:c8:fb:e9:ae:
                    aa:2d:f9:08:39:64:c2:3b:9a:00:a5:4b:b4:e8:91:
                    1a:a8:dd:4b:4c:8e:72:8f:ab:fc:c6:8a:ce:fd:1d:
                    4e:9f:99:5b:ff:4d:39:5e:7a:7d:c7:fb:0d:3b:8c:
                    20:b1:3b:d0:76:41:6e:bf:08:9a:f7:66:c0:1f:24:
                    15:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:AA:00:B2:BA:40:E3:CF:C1:9F:79:53:AE:93:2A:67:AC:5F:43:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e81d9f6-5425-4345-a797-38781819acdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7f:51:28:16:07:d5:79:79:a2:4f:23:b5:ac:36:3e:73:93:16:
         40:84:04:0e:4e:43:c8:61:fe:c0:b5:1a:fe:aa:19:76:70:9e:
         59:4e:9b:fd:d8:09:ad:3e:8f:00:78:e7:57:dc:ba:c0:5e:47:
         71:a2:a4:62:bc:be:73:29:25:5b:b3:8a:a5:87:e0:6e:11:3a:
         0a:c7:91:cf:69:b3:9c:0e:53:79:23:27:54:03:bc:72:9b:51:
         4c:30:2d:34:e6:66:8e:d8:e4:77:57:dd:2c:f5:f9:22:fc:c8:
         b2:19:1b:3d:8d:89:36:54:2b:46:b7:95:b2:b8:96:4c:db:69:
         97:23:28:09:17:84:4b:8d:b3:59:9e:27:58:cb:56:d5:be:38:
         f5:02:85:94:d5:4c:36:9d:33:05:48:25:e5:1c:dc:5a:b2:2b:
         05:3d:5f:eb:20:07:a9:4b:0c:3b:19:48:79:e8:0f:d6:3f:de:
         98:20:95:9a:f6:0a:f8:50:b5:fa:2d:7b:a5:95:b7:43:b8:d1:
         be:02:a4:cf:d5:73:9e:aa:66:55:07:b5:8a:46:4f:27:05:b7:
         1d:87:15:26:59:c6:f4:1b:50:80:ba:ac:15:f6:af:80:ca:94:
         28:1f:ae:7f:c3:47:86:1e:00:a6:9e:2a:73:e0:14:85:07:77:
         49:bd:75:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGJEBPyyYXzPFxqhEEVPMjhYFZ8QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMjkzYmMyMWYxYTYzYzU0ZWIxYjQzN2Y2MTQ1MjkxOTdh
N2Y3NjdjZmVlMTQ5ZTVlYzBmNGI1MzM2Njk0Y2MxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXlkwbo+Xp4Fj8b6nTam5qzab+PByhZvhST2AFYIrExS45
ubCvRN3+Eml3fn3VkNzSygXl1IzRiuQmdpGZ29eE5rz4TdF60RiXhhhzwU4ej6oI
jPz6EPpl5VAsNvL1DZMVN9JwksQaz5/DFHka+kXLpUOogIhz5DieKOycYQ92SjkS
qsrUK15i44J1wUg3iU8fAA8qx1WfuWUhdqdCp1p6TJi6N8InBVAh8zy0GX1q1Leo
S925yAJQkOH8brO8yPvprqot+Qg5ZMI7mgClS7TokRqo3UtMjnKPq/zGis79HU6f
mVv/TTleen3H+w07jCCxO9B2QW6/CJr3ZsAfJBV3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8aoAsrpA48/Bn3lTrpMqZ6xfQ8swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllODFkOWY2LTU0MjUtNDM0NS1hNzk3LTM4NzgxODE5YWNkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAa4SEAwDQYJKoZIhvcNAQELBQADggEBAH9RKBYH1Xl5ok8jtaw2PnOTFkCE
BA5OQ8hh/sC1Gv6qGXZwnllOm/3YCa0+jwB451fcusBeR3GipGK8vnMpJVuziqWH
4G4ROgrHkc9ps5wOU3kjJ1QDvHKbUUwwLTTmZo7Y5HdX3Sz1+SL8yLIZGz2NiTZU
K0a3lbK4lkzbaZcjKAkXhEuNs1meJ1jLVtW+OPUChZTVTDadMwVIJeUc3FqyKwU9
X+sgB6lLDDsZSHnoD9Y/3pgglZr2CvhQtfote6WVt0O40b4CpM/Vc56qZlUHtYpG
TycFtx2HFSZZxvQbUIC6rBX2r4DKlCgfrn/DR4YeAKaeKnPgFIUHd0m9dRc=
-----END CERTIFICATE-----