Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ad2ce398-5390-4868-bef4-c81c5f39ec07.roa
File:                     ad2ce398-5390-4868-bef4-c81c5f39ec07.roa (raw, json)
Hash identifier:          C0kcO81cJxipNZd8lnOOnEWLc8UnDrWmYn2PnqnGiv8=
Subject key identifier:   AF:19:2A:94:86:7C:09:73:B6:A8:A6:C9:1E:FC:0F:81:DF:FD:1A:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       508C21AEC743491FC340E59E04B79907FFD5253A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ad2ce398-5390-4868-bef4-c81c5f39ec07.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        5.60.104.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:8c:21:ae:c7:43:49:1f:c3:40:e5:9e:04:b7:99:07:ff:d5:25:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=de539ff0e4ae3e9f46a0141d1c78bed2f8f0d38fdaa39283c4700314a7a4c1d9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:4e:cb:e2:b7:8a:3b:04:7a:2d:c9:b7:37:97:
                    8e:8e:84:81:94:3f:a4:55:5c:58:b4:87:62:8b:cb:
                    82:7e:fa:8c:9c:29:ca:a6:28:93:97:e5:dc:5e:14:
                    cf:22:ec:13:f2:b1:52:25:b8:9e:19:d5:36:e4:72:
                    40:0d:ab:98:96:1c:7b:02:a1:37:ae:66:26:40:91:
                    89:bf:59:f7:41:65:c3:b7:8d:4c:d7:20:32:ee:ce:
                    ba:44:49:ed:34:ff:00:ff:ed:23:8f:1e:f2:26:e4:
                    e8:f8:2d:bf:f9:a0:14:7d:d0:bd:cd:26:68:a0:6e:
                    b4:b0:9f:15:04:45:d8:52:80:8a:de:51:60:79:a9:
                    76:fb:28:50:25:73:f0:ca:5e:18:a3:26:88:d7:95:
                    37:ab:1b:6b:db:5e:0b:e8:84:bf:c1:20:b0:10:ef:
                    94:f9:ce:ee:ab:08:42:6e:c4:2b:3a:0d:6a:1a:24:
                    99:6f:2c:f7:55:2b:b8:b2:a1:38:e6:40:a1:3a:35:
                    d7:1d:34:4f:a5:38:4f:43:48:0b:9e:e5:93:f2:fd:
                    01:ef:87:6c:84:f8:29:81:8e:c7:4e:91:68:20:13:
                    f3:3b:10:fe:5a:56:0a:f1:d3:83:21:67:b8:d1:4a:
                    fc:19:66:fb:8d:76:98:a6:a6:53:1a:96:7b:77:d1:
                    d0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:19:2A:94:86:7C:09:73:B6:A8:A6:C9:1E:FC:0F:81:DF:FD:1A:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ad2ce398-5390-4868-bef4-c81c5f39ec07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.60.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:a3:5a:44:25:85:85:29:44:31:3a:7c:49:e9:50:c1:52:e8:
         6d:c8:26:d4:61:18:eb:de:1b:f5:37:9d:15:d0:16:41:fe:77:
         1b:d8:5b:31:0e:94:e2:0d:e6:c9:4a:2b:f8:ee:29:eb:8a:b3:
         c4:86:c6:29:0d:ae:98:77:22:ce:4d:28:60:a3:7a:09:42:39:
         7c:ef:a4:3d:12:6e:6a:7a:ea:4e:94:a0:42:cf:6c:cd:b6:20:
         27:67:36:be:06:e6:c6:c4:f0:2e:42:cc:0a:73:b9:98:73:90:
         46:7d:58:cb:1f:44:47:e2:dc:3c:bd:f1:25:ab:e0:c8:32:9c:
         d0:9d:02:74:be:95:07:f6:79:86:fd:13:61:39:c5:51:d7:27:
         9e:2d:f0:ee:73:83:65:02:83:20:2d:1e:b4:30:01:33:02:64:
         c1:27:5c:b6:b4:9a:80:01:05:20:76:f9:2b:58:40:73:2c:d9:
         6a:db:7a:79:7d:e8:b6:86:20:bf:c5:e0:96:d7:a6:00:0e:cb:
         1d:c0:26:4d:87:9c:3f:95:3f:2f:22:16:47:fe:b7:e9:37:fd:
         8e:74:d3:8d:f8:40:ca:e8:8d:32:18:38:04:70:67:74:d4:84:
         32:75:0e:74:5d:e2:9d:30:9b:48:bb:0c:bc:5a:24:f6:b9:e0:
         3d:16:e5:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUIwhrsdDSR/DQOWeBLeZB//VJTowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTUzOWZmMGU0YWUzZTlmNDZhMDE0MWQxYzc4YmVkMmY4
ZjBkMzhmZGFhMzkyODNjNDcwMDMxNGE3YTRjMWQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtTsvit4o7BHotybc3l46OhIGUP6RVXFi0h2KLy4J++oyc
KcqmKJOX5dxeFM8i7BPysVIluJ4Z1TbkckANq5iWHHsCoTeuZiZAkYm/WfdBZcO3
jUzXIDLuzrpESe00/wD/7SOPHvIm5Oj4Lb/5oBR90L3NJmigbrSwnxUERdhSgIre
UWB5qXb7KFAlc/DKXhijJojXlTerG2vbXgvohL/BILAQ75T5zu6rCEJuxCs6DWoa
JJlvLPdVK7iyoTjmQKE6NdcdNE+lOE9DSAue5ZPy/QHvh2yE+CmBjsdOkWggE/M7
EP5aVgrx04MhZ7jRSvwZZvuNdpimplMalnt30dB1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrxkqlIZ8CXO2qKbJHvwPgd/9Gp0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FkMmNlMzk4LTUzOTAtNDg2OC1iZWY0LWM4MWM1ZjM5ZWMwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPGgwDQYJKoZIhvcNAQELBQADggEBAAijWkQlhYUpRDE6fEnpUMFS6G3I
JtRhGOveG/U3nRXQFkH+dxvYWzEOlOIN5slKK/juKeuKs8SGxikNrph3Is5NKGCj
eglCOXzvpD0Sbmp66k6UoELPbM22ICdnNr4G5sbE8C5CzApzuZhzkEZ9WMsfREfi
3Dy98SWr4MgynNCdAnS+lQf2eYb9E2E5xVHXJ54t8O5zg2UCgyAtHrQwATMCZMEn
XLa0moABBSB2+StYQHMs2Wrbenl96LaGIL/F4JbXpgAOyx3AJk2HnD+VPy8iFkf+
t+k3/Y500434QMrojTIYOARwZ3TUhDJ1DnRd4p0wm0i7DLxaJPa54D0W5Yo=
-----END CERTIFICATE-----