Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be713b82-ae33-4ba7-81a1-ce725d0392dd.roa
File:                     be713b82-ae33-4ba7-81a1-ce725d0392dd.roa (raw, json)
Hash identifier:          YdPdlpWFEK5iNr4FWzy/Zng7EO6FEGtZ1fV56eN0ttc=
Subject key identifier:   AE:50:AD:FC:7F:A2:B5:F9:22:FA:CC:CC:93:C7:06:74:0C:8F:0D:20
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BCEB9528790F073AFE236CC9650F56919ACC173
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be713b82-ae33-4ba7-81a1-ce725d0392dd.roa
Signing time:             Fri 17 Jan 2025 00:00:00 +0000
ROA not before:           Fri 17 Jan 2025 00:00:00 +0000
ROA not after:            Fri 21 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.193.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:ce:b9:52:87:90:f0:73:af:e2:36:cc:96:50:f5:69:19:ac:c1:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 17 00:00:00 2025 GMT
            Not After : Feb 21 23:59:59 2025 GMT
        Subject: serialNumber=b8d7defd1e31f6408685752e55e8d6a8d4b5d0f34a16c3faa086b7973508e979, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:42:0e:72:60:93:8e:41:0f:2e:b5:54:69:88:
                    2c:e4:14:29:c5:a8:15:6e:3e:b2:cc:a0:c8:e1:a8:
                    2f:ee:92:f7:b2:c3:74:fd:80:8c:dd:a6:9e:d0:13:
                    c4:13:5d:06:8a:bb:60:ad:25:8d:ff:f5:5b:62:4e:
                    bf:b8:5d:3d:19:60:26:ef:3b:65:79:c2:12:ac:b6:
                    25:32:a2:ec:18:84:99:9d:01:0f:df:ad:23:35:ea:
                    42:b2:fc:ca:2f:b1:56:1f:09:05:10:cd:aa:b3:c6:
                    37:e3:76:b9:7a:8d:52:b4:19:25:52:de:59:13:31:
                    a1:f2:68:fc:86:c5:f4:42:60:16:3a:c2:fc:0a:61:
                    ec:90:50:52:7e:9f:90:06:d2:43:20:fc:ef:e5:86:
                    63:6f:1c:95:85:ac:f5:91:fe:ab:46:52:e7:16:b1:
                    69:80:7a:a9:56:8f:16:cf:2c:68:ca:d4:61:07:6a:
                    b3:e7:d3:e3:88:de:b1:bf:a0:44:09:9a:f2:b1:09:
                    93:d8:86:3a:98:dd:5d:b8:2d:93:07:ba:d1:90:32:
                    dd:30:1d:c1:0a:8e:98:a1:d7:8b:d2:e8:b2:16:ce:
                    92:7c:72:a2:27:71:71:2b:79:d8:d5:e7:45:2c:ad:
                    7d:85:be:c1:d1:51:bd:3a:91:e1:bb:6b:31:01:6c:
                    e7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:50:AD:FC:7F:A2:B5:F9:22:FA:CC:CC:93:C7:06:74:0C:8F:0D:20
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be713b82-ae33-4ba7-81a1-ce725d0392dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.193.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         00:e2:4a:d5:26:fe:cf:0d:79:4b:56:69:98:7a:41:a4:03:0f:
         bd:06:44:cc:cb:8d:78:e7:96:5a:d0:fa:1b:8f:a8:db:1a:62:
         61:2e:26:65:e0:7a:87:27:b6:2f:99:b1:a3:7f:bb:5e:a2:e7:
         00:96:93:f0:67:ff:9b:27:1e:1e:49:1c:6c:02:ef:82:29:af:
         09:77:9a:ce:59:b7:75:5f:41:45:11:44:fd:98:0e:1c:fe:c4:
         af:08:a2:b0:61:f5:92:75:9e:00:13:c2:b8:62:66:28:5f:48:
         f8:a6:26:38:d4:f7:0e:37:44:e9:7b:37:24:2a:5d:2a:cd:b7:
         dc:a8:81:dc:f5:48:98:27:65:94:bd:af:8c:5f:9d:bd:dd:d9:
         d6:81:33:69:e1:3a:68:0c:e3:fd:91:07:19:6b:3e:bf:f9:ef:
         5f:6c:10:66:89:51:7b:bf:59:3b:4e:51:76:bc:6e:91:f3:7f:
         d6:20:3a:09:a4:31:5e:68:8a:90:ed:67:9d:c2:5f:48:fc:2f:
         87:47:ba:04:b4:34:71:5b:32:fa:4f:c2:ca:86:cf:d8:a0:6c:
         2b:0a:07:3c:4f:51:00:23:94:77:01:13:10:cb:b0:44:83:02:
         c0:43:18:63:80:c1:8f:ef:41:2b:bb:04:a4:7b:ac:4e:de:7e:
         e5:a0:ca:ca
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG865UoeQ8HOv4jbMllD1aRmswXMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE3MDAwMDAwWhcNMjUwMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGQ3ZGVmZDFlMzFmNjQwODY4NTc1MmU1NWU4ZDZhOGQ0
YjVkMGYzNGExNmMzZmFhMDg2Yjc5NzM1MDhlOTc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQQg5yYJOOQQ8utVRpiCzkFCnFqBVuPrLMoMjhqC/ukvey
w3T9gIzdpp7QE8QTXQaKu2CtJY3/9VtiTr+4XT0ZYCbvO2V5whKstiUyouwYhJmd
AQ/frSM16kKy/MovsVYfCQUQzaqzxjfjdrl6jVK0GSVS3lkTMaHyaPyGxfRCYBY6
wvwKYeyQUFJ+n5AG0kMg/O/lhmNvHJWFrPWR/qtGUucWsWmAeqlWjxbPLGjK1GEH
arPn0+OI3rG/oEQJmvKxCZPYhjqY3V24LZMHutGQMt0wHcEKjpih14vS6LIWzpJ8
cqIncXEredjV50UsrX2FvsHRUb06keG7azEBbOeJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrlCt/H+itfki+szMk8cGdAyPDSAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JlNzEzYjgyLWFlMzMtNGJhNy04MWExLWNlNzI1ZDAzOTJkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5wTANBgkqhkiG9w0BAQsFAAOCAQEAAOJK1Sb+zw15S1ZpmHpBpAMPvQZE
zMuNeOeWWtD6G4+o2xpiYS4mZeB6hye2L5mxo3+7XqLnAJaT8Gf/myceHkkcbALv
gimvCXeazlm3dV9BRRFE/ZgOHP7ErwiisGH1knWeABPCuGJmKF9I+KYmONT3DjdE
6Xs3JCpdKs233KiB3PVImCdllL2vjF+dvd3Z1oEzaeE6aAzj/ZEHGWs+v/nvX2wQ
ZolRe79ZO05RdrxukfN/1iA6CaQxXmiKkO1nncJfSPwvh0e6BLQ0cVsy+k/CyobP
2KBsKwoHPE9RACOUdwETEMuwRIMCwEMYY4DBj+9BK7sEpHusTt5+5aDKyg==
-----END CERTIFICATE-----