Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf9be969-de18-42a6-9d12-16fc8a45d0da.roa
File:                     bf9be969-de18-42a6-9d12-16fc8a45d0da.roa (raw, json)
Hash identifier:          VIZOFOyzlIl/f8B+yfaudUoHFaJs0DPuXCnFRDkrHvM=
Subject key identifier:   0B:17:82:6F:03:0C:57:D9:F2:D4:AF:93:87:77:CA:98:66:7F:45:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       670457C6D0805BC45740FE9D63E8F0026403208A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf9be969-de18-42a6-9d12-16fc8a45d0da.roa
Signing time:             Tue 21 Jan 2025 00:00:00 +0000
ROA not before:           Tue 21 Jan 2025 00:00:00 +0000
ROA not after:            Tue 25 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.26.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:04:57:c6:d0:80:5b:c4:57:40:fe:9d:63:e8:f0:02:64:03:20:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 21 00:00:00 2025 GMT
            Not After : Feb 25 23:59:59 2025 GMT
        Subject: serialNumber=d84fab970bbe84e39371d6c47b850b9f9cbdd644f9aae4e0f8cb40c00bde2a1f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:11:8e:b4:5d:4c:7e:76:55:ad:e3:58:22:ce:
                    bb:90:55:9e:73:0c:3c:42:c6:bb:70:49:6a:7e:0a:
                    07:51:f1:15:6c:79:f4:18:7a:38:d9:21:97:6e:c8:
                    10:91:89:d2:1d:86:c7:60:46:c3:af:dc:9f:de:3b:
                    b7:c7:e3:87:54:61:b1:93:35:e8:85:19:66:d0:70:
                    af:d7:6c:a3:0d:02:b7:a7:c6:df:81:40:3a:f9:90:
                    89:84:4a:27:1d:8e:d7:e0:45:a9:fa:59:c4:0b:71:
                    bd:fb:9c:30:ae:ba:e1:5c:be:53:0c:d8:a7:86:7b:
                    ef:40:60:be:47:26:12:f2:67:bd:23:f3:d0:1e:04:
                    3f:eb:9a:a7:85:86:4b:85:3d:dd:8e:ff:5d:7f:a9:
                    1b:80:91:25:82:19:8d:4a:a0:40:0b:77:cd:a8:c5:
                    09:0a:3c:dd:85:be:f7:e1:bd:85:33:cc:6e:07:54:
                    42:94:41:55:76:4e:31:c3:5d:aa:54:0c:33:66:32:
                    32:40:91:98:74:50:bf:c0:a8:a7:6c:34:c4:fa:36:
                    80:d8:77:75:f2:63:21:91:a5:5e:5f:a9:ee:86:65:
                    46:2c:73:18:e3:8b:ee:b9:06:a4:6b:4c:4c:71:b4:
                    71:aa:61:dd:46:36:9c:89:88:35:e9:9d:85:bf:77:
                    1b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:17:82:6F:03:0C:57:D9:F2:D4:AF:93:87:77:CA:98:66:7F:45:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf9be969-de18-42a6-9d12-16fc8a45d0da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.26.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         93:ff:56:c3:9c:f5:0b:97:31:1e:53:b3:fb:9f:6a:74:f3:b1:
         83:8b:2a:a4:c3:b7:a2:e4:fb:f1:52:74:a1:c3:31:d8:b2:ec:
         c5:a2:9c:5d:96:2c:60:33:21:29:bd:71:ab:09:6d:fb:dd:0a:
         9c:0d:ed:48:78:d8:30:e9:be:c3:ba:2e:ac:cd:b3:71:83:a9:
         9e:ad:7c:32:27:c8:01:20:ca:61:9b:57:9d:8b:c1:d5:a3:56:
         08:10:af:b5:76:21:34:4e:b6:1c:d5:38:67:0f:7b:08:3f:9b:
         aa:15:4a:c7:2d:30:72:00:70:ce:28:35:a7:b8:41:4c:f5:f7:
         df:30:03:d1:eb:fb:7e:55:41:e6:a3:92:7b:4e:a0:96:ae:5e:
         b2:1d:fa:81:d2:28:ad:6f:1d:92:04:60:cb:1a:4a:87:31:f7:
         8c:32:a2:b3:28:d9:a1:09:1b:15:e2:b7:8a:7e:c2:ab:a4:11:
         8d:aa:0f:d4:1e:93:94:75:27:06:df:fe:b7:4b:98:25:16:1f:
         ad:64:b1:9e:09:a1:2b:4b:59:51:cc:d4:45:ca:eb:5a:f2:b6:
         cb:08:30:ca:02:98:8d:f4:0d:e8:c7:14:d2:7f:17:4c:00:e5:
         2a:39:74:e9:10:fd:40:c3:23:6d:1d:47:2f:df:8d:5a:30:97:
         50:8a:8e:d7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZwRXxtCAW8RXQP6dY+jwAmQDIIowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODRmYWI5NzBiYmU4NGUzOTM3MWQ2YzQ3Yjg1MGI5Zjlj
YmRkNjQ0ZjlhYWU0ZTBmOGNiNDBjMDBiZGUyYTFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMEY60XUx+dlWt41gizruQVZ5zDDxCxrtwSWp+CgdR8RVs
efQYejjZIZduyBCRidIdhsdgRsOv3J/eO7fH44dUYbGTNeiFGWbQcK/XbKMNAren
xt+BQDr5kImESicdjtfgRan6WcQLcb37nDCuuuFcvlMM2KeGe+9AYL5HJhLyZ70j
89AeBD/rmqeFhkuFPd2O/11/qRuAkSWCGY1KoEALd82oxQkKPN2FvvfhvYUzzG4H
VEKUQVV2TjHDXapUDDNmMjJAkZh0UL/AqKdsNMT6NoDYd3XyYyGRpV5fqe6GZUYs
cxjji+65BqRrTExxtHGqYd1GNpyJiDXpnYW/dxsxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUCxeCbwMMV9ny1K+Th3fKmGZ/RaswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmOWJlOTY5LWRlMTgtNDJhNi05ZDEyLTE2ZmM4YTQ1ZDBkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQGjANBgkqhkiG9w0BAQsFAAOCAQEAk/9Ww5z1C5cxHlOz+59qdPOxg4sq
pMO3ouT78VJ0ocMx2LLsxaKcXZYsYDMhKb1xqwlt+90KnA3tSHjYMOm+w7ourM2z
cYOpnq18MifIASDKYZtXnYvB1aNWCBCvtXYhNE62HNU4Zw97CD+bqhVKxy0wcgBw
zig1p7hBTPX33zAD0ev7flVB5qOSe06glq5esh36gdIorW8dkgRgyxpKhzH3jDKi
syjZoQkbFeK3in7Cq6QRjaoP1B6TlHUnBt/+t0uYJRYfrWSxngmhK0tZUczURcrr
WvK2ywgwygKYjfQN6McU0n8XTADlKjl06RD9QMMjbR1HL9+NWjCXUIqO1w==
-----END CERTIFICATE-----