Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa
File:                     c39d5c58-914d-4d17-9204-d6652dbcef48.roa (raw, json)
Hash identifier:          TitRIhlWagLMYFKx2OGuNdy4qtuN14iVEnXE6HK1Gxc=
Subject key identifier:   2C:1E:DF:7D:EB:6C:C9:E5:D9:32:3F:AB:0A:9E:86:BE:5B:8F:BB:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F39C060CD7F616EC598213986991562EE7F80A2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.59.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:39:c0:60:cd:7f:61:6e:c5:98:21:39:86:99:15:62:ee:7f:80:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: serialNumber=f0035c17dfd5e81c3b4fa6b2d9dd5470fd7b4365d861123293fc81b801cc493c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d8:c7:88:f7:8e:1b:ba:28:5a:0d:51:0d:29:
                    d2:5e:10:0c:4e:58:05:1f:84:c1:9b:7a:dd:d3:d9:
                    97:20:09:f2:c0:7e:dd:82:94:b6:e7:8f:39:06:f1:
                    72:c6:0f:54:24:50:10:02:f7:b8:c3:0a:98:af:9a:
                    a8:73:92:65:4a:2c:8d:5b:cf:7f:56:44:72:37:9a:
                    db:ab:e1:eb:3c:da:a4:05:4b:77:14:e7:0a:84:8b:
                    24:1f:8c:d4:01:e2:57:1b:d5:f4:57:03:bf:78:53:
                    6f:2f:ec:bc:af:57:4c:51:b2:88:32:ef:28:79:38:
                    a9:66:a6:f1:10:46:d5:f1:1c:bb:32:ed:b6:5e:f3:
                    1e:57:cf:a7:6e:90:aa:42:e0:14:80:59:86:2e:71:
                    dd:44:11:ae:e4:cc:5f:84:ee:81:d8:8b:9d:0a:58:
                    f6:89:d6:ab:75:c1:33:d3:0c:97:c9:53:2d:62:fa:
                    56:02:4b:17:39:9d:9a:73:13:bb:42:d6:4b:90:60:
                    7a:6c:15:de:ab:c2:1c:44:2d:4b:40:7c:4d:7d:f1:
                    04:4f:91:4f:57:a9:d4:4a:70:3e:c2:a5:9f:4c:b7:
                    7c:05:c7:2b:c1:c4:a1:68:ff:89:8d:3e:05:ef:17:
                    bc:ad:81:3b:f0:c2:5d:62:52:ae:19:6e:f0:fd:22:
                    a6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:1E:DF:7D:EB:6C:C9:E5:D9:32:3F:AB:0A:9E:86:BE:5B:8F:BB:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:57:20:50:2b:1a:90:13:95:12:dd:9e:e6:07:3f:60:63:d5:
         2d:53:38:82:15:ac:f1:6f:9f:ee:90:5b:1d:c6:c1:a6:25:bf:
         90:4c:4e:f4:4e:b6:79:a7:d3:b7:0c:ac:59:2f:ec:94:77:dc:
         79:d3:1b:da:9c:8c:6b:66:a0:c1:90:be:70:44:89:f0:ca:87:
         53:54:a7:e7:c9:ea:06:65:8d:bd:c2:ea:60:af:1e:1c:56:0d:
         ec:6a:c8:01:fe:92:0e:fc:5a:dd:cf:20:85:fd:c6:49:ca:b9:
         d9:87:52:70:f6:d3:52:5b:86:16:24:01:08:b4:07:fc:58:ec:
         5b:22:7f:71:15:b0:7c:9b:4b:78:d0:1e:e3:6d:2c:1e:72:8e:
         b4:c9:31:b5:b3:91:80:d5:1e:7d:69:bb:f9:1a:a0:86:98:d1:
         96:41:cd:b0:fa:a0:b3:c1:8d:ed:c7:90:40:59:06:76:f8:fd:
         bb:df:2b:09:b4:61:2d:9b:0d:b2:9b:0b:15:e2:fe:d3:f1:bb:
         9b:32:17:86:f6:0a:34:61:e8:af:7e:15:01:1b:48:a3:8a:2d:
         93:8b:7f:bb:cd:3e:f2:1b:bd:fa:75:75:3a:a3:d5:54:ee:52:
         ad:d3:25:3c:c4:1d:db:b1:f3:15:0a:dc:13:ad:70:d1:29:16:
         a6:7c:5e:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTznAYM1/YW7FmCE5hpkVYu5/gKIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDAzNWMxN2RmZDVlODFjM2I0ZmE2YjJkOWRkNTQ3MGZk
N2I0MzY1ZDg2MTEyMzI5M2ZjODFiODAxY2M0OTNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi2MeI944buihaDVENKdJeEAxOWAUfhMGbet3T2ZcgCfLA
ft2ClLbnjzkG8XLGD1QkUBAC97jDCpivmqhzkmVKLI1bz39WRHI3mtur4es82qQF
S3cU5wqEiyQfjNQB4lcb1fRXA794U28v7LyvV0xRsogy7yh5OKlmpvEQRtXxHLsy
7bZe8x5Xz6dukKpC4BSAWYYucd1EEa7kzF+E7oHYi50KWPaJ1qt1wTPTDJfJUy1i
+lYCSxc5nZpzE7tC1kuQYHpsFd6rwhxELUtAfE198QRPkU9XqdRKcD7CpZ9Mt3wF
xyvBxKFo/4mNPgXvF7ytgTvwwl1iUq4ZbvD9Iqb/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULB7ffetsyeXZMj+rCp6GvluPu2owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MzOWQ1YzU4LTkxNGQtNGQxNy05MjA0LWQ2NjUyZGJjZWY0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABODDswDQYJKoZIhvcNAQELBQADggEBAIJXIFArGpATlRLdnuYHP2Bj1S1T
OIIVrPFvn+6QWx3GwaYlv5BMTvROtnmn07cMrFkv7JR33HnTG9qcjGtmoMGQvnBE
ifDKh1NUp+fJ6gZljb3C6mCvHhxWDexqyAH+kg78Wt3PIIX9xknKudmHUnD201Jb
hhYkAQi0B/xY7Fsif3EVsHybS3jQHuNtLB5yjrTJMbWzkYDVHn1pu/kaoIaY0ZZB
zbD6oLPBje3HkEBZBnb4/bvfKwm0YS2bDbKbCxXi/tPxu5syF4b2CjRh6K9+FQEb
SKOKLZOLf7vNPvIbvfp1dTqj1VTuUq3TJTzEHdux8xUK3BOtcNEpFqZ8XqU=
-----END CERTIFICATE-----