Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/77589b1b-ff9a-42b2-bec7-a1653f08cb4d.roa
File:                     77589b1b-ff9a-42b2-bec7-a1653f08cb4d.roa (raw, json)
Hash identifier:          B0PyQDjJVssXU8Z7uk7rLgdy6D4oZmIdOGgmG9sITBM=
Subject key identifier:   1D:01:70:F7:84:87:67:61:4F:B8:05:C2:64:12:23:6D:88:7E:83:0C
Certificate issuer:       /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
Certificate serial:       4E99E0D35192FB81994024CC689FE53BB55D68A1
Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/77589b1b-ff9a-42b2-bec7-a1653f08cb4d.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.169.160.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:99:e0:d3:51:92:fb:81:99:40:24:cc:68:9f:e5:3b:b5:5d:68:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=fefc32ff029119ac1a052ec647777576fe29eea21ea611adc4289e1ea5221dbb, CN=71c3876e-b944-4600-92c7-cec33d89523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c4:c6:db:ed:14:d6:1f:28:59:08:65:25:68:
                    df:f6:cb:ad:0d:de:b5:d6:3e:25:cb:14:af:fe:38:
                    56:18:3f:8f:ff:6c:2e:18:6f:a3:b8:84:05:3a:7f:
                    d7:09:f9:85:9e:1f:72:62:38:66:76:8e:f0:d0:21:
                    90:59:75:eb:ef:99:1d:3b:3e:55:99:e4:b8:8d:f4:
                    7e:ab:85:37:37:45:0c:c1:41:4a:c3:d8:fc:ec:2d:
                    3a:de:06:41:47:6b:fa:6d:bd:a0:f2:65:45:af:dd:
                    87:f1:e1:b7:75:53:ee:e9:d9:bb:72:1b:83:d8:41:
                    b4:26:65:70:ad:93:6e:df:0d:5d:e3:a1:06:d5:15:
                    cc:02:a8:71:43:12:c5:83:dc:9d:e3:96:b1:dc:d6:
                    e2:32:c8:d7:07:3e:ab:a2:10:e2:5a:cd:8a:0c:53:
                    04:84:62:c7:bd:ee:1b:91:d4:54:f9:69:bd:8d:ef:
                    7f:ab:6e:2f:4f:b1:49:dc:f4:39:60:9c:b4:6a:dd:
                    fc:48:10:cf:f9:f6:93:eb:d5:3d:ac:f3:5b:fd:ee:
                    66:1a:26:66:e8:d5:28:9a:cc:23:01:cd:dd:70:c2:
                    4b:26:d9:cb:69:45:27:a3:77:01:e7:7e:b1:5d:1d:
                    2b:d9:72:51:bd:44:8e:75:7f:73:49:e5:70:94:fc:
                    31:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:01:70:F7:84:87:67:61:4F:B8:05:C2:64:12:23:6D:88:7E:83:0C
            X509v3 Authority Key Identifier:
                keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/77589b1b-ff9a-42b2-bec7-a1653f08cb4d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.169.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1a:c8:0f:7a:fc:4d:de:22:a4:66:58:19:a9:3d:de:14:c4:56:
         d4:dc:f8:35:bd:5e:f8:91:69:f9:cc:b1:fd:d1:0e:17:76:6e:
         10:ed:98:bc:37:61:30:ae:d6:84:17:bd:83:eb:9d:81:85:6a:
         24:89:a0:13:2d:33:51:6b:f6:d0:33:da:f7:cf:2f:4b:ed:04:
         12:9b:cc:13:f1:65:a3:b5:0c:e4:0b:66:2b:21:0f:99:ce:11:
         f3:a8:5f:a1:29:95:67:dd:ef:26:a6:6f:57:ce:e4:1e:4f:85:
         39:c3:10:6f:49:4b:bc:8d:b5:97:f0:05:07:83:9c:29:3e:d0:
         99:f6:d3:2a:92:23:3f:d3:9c:c9:69:9d:84:99:9f:4c:01:c1:
         c9:47:39:a0:c2:a6:2c:86:16:0f:2b:58:04:1c:96:87:21:e1:
         b6:fe:8c:a0:38:1a:03:cc:3b:05:e4:d4:db:2b:88:aa:e3:f6:
         45:23:c0:21:85:0e:9a:67:85:94:e7:97:07:15:7c:3f:fd:0e:
         69:06:1e:5d:50:23:b8:fe:94:cb:78:56:13:90:86:78:b5:bb:
         46:70:1e:5a:f0:bf:73:3f:08:5e:91:60:0a:c7:99:e7:32:51:
         01:1b:b6:db:96:c2:cc:77:69:63:c3:97:79:b5:34:88:ae:31:
         25:70:b7:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTpng01GS+4GZQCTMaJ/lO7VdaKEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy
MGFhYmFiZjliNGRmZjliNjQwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZWZjMzJmZjAyOTExOWFjMWEwNTJlYzY0Nzc3NzU3NmZl
MjllZWEyMWVhNjExYWRjNDI4OWUxZWE1MjIxZGJiMS0wKwYDVQQDEyQ3MWMzODc2
ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnxMbb7RTWHyhZCGUlaN/2y60N3rXWPiXLFK/+OFYYP4//
bC4Yb6O4hAU6f9cJ+YWeH3JiOGZ2jvDQIZBZdevvmR07PlWZ5LiN9H6rhTc3RQzB
QUrD2PzsLTreBkFHa/ptvaDyZUWv3Yfx4bd1U+7p2btyG4PYQbQmZXCtk27fDV3j
oQbVFcwCqHFDEsWD3J3jlrHc1uIyyNcHPquiEOJazYoMUwSEYse97huR1FT5ab2N
73+rbi9PsUnc9DlgnLRq3fxIEM/59pPr1T2s81v97mYaJmbo1SiazCMBzd1wwksm
2ctpRSejdwHnfrFdHSvZclG9RI51f3NJ5XCU/DGnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHQFw94SHZ2FPuAXCZBIjbYh+gwwwHwYDVR0jBBgwFoAU/iLg9yLMTwYM
WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y
MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3
ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4
NmYwYjE1OTRjLzc3NTg5YjFiLWZmOWEtNDJiMi1iZWM3LWExNjUzZjA4Y2I0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm
LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAS4qaAwDQYJKoZIhvcNAQELBQADggEBABrID3r8Td4ipGZYGak93hTEVtTc
+DW9XviRafnMsf3RDhd2bhDtmLw3YTCu1oQXvYPrnYGFaiSJoBMtM1Fr9tAz2vfP
L0vtBBKbzBPxZaO1DOQLZishD5nOEfOoX6EplWfd7yamb1fO5B5PhTnDEG9JS7yN
tZfwBQeDnCk+0Jn20yqSIz/TnMlpnYSZn0wBwclHOaDCpiyGFg8rWAQcloch4bb+
jKA4GgPMOwXk1NsriKrj9kUjwCGFDppnhZTnlwcVfD/9DmkGHl1QI7j+lMt4VhOQ
hni1u0ZwHlrwv3M/CF6RYArHmecyUQEbttuWwsx3aWPDl3m1NIiuMSVwt4I=
-----END CERTIFICATE-----