Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d99a456-6c99-48ae-bf3a-149585d61d61.roa
File:                     5d99a456-6c99-48ae-bf3a-149585d61d61.roa (raw, json)
Hash identifier:          IHxTvo2Tr0RX0i4qRSaOR0nenaYrTFUEO8PHrBtAXd0=
Subject key identifier:   AE:38:4B:DF:A4:72:1D:0D:47:69:AE:51:D4:26:DE:36:EB:AA:4A:28
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       6A8C2239AB744C3449F6575FCC79E0E6DCD4C4FF
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d99a456-6c99-48ae-bf3a-149585d61d61.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.232.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:8c:22:39:ab:74:4c:34:49:f6:57:5f:cc:79:e0:e6:dc:d4:c4:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=5b286bf9ec7e99e57850653bbc5478ce0dbf6d71a5108042369e2a53060272f4, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:3c:b1:f1:7c:26:da:21:3f:9a:af:ab:f7:0c:
                    eb:f8:d1:c6:3a:ce:21:94:94:e7:91:c0:66:dc:50:
                    80:cc:8f:3a:0e:21:a3:c4:1c:7a:cd:e4:7b:38:16:
                    bc:d1:28:60:e9:d9:ed:14:61:fe:54:c6:92:62:b9:
                    09:85:8e:2d:53:0d:41:c0:34:a0:39:c9:54:08:57:
                    11:1d:31:a6:f3:4f:e1:19:de:ba:24:97:38:67:e8:
                    3a:19:cb:8c:ce:c3:3e:59:54:5d:b4:f4:b4:90:3c:
                    72:46:f6:f7:14:90:c4:d9:35:a4:c5:f8:16:1b:cc:
                    c2:5c:47:8e:28:02:de:e8:e8:eb:2b:60:d3:ca:0d:
                    86:c1:96:de:ff:16:42:86:80:8f:1a:bf:ac:f2:9f:
                    53:dc:16:db:27:3f:3e:f7:45:5d:92:44:aa:c0:f7:
                    d1:96:ac:21:db:b8:9e:82:fb:5f:a7:e9:ae:3c:e0:
                    16:d8:93:75:1f:ea:89:4e:d5:b7:c9:29:27:a9:a3:
                    da:e1:f9:65:8c:15:65:5c:23:82:a8:46:49:ce:32:
                    42:cf:42:71:61:3f:bc:5d:e1:af:d2:a7:b8:78:38:
                    1e:d7:ec:78:a4:d5:fe:98:12:90:78:87:0c:41:7f:
                    b5:1b:85:04:ac:53:2a:91:79:ec:97:94:5f:2d:6e:
                    a1:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:38:4B:DF:A4:72:1D:0D:47:69:AE:51:D4:26:DE:36:EB:AA:4A:28
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d99a456-6c99-48ae-bf3a-149585d61d61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:59:f5:0d:8a:39:dd:6e:8c:59:9d:ed:b2:4a:d5:c3:09:28:
         3b:19:d6:08:33:a0:66:60:7b:45:56:24:15:97:6d:4b:a0:e5:
         af:22:d0:9f:01:a4:c0:c3:82:6c:b9:95:1b:96:d5:88:38:c2:
         ed:88:ce:76:34:13:7d:13:fa:93:63:8f:02:d7:e3:8b:c9:7f:
         33:f0:74:ba:e4:08:be:04:d5:7d:84:f1:c3:42:10:0b:c6:66:
         c5:2b:2a:86:1b:89:9e:7e:8d:ae:7c:5d:9e:27:38:3a:a1:b7:
         9d:4c:fe:db:e9:bf:eb:bd:c3:f4:e9:b4:b7:a7:4a:aa:97:58:
         07:08:71:32:ff:17:a9:90:43:ec:b7:45:ba:a0:ce:05:9f:24:
         ee:0d:20:1d:3d:a8:32:bb:9b:71:82:5f:0e:06:18:b5:97:30:
         0c:3b:49:f3:8c:ff:e3:6e:13:06:41:d5:9e:73:21:ec:5d:a6:
         b0:e5:c6:12:17:56:0b:15:9c:f8:70:ab:3a:0b:1c:25:b0:34:
         2b:75:1b:6b:67:e7:06:36:39:fc:07:38:f7:59:05:ff:0f:17:
         a7:db:75:ed:8a:38:92:9f:65:53:97:3d:ab:01:d1:6b:7f:06:
         3a:7a:42:6e:50:a2:65:d7:0a:28:d9:7a:ec:78:b0:c2:01:ed:
         38:22:f2:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaowiOat0TDRJ9ldfzHng5tzUxP8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjI4NmJmOWVjN2U5OWU1Nzg1MDY1M2JiYzU0NzhjZTBk
YmY2ZDcxYTUxMDgwNDIzNjllMmE1MzA2MDI3MmY0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiPLHxfCbaIT+ar6v3DOv40cY6ziGUlOeRwGbcUIDMjzoO
IaPEHHrN5Hs4FrzRKGDp2e0UYf5UxpJiuQmFji1TDUHANKA5yVQIVxEdMabzT+EZ
3roklzhn6DoZy4zOwz5ZVF209LSQPHJG9vcUkMTZNaTF+BYbzMJcR44oAt7o6Osr
YNPKDYbBlt7/FkKGgI8av6zyn1PcFtsnPz73RV2SRKrA99GWrCHbuJ6C+1+n6a48
4BbYk3Uf6olO1bfJKSepo9rh+WWMFWVcI4KoRknOMkLPQnFhP7xd4a/Sp7h4OB7X
7Hik1f6YEpB4hwxBf7UbhQSsUyqReeyXlF8tbqF7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrjhL36RyHQ1Haa5R1CbeNuuqSigwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVkOTlhNDU2LTZjOTktNDhhZS1iZjNhLTE0OTU4NWQ2MWQ2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJFqegwDQYJKoZIhvcNAQELBQADggEBADlZ9Q2KOd1ujFmd7bJK1cMJKDsZ
1ggzoGZge0VWJBWXbUug5a8i0J8BpMDDgmy5lRuW1Yg4wu2IznY0E30T+pNjjwLX
44vJfzPwdLrkCL4E1X2E8cNCEAvGZsUrKoYbiZ5+ja58XZ4nODqht51M/tvpv+u9
w/TptLenSqqXWAcIcTL/F6mQQ+y3RbqgzgWfJO4NIB09qDK7m3GCXw4GGLWXMAw7
SfOM/+NuEwZB1Z5zIexdprDlxhIXVgsVnPhwqzoLHCWwNCt1G2tn5wY2OfwHOPdZ
Bf8PF6fbde2KOJKfZVOXPasB0Wt/Bjp6Qm5QomXXCijZeux4sMIB7Tgi8mA=
-----END CERTIFICATE-----