Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/6da9618c-e798-462f-afd9-32b58ba88cba.roa
File:                     6da9618c-e798-462f-afd9-32b58ba88cba.roa (raw, json)
Hash identifier:          hc73elt2EwZRaLCMkl0bk2r/ARZ4oda0EV1Dv8BmK2w=
Subject key identifier:   F3:77:C5:8F:56:EA:CD:5C:02:EF:7F:BF:F6:14:08:3B:2D:F3:B1:33
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       1E73CE6922E9B34F7260FAA29C004EC63D4F3C27
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/6da9618c-e798-462f-afd9-32b58ba88cba.roa
Signing time:             Sat 25 Jan 2025 00:00:00 +0000
ROA not before:           Sat 25 Jan 2025 00:00:00 +0000
ROA not after:            Sat 01 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.224.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:73:ce:69:22:e9:b3:4f:72:60:fa:a2:9c:00:4e:c6:3d:4f:3c:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan 25 00:00:00 2025 GMT
            Not After : Mar  1 23:59:59 2025 GMT
        Subject: serialNumber=de61f36abdfde0f138d348f7e984340b15793844ecb4aef8209b30f4284847c3, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:2f:4a:e0:c6:be:55:46:42:6b:50:b9:f0:c9:
                    5a:e0:c0:6c:33:53:2c:70:49:07:e4:97:cc:05:48:
                    02:5b:7f:f2:db:94:f1:58:52:ec:6b:41:20:6f:8d:
                    ed:1b:83:50:a8:7f:13:99:fa:cc:dd:18:c6:1d:2b:
                    72:73:3f:93:5b:37:fe:bb:72:b4:63:cb:7a:a5:bf:
                    47:e5:6f:0a:50:98:93:d8:14:e8:21:cd:d5:24:db:
                    5f:22:ea:26:98:d2:7c:c7:23:b6:a7:67:91:37:cc:
                    9d:5c:af:7d:38:56:50:64:7e:6c:82:9a:6a:a8:80:
                    ea:cb:bf:c6:c4:32:72:e5:0f:93:cf:1d:55:65:12:
                    4a:45:5c:80:7f:90:fb:84:f2:35:8e:a8:ed:fd:1c:
                    e5:f9:e4:11:7e:4e:53:43:e4:f2:11:7f:62:72:c5:
                    7c:ac:66:a8:18:a5:27:0c:0b:48:78:b4:28:0c:9c:
                    0a:f3:17:ad:26:66:ce:b7:b0:22:a6:da:1f:4c:0a:
                    6c:f9:83:0d:93:b6:e2:af:0a:bb:59:fc:b2:c6:79:
                    43:9f:12:63:9c:5e:87:38:12:7e:57:0d:10:98:0a:
                    b7:c3:71:7b:9d:fc:82:c0:49:18:c8:d8:cd:60:61:
                    f6:84:b9:d8:05:86:83:30:8e:28:31:6b:b3:76:d4:
                    1b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:77:C5:8F:56:EA:CD:5C:02:EF:7F:BF:F6:14:08:3B:2D:F3:B1:33
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/6da9618c-e798-462f-afd9-32b58ba88cba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         29:83:a6:7a:9a:e2:83:1c:bf:d0:36:31:30:ae:7e:25:82:69:
         a4:71:5e:d5:ca:52:c8:e9:ea:13:e9:5a:e6:af:f2:67:65:a6:
         ba:09:aa:86:c1:bf:89:1c:6a:c4:05:c7:1f:cc:06:5f:b3:cc:
         d9:16:1b:c5:5f:41:ca:2e:84:b8:ab:50:00:f1:61:2b:c3:6c:
         e3:c7:90:eb:d8:76:39:f4:b5:de:da:21:12:58:c9:43:48:62:
         29:2e:1a:74:1a:9d:ed:e8:1c:9c:ba:eb:cb:93:2e:f2:7b:66:
         0d:52:f4:89:c6:f2:89:a5:1e:03:95:52:88:bb:91:ef:ec:69:
         8f:27:11:e5:29:86:bc:86:37:47:00:78:c5:2b:76:71:1a:6d:
         8c:f3:4d:fc:c8:89:93:89:eb:35:a1:7a:5e:7a:6b:02:e8:71:
         46:0c:ee:ba:8d:26:cb:ed:07:a7:ab:40:b6:7a:ca:dd:54:86:
         f1:67:67:da:79:cc:cf:71:3d:6d:75:ef:99:8d:85:65:2a:a7:
         c5:53:cb:84:95:97:45:14:85:0d:75:59:91:fa:09:33:13:0e:
         13:2b:4d:12:b7:eb:66:c7:d4:1c:1b:ed:c1:2c:56:e8:a2:91:
         8b:9a:4c:0e:ef:24:c9:5f:c7:80:83:a2:13:bd:0f:35:a5:d7:
         ae:32:e6:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHnPOaSLps09yYPqinABOxj1PPCcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTYxZjM2YWJkZmRlMGYxMzhkMzQ4ZjdlOTg0MzQwYjE1
NzkzODQ0ZWNiNGFlZjgyMDliMzBmNDI4NDg0N2MzMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkL0rgxr5VRkJrULnwyVrgwGwzUyxwSQfkl8wFSAJbf/Lb
lPFYUuxrQSBvje0bg1CofxOZ+szdGMYdK3JzP5NbN/67crRjy3qlv0flbwpQmJPY
FOghzdUk218i6iaY0nzHI7anZ5E3zJ1cr304VlBkfmyCmmqogOrLv8bEMnLlD5PP
HVVlEkpFXIB/kPuE8jWOqO39HOX55BF+TlND5PIRf2JyxXysZqgYpScMC0h4tCgM
nArzF60mZs63sCKm2h9MCmz5gw2TtuKvCrtZ/LLGeUOfEmOcXoc4En5XDRCYCrfD
cXud/ILASRjI2M1gYfaEudgFhoMwjigxa7N21BshAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU83fFj1bqzVwC73+/9hQIOy3zsTMwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzZkYTk2MThjLWU3OTgtNDYyZi1hZmQ5LTMyYjU4YmE4OGNiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARFqeAwDQYJKoZIhvcNAQELBQADggEBACmDpnqa4oMcv9A2MTCufiWCaaRx
XtXKUsjp6hPpWuav8mdlproJqobBv4kcasQFxx/MBl+zzNkWG8VfQcouhLirUADx
YSvDbOPHkOvYdjn0td7aIRJYyUNIYikuGnQane3oHJy668uTLvJ7Zg1S9InG8oml
HgOVUoi7ke/saY8nEeUphryGN0cAeMUrdnEabYzzTfzIiZOJ6zWhel56awLocUYM
7rqNJsvtB6erQLZ6yt1UhvFnZ9p5zM9xPW1175mNhWUqp8VTy4SVl0UUhQ11WZH6
CTMTDhMrTRK362bH1Bwb7cEsVuiikYuaTA7vJMlfx4CDohO9DzWl164y5nY=
-----END CERTIFICATE-----