Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa
File:                     6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa (raw, json)
Hash identifier:          FAHSsjZhc6PNt7U4Ey8fSaJOaBMJZfO0PL/jPpjeYxQ=
Subject key identifier:   19:2F:4F:9A:6D:C7:EF:50:06:04:02:9B:D1:F5:CF:44:34:4D:4C:4A
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       63BCBB68A9A5C1D8D1633EF840FA9FD304D9FCC3
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.144.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:bc:bb:68:a9:a5:c1:d8:d1:63:3e:f8:40:fa:9f:d3:04:d9:fc:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=b5dcb984891aa65be96481437b58dd420c0e9219e0eed0fe89fa5b59c85f4ee2, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:30:38:bf:b1:7f:a6:73:4e:60:ad:42:65:2d:
                    03:3a:ee:d4:58:5e:87:24:73:e8:a6:15:cd:c1:1c:
                    31:56:c5:54:32:cf:b9:97:98:26:aa:b6:0e:5e:29:
                    82:22:ae:6e:50:e3:d6:b4:01:fb:aa:59:8b:6c:90:
                    13:96:20:c6:ab:08:4f:56:9b:b3:72:49:8d:10:0f:
                    e7:d9:aa:14:19:ac:13:2e:e6:57:98:31:11:4b:50:
                    0e:4e:f8:22:4a:a8:50:ac:33:1c:96:aa:12:41:55:
                    86:90:8a:80:c8:4a:42:db:75:47:9d:23:37:d7:50:
                    7f:9b:9a:5a:b2:7e:20:0b:2f:0e:8f:e6:ff:0c:76:
                    33:0b:ec:1c:01:80:09:9a:3d:d3:a4:c4:11:c3:3d:
                    ee:22:4a:18:be:cf:9e:f7:c6:40:a6:97:61:1f:7a:
                    48:35:54:ab:55:15:fe:60:75:e8:85:5e:04:a7:44:
                    e6:ed:95:bf:80:52:68:fa:b4:e6:55:6e:cd:89:fa:
                    09:88:fc:9f:88:6a:8e:65:28:3a:0f:f8:8f:fa:3b:
                    59:ab:c2:1d:bd:3e:23:a6:ba:e2:c7:3f:2b:17:3f:
                    06:cd:09:4b:ec:20:e3:30:c8:7d:b9:23:cd:c3:32:
                    e4:ae:c2:66:f5:a2:6f:a5:c1:d2:e2:b4:63:2e:d4:
                    8a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:2F:4F:9A:6D:C7:EF:50:06:04:02:9B:D1:F5:CF:44:34:4D:4C:4A
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:96:fb:c4:02:c6:d6:a5:83:2e:51:5e:c0:b8:2c:b7:2e:3c:
         5d:7b:84:62:b6:3c:e2:c8:c0:b6:a1:6b:b7:72:48:f6:2b:5c:
         1f:6b:8c:08:67:d9:57:5e:19:0c:d6:e3:35:08:7a:50:7d:ff:
         bd:62:9a:89:12:a7:9f:5f:38:64:15:38:d4:f8:a6:82:29:95:
         09:f9:b3:e3:84:cd:fe:67:98:26:a4:cb:b9:89:e8:84:b5:d9:
         c1:a1:a8:13:a3:73:e0:5d:fe:29:53:12:9e:e3:68:4b:15:62:
         c8:6b:1a:1f:99:8c:bc:87:bf:2a:3d:67:7d:a3:cf:f6:29:14:
         30:e1:2d:aa:ff:fa:23:62:51:20:e3:48:53:eb:13:b8:0e:f8:
         0f:4f:d9:4e:0a:03:80:ba:eb:e2:77:d9:e8:bd:19:8e:9b:d4:
         7d:c2:03:e9:1d:66:29:10:42:a7:7f:b2:2e:b2:b2:f1:6b:01:
         45:7c:83:61:35:bb:68:d6:07:c1:6d:c1:93:c8:4b:7a:87:0c:
         f5:53:9f:ab:92:d7:01:21:af:a5:3b:d3:9c:3a:ed:e7:55:54:
         6a:1c:31:d3:f5:5d:0e:b9:1c:bf:b3:9f:48:74:0a:19:4e:e3:
         e6:d6:cb:d9:77:7e:61:33:5d:36:cf:ff:7d:83:7d:4c:2d:f7:
         d5:b3:1b:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY7y7aKmlwdjRYz74QPqf0wTZ/MMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNWRjYjk4NDg5MWFhNjViZTk2NDgxNDM3YjU4ZGQ0MjBj
MGU5MjE5ZTBlZWQwZmU4OWZhNWI1OWM4NWY0ZWUyMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdMDi/sX+mc05grUJlLQM67tRYXockc+imFc3BHDFWxVQy
z7mXmCaqtg5eKYIirm5Q49a0AfuqWYtskBOWIMarCE9Wm7NySY0QD+fZqhQZrBMu
5leYMRFLUA5O+CJKqFCsMxyWqhJBVYaQioDISkLbdUedIzfXUH+bmlqyfiALLw6P
5v8MdjML7BwBgAmaPdOkxBHDPe4iShi+z573xkCml2Efekg1VKtVFf5gdeiFXgSn
RObtlb+AUmj6tOZVbs2J+gmI/J+Iao5lKDoP+I/6O1mrwh29PiOmuuLHPysXPwbN
CUvsIOMwyH25I83DMuSuwmb1om+lwdLitGMu1IqxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGS9Pmm3H71AGBAKb0fXPRDRNTEowHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzZiNWJmOTNiLTBhODYtNGUyNS1hMjBhLTRjOTgyOGUxZjg0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIjYJAwDQYJKoZIhvcNAQELBQADggEBAHqW+8QCxtalgy5RXsC4LLcuPF17
hGK2POLIwLaha7dySPYrXB9rjAhn2VdeGQzW4zUIelB9/71imokSp59fOGQVONT4
poIplQn5s+OEzf5nmCaky7mJ6IS12cGhqBOjc+Bd/ilTEp7jaEsVYshrGh+ZjLyH
vyo9Z32jz/YpFDDhLar/+iNiUSDjSFPrE7gO+A9P2U4KA4C66+J32ei9GY6b1H3C
A+kdZikQQqd/si6ysvFrAUV8g2E1u2jWB8FtwZPIS3qHDPVTn6uS1wEhr6U705w6
7edVVGocMdP1XQ65HL+zn0h0ChlO4+bWy9l3fmEzXTbP/32DfUwt99WzG1M=
-----END CERTIFICATE-----