Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b0ff1f9-66c6-4238-908d-78ef5bab20b0.roa
File:                     1b0ff1f9-66c6-4238-908d-78ef5bab20b0.roa (raw, json)
Hash identifier:          STbLxIs0rIwC4X6sfbbl3F8TphspnkUBf0r3Lt7kCtw=
Subject key identifier:   2B:E9:52:F1:E2:14:0D:C3:2D:AC:EA:10:C3:40:0E:A3:F4:7E:76:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       673B8BCBCAB3CAAE8C2A1A93969989F7520749EA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b0ff1f9-66c6-4238-908d-78ef5bab20b0.roa
Signing time:             Fri 04 Apr 2025 00:10:21 +0000
ROA not before:           Fri 04 Apr 2025 00:10:21 +0000
ROA not after:            Fri 09 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.5.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:3b:8b:cb:ca:b3:ca:ae:8c:2a:1a:93:96:99:89:f7:52:07:49:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr  4 00:10:21 2025 GMT
            Not After : May  9 23:59:59 2025 GMT
        Subject: serialNumber=680312ff8dfdb106da4571461b22da8d8f8c43d390716f5eec8d9fcdd795e6dd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:90:c3:f5:77:6e:06:de:28:58:7b:59:c6:d1:
                    19:9f:8f:a0:1d:32:be:8c:34:e9:a4:8e:63:af:ff:
                    d9:ab:72:52:c3:d7:b3:05:0b:b5:ed:d6:8a:49:d7:
                    f3:20:c7:30:c1:6d:4a:e0:f0:70:1e:d0:5c:9f:ca:
                    8b:d3:c2:33:c3:7f:0c:88:9a:b5:42:01:b8:7e:42:
                    d7:f6:af:2f:6c:ad:c9:0b:b0:ae:c3:c3:cd:90:44:
                    03:b1:d6:e7:ec:53:45:31:d3:de:80:d4:3f:6d:06:
                    48:74:0d:54:64:12:4b:08:23:e8:dd:85:6c:2a:b2:
                    68:be:93:7d:c3:c0:fc:29:d1:52:4d:84:a8:17:79:
                    16:63:57:54:a6:98:be:d8:8d:28:53:66:de:7f:00:
                    a5:16:c3:97:64:29:aa:a0:e4:e7:b2:34:b3:e5:4e:
                    5f:0f:1d:9b:f8:81:4c:0c:86:ee:30:1b:84:cf:4c:
                    38:50:47:75:2f:d3:95:23:b3:3d:6b:ae:13:96:16:
                    12:2f:25:26:7a:ae:06:57:08:41:89:2b:8a:e1:11:
                    9f:b8:e6:4d:42:26:fe:00:0f:e6:5c:cc:e4:22:76:
                    e6:96:62:8a:8d:0c:76:df:71:00:2f:b7:72:91:94:
                    aa:80:12:69:a8:e7:2a:e1:06:27:14:85:2a:2e:4c:
                    28:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:E9:52:F1:E2:14:0D:C3:2D:AC:EA:10:C3:40:0E:A3:F4:7E:76:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b0ff1f9-66c6-4238-908d-78ef5bab20b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.5.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4c:28:58:b1:00:c8:47:eb:b0:5e:1a:4a:5d:08:b0:78:e0:f2:
         8c:86:f7:af:91:13:f7:cf:80:62:b8:88:3a:30:11:78:11:50:
         95:fe:16:e6:23:c9:fe:0c:06:3b:9c:18:c3:fe:f2:91:fa:38:
         a6:c2:6d:01:7b:a5:f5:c2:e3:00:e6:e2:8e:31:09:23:e7:e6:
         14:ad:d4:a2:18:6f:f4:9b:ff:d3:77:98:53:aa:7b:a8:ff:a7:
         de:70:2b:3a:a1:f7:a1:7f:f4:59:77:53:8e:76:26:28:17:e2:
         15:59:82:f7:5c:3a:91:87:2c:76:aa:8e:da:a8:95:b8:bb:74:
         3d:91:00:04:fb:fc:43:b8:8b:c9:a5:81:54:0a:6d:a8:09:9e:
         7f:d4:a9:d1:94:89:d0:76:b9:ca:99:7d:74:20:86:77:f1:06:
         f8:f2:24:d5:7c:7a:44:d1:d6:e7:69:c3:34:49:80:7d:b0:f6:
         01:63:bb:57:1d:09:80:31:b6:aa:2d:62:e4:06:1c:47:ef:5f:
         67:e5:17:6c:a9:01:56:b1:96:c7:f4:18:a5:b1:da:78:ca:58:
         fe:33:78:13:b4:fc:a6:18:d7:15:1f:d4:70:49:40:ec:2e:5e:
         50:33:ab:a7:ef:21:8c:ee:d6:f0:60:a8:d5:05:3e:09:25:db:
         e1:bc:0e:75
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZzuLy8qzyq6MKhqTlpmJ91IHSeowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDA0MDAxMDIxWhcNMjUwNTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODAzMTJmZjhkZmRiMTA2ZGE0NTcxNDYxYjIyZGE4ZDhm
OGM0M2QzOTA3MTZmNWVlYzhkOWZjZGQ3OTVlNmRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCkMP1d24G3ihYe1nG0Rmfj6AdMr6MNOmkjmOv/9mrclLD
17MFC7Xt1opJ1/MgxzDBbUrg8HAe0FyfyovTwjPDfwyImrVCAbh+Qtf2ry9srckL
sK7Dw82QRAOx1ufsU0Ux096A1D9tBkh0DVRkEksII+jdhWwqsmi+k33DwPwp0VJN
hKgXeRZjV1SmmL7YjShTZt5/AKUWw5dkKaqg5OeyNLPlTl8PHZv4gUwMhu4wG4TP
TDhQR3Uv05Ujsz1rrhOWFhIvJSZ6rgZXCEGJK4rhEZ+45k1CJv4AD+ZczOQiduaW
YoqNDHbfcQAvt3KRlKqAEmmo5yrhBicUhSouTCgRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUK+lS8eIUDcMtrOoQw0AOo/R+diQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiMGZmMWY5LTY2YzYtNDIzOC05MDhkLTc4ZWY1YmFiMjBiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2BTANBgkqhkiG9w0BAQsFAAOCAQEATChYsQDIR+uwXhpKXQiweODyjIb3
r5ET98+AYriIOjAReBFQlf4W5iPJ/gwGO5wYw/7ykfo4psJtAXul9cLjAObijjEJ
I+fmFK3Uohhv9Jv/03eYU6p7qP+n3nArOqH3oX/0WXdTjnYmKBfiFVmC91w6kYcs
dqqO2qiVuLt0PZEABPv8Q7iLyaWBVAptqAmef9Sp0ZSJ0Ha5ypl9dCCGd/EG+PIk
1Xx6RNHW52nDNEmAfbD2AWO7Vx0JgDG2qi1i5AYcR+9fZ+UXbKkBVrGWx/QYpbHa
eMpY/jN4E7T8phjXFR/UcElA7C5eUDOrp+8hjO7W8GCo1QU+CSXb4bwOdQ==
-----END CERTIFICATE-----