Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a068b29a-2587-45c9-a0fb-b9a7111f2897.roa
File:                     a068b29a-2587-45c9-a0fb-b9a7111f2897.roa (raw, json)
Hash identifier:          BazqGdoYp3CHKTcRaSROxbpAEDmbgpj3UUzAybzEhyM=
Subject key identifier:   D6:7E:47:E3:16:B3:CF:23:9F:CB:95:04:2C:EE:53:F9:42:23:08:7B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       552BE4E3FECD30039FDC6E03F1EED8792CE65CBA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a068b29a-2587-45c9-a0fb-b9a7111f2897.roa
Signing time:             Sat 12 Apr 2025 00:41:08 +0000
ROA not before:           Sat 12 Apr 2025 00:41:08 +0000
ROA not after:            Sat 17 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.0.0/16 maxlen: 16

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:2b:e4:e3:fe:cd:30:03:9f:dc:6e:03:f1:ee:d8:79:2c:e6:5c:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 12 00:41:08 2025 GMT
            Not After : May 17 23:59:59 2025 GMT
        Subject: serialNumber=2a007c94d75cec3660855324e7c3d334cd32ffed0305d1a282dbb3a49a2b1e34, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5a:e5:f7:39:f3:7d:a2:13:45:88:7b:08:06:
                    8a:fd:45:09:39:8f:6d:da:ec:10:1d:38:07:01:20:
                    68:0a:e3:13:01:14:eb:87:b8:ef:31:8f:c5:12:0e:
                    c8:dc:c7:20:b6:ed:88:16:1b:7c:bc:3b:1f:42:76:
                    7b:b6:80:97:d2:c1:98:47:1b:2f:6c:09:2f:88:01:
                    df:a9:be:2c:5a:41:ce:62:83:4d:6b:ea:79:e6:a2:
                    02:b4:b8:19:0e:f3:6c:ae:c1:8e:ed:dc:f5:c1:40:
                    b2:96:c2:14:4e:05:26:10:76:57:93:5a:3f:7e:22:
                    82:f3:98:4d:09:14:a5:c5:1c:32:95:3c:59:8b:21:
                    69:0d:cd:b9:46:76:16:3c:bc:72:b2:84:b8:db:7e:
                    82:38:b4:c6:db:8f:26:7a:7a:cd:66:a7:70:2c:47:
                    0e:b0:81:b1:58:1c:63:f8:61:c1:21:33:35:cc:13:
                    dd:e7:14:1c:5e:0e:4e:6d:aa:26:42:e5:a7:c1:73:
                    2d:cd:0a:e9:cb:38:b2:49:a4:05:26:48:1b:55:98:
                    c7:96:d1:26:bf:42:44:db:38:d6:ad:fe:74:3d:12:
                    05:71:f2:a1:35:a6:38:e7:a4:d1:0f:1c:30:75:0a:
                    5d:7e:ea:a2:84:41:44:f9:65:86:0c:0d:17:2e:80:
                    c2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7E:47:E3:16:B3:CF:23:9F:CB:95:04:2C:EE:53:F9:42:23:08:7B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a068b29a-2587-45c9-a0fb-b9a7111f2897.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2a:b8:f3:d9:67:20:66:5f:40:50:ed:59:74:4e:e7:89:05:0b:
         3d:9a:c7:2d:d1:2e:3a:c0:e4:cd:ea:66:ac:98:87:17:b8:80:
         c2:7b:58:15:8a:ff:47:1a:0b:b7:f1:7b:ba:ab:5b:53:e9:21:
         62:7d:17:75:91:d0:a7:b2:17:a7:91:45:27:d6:a7:85:81:17:
         4a:e4:6d:bf:e0:31:a6:d4:ab:c8:20:d7:45:aa:6d:78:ae:5b:
         ca:b6:54:0b:48:21:89:a4:5b:1e:e8:0c:21:68:ed:53:4e:7c:
         f4:3f:7a:cc:c3:48:d6:99:d0:95:a2:8f:74:39:fd:9e:05:8a:
         62:55:f3:47:7b:3b:bc:60:d8:12:65:de:a6:1b:c8:e9:92:10:
         2d:15:b5:18:92:4e:68:09:a0:20:eb:c6:b6:02:e0:93:01:f6:
         8c:33:a3:e1:3c:78:51:25:3c:0a:14:87:81:19:97:24:ee:10:
         47:77:43:7c:59:44:7a:b1:3d:1e:b8:d3:d7:5d:d0:c2:85:62:
         78:4b:47:00:a2:9a:b5:a8:6d:c7:01:20:eb:47:88:dd:2f:f7:
         ea:95:d5:4a:12:f2:6c:02:65:3d:c1:4b:6e:f9:fd:44:e4:11:
         59:9b:51:4f:a9:1e:ab:3f:48:02:7e:14:d0:84:8f:c8:5c:b1:
         e1:13:0d:9e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVSvk4/7NMAOf3G4D8e7YeSzmXLowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDEyMDA0MTA4WhcNMjUwNTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYTAwN2M5NGQ3NWNlYzM2NjA4NTUzMjRlN2MzZDMzNGNk
MzJmZmVkMDMwNWQxYTI4MmRiYjNhNDlhMmIxZTM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkWuX3OfN9ohNFiHsIBor9RQk5j23a7BAdOAcBIGgK4xMB
FOuHuO8xj8USDsjcxyC27YgWG3y8Ox9Cdnu2gJfSwZhHGy9sCS+IAd+pvixaQc5i
g01r6nnmogK0uBkO82yuwY7t3PXBQLKWwhROBSYQdleTWj9+IoLzmE0JFKXFHDKV
PFmLIWkNzblGdhY8vHKyhLjbfoI4tMbbjyZ6es1mp3AsRw6wgbFYHGP4YcEhMzXM
E93nFBxeDk5tqiZC5afBcy3NCunLOLJJpAUmSBtVmMeW0Sa/QkTbONat/nQ9EgVx
8qE1pjjnpNEPHDB1Cl1+6qKEQUT5ZYYMDRcugMLbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1n5H4xazzyOfy5UELO5T+UIjCHswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EwNjhiMjlhLTI1ODctNDVjOS1hMGZiLWI5YTcxMTFmMjg5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAyEjANBgkqhkiG9w0BAQsFAAOCAQEAKrjz2WcgZl9AUO1ZdE7niQULPZrH
LdEuOsDkzepmrJiHF7iAwntYFYr/RxoLt/F7uqtbU+khYn0XdZHQp7IXp5FFJ9an
hYEXSuRtv+AxptSryCDXRapteK5byrZUC0ghiaRbHugMIWjtU0589D96zMNI1pnQ
laKPdDn9ngWKYlXzR3s7vGDYEmXephvI6ZIQLRW1GJJOaAmgIOvGtgLgkwH2jDOj
4Tx4USU8ChSHgRmXJO4QR3dDfFlEerE9HrjT113QwoVieEtHAKKatahtxwEg60eI
3S/36pXVShLybAJlPcFLbvn9ROQRWZtRT6keqz9IAn4U0ISPyFyx4RMNng==
-----END CERTIFICATE-----