Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1be2a0f-32b4-43e0-bbfc-08e90df9c605.roa
File:                     d1be2a0f-32b4-43e0-bbfc-08e90df9c605.roa (raw, json)
Hash identifier:          WwNY7D0INFLyDGUduabkdM+0W5wd0HTt3FvwBWrZF7Y=
Subject key identifier:   4F:06:96:9A:E9:09:52:64:05:5A:6D:C1:A4:34:81:5A:1F:20:34:FF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       70B8AF688EE4AB449A34B8A031A95E421A715295
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1be2a0f-32b4-43e0-bbfc-08e90df9c605.roa
Signing time:             Tue 15 Apr 2025 00:31:23 +0000
ROA not before:           Tue 15 Apr 2025 00:31:23 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.116.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:b8:af:68:8e:e4:ab:44:9a:34:b8:a0:31:a9:5e:42:1a:71:52:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 15 00:31:23 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=76a56ee878eaa53d2a74ae54df6c76d5f931bed3aabfcc4defcb9fb770029765, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:bc:11:25:e2:0e:eb:62:53:04:68:6d:d2:98:
                    0d:dd:69:8a:e3:91:e9:8a:af:2a:89:a0:f1:bd:cc:
                    84:8c:19:a9:2a:f5:39:99:c8:23:b9:4c:37:22:76:
                    cd:27:dc:2e:ae:4c:fe:db:12:cb:f6:5f:c1:7a:e6:
                    2b:5f:50:2f:82:2f:92:98:bb:e5:ed:ec:02:2b:c6:
                    8c:4d:86:e5:98:18:bd:0a:40:a0:2b:a2:5f:42:8c:
                    9e:5c:2e:f2:24:84:50:c0:7a:f7:8f:16:7d:18:b9:
                    af:85:a7:f0:79:96:a9:89:a9:bf:b4:ec:d8:67:f4:
                    9a:59:29:28:77:42:d6:3c:5f:ef:61:6b:59:74:95:
                    e0:b8:53:e2:2a:78:c3:be:79:64:50:17:a5:de:9e:
                    3c:e6:9e:5d:6e:d8:42:14:92:6d:15:01:d5:0c:e8:
                    87:58:eb:62:cc:48:ae:f3:c0:34:18:2e:43:a4:a7:
                    15:7e:e9:bc:3c:a8:e7:59:e3:d7:77:8f:7a:84:3a:
                    2a:3c:aa:05:1f:f6:61:80:e3:9b:a8:1e:3c:f6:11:
                    1f:70:49:20:6b:27:7e:5b:ff:9d:fc:55:7a:a6:b2:
                    ea:fd:b1:7b:90:ea:0b:de:63:54:cf:01:c8:a5:9e:
                    ce:5b:a9:53:cf:9d:18:79:88:53:f3:4c:ed:bb:fd:
                    c5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:06:96:9A:E9:09:52:64:05:5A:6D:C1:A4:34:81:5A:1F:20:34:FF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1be2a0f-32b4-43e0-bbfc-08e90df9c605.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:3c:0f:6c:00:38:01:9a:19:ea:5a:35:ed:9a:05:45:bc:e9:
         5a:d5:ba:2a:97:9e:11:51:d0:00:c0:6a:78:87:80:f2:b4:2a:
         fa:18:8b:92:de:c1:39:4d:98:ee:59:6d:28:f7:e1:73:34:6e:
         79:23:36:35:3a:47:39:aa:8a:82:76:27:aa:36:c3:7f:fb:8c:
         10:70:26:01:fe:96:71:20:1e:5d:cf:b5:ef:5a:af:cc:1e:09:
         8d:25:4a:fc:d5:a4:2c:1d:ba:bf:94:d6:5f:6e:1d:bd:9d:95:
         de:9d:1a:6e:73:5e:1f:89:b7:18:74:1d:05:b8:a3:9a:3c:57:
         5f:6f:c9:22:6e:ce:40:2a:96:5b:3a:cc:c9:2b:4a:bb:62:ce:
         cc:86:19:9b:e6:be:4b:08:5a:34:16:01:06:f2:3a:7d:c2:4e:
         ff:93:e6:5a:04:10:24:dc:83:3b:4d:3c:0d:9c:0d:3c:e7:ae:
         8e:c3:c1:32:38:f6:97:c6:57:24:4a:47:71:18:40:6d:a7:fb:
         82:4b:bf:77:0c:9d:74:53:44:2a:c9:ae:5d:a6:cb:f6:b5:cd:
         f2:ad:f0:55:47:b1:3c:a4:92:ce:74:68:88:55:1a:07:2a:b6:
         ac:a4:82:fe:ce:90:ee:6e:39:f2:ba:35:b3:44:3f:22:74:8e:
         86:55:4e:11
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcLivaI7kq0SaNLigMaleQhpxUpUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE1MDAzMTIzWhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NmE1NmVlODc4ZWFhNTNkMmE3NGFlNTRkZjZjNzZkNWY5
MzFiZWQzYWFiZmNjNGRlZmNiOWZiNzcwMDI5NzY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqvBEl4g7rYlMEaG3SmA3daYrjkemKryqJoPG9zISMGakq
9TmZyCO5TDcids0n3C6uTP7bEsv2X8F65itfUC+CL5KYu+Xt7AIrxoxNhuWYGL0K
QKArol9CjJ5cLvIkhFDAevePFn0Yua+Fp/B5lqmJqb+07Nhn9JpZKSh3QtY8X+9h
a1l0leC4U+IqeMO+eWRQF6Xenjzmnl1u2EIUkm0VAdUM6IdY62LMSK7zwDQYLkOk
pxV+6bw8qOdZ49d3j3qEOio8qgUf9mGA45uoHjz2ER9wSSBrJ35b/538VXqmsur9
sXuQ6gveY1TPAcilns5bqVPPnRh5iFPzTO27/cUpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTwaWmukJUmQFWm3BpDSBWh8gNP8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxYmUyYTBmLTMyYjQtNDNlMC1iYmZjLTA4ZTkwZGY5YzYwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjlnQwDQYJKoZIhvcNAQELBQADggEBAIQ8D2wAOAGaGepaNe2aBUW86VrV
uiqXnhFR0ADAaniHgPK0KvoYi5LewTlNmO5ZbSj34XM0bnkjNjU6RzmqioJ2J6o2
w3/7jBBwJgH+lnEgHl3Pte9ar8weCY0lSvzVpCwdur+U1l9uHb2dld6dGm5zXh+J
txh0HQW4o5o8V19vySJuzkAqlls6zMkrSrtizsyGGZvmvksIWjQWAQbyOn3CTv+T
5loEECTcgztNPA2cDTznro7DwTI49pfGVyRKR3EYQG2n+4JLv3cMnXRTRCrJrl2m
y/a1zfKt8FVHsTykks50aIhVGgcqtqykgv7OkO5uOfK6NbNEPyJ0joZVThE=
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:19:22 2025 by rpki-client on console.sobornost.net