Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/f77092a1-256a-4452-84c4-0af25699a382.roa
File:                     f77092a1-256a-4452-84c4-0af25699a382.roa (raw, json)
Hash identifier:          YyhDKVW4vDs1Py9C6cQ9Trp/ivteQM9hbzcYE02txM4=
Subject key identifier:   C4:37:91:8D:03:2E:AA:F5:64:C1:CA:FE:65:96:46:18:B3:D7:BE:C9
Certificate issuer:       /CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Certificate serial:       7CE3A44E47D2323D3007100DDDAD12807EBD4D9C
Authority key identifier: 91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/f77092a1-256a-4452-84c4-0af25699a382.roa
Signing time:             Mon 31 Mar 2025 16:11:14 +0000
ROA not before:           Mon 31 Mar 2025 16:11:14 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.112.160.0/19 maxlen: 19

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:e3:a4:4e:47:d2:32:3d:30:07:10:0d:dd:ad:12:80:7e:bd:4d:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
        Validity
            Not Before: Mar 31 16:11:14 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: serialNumber=6d769e245965e1623723fdd8334300ed1281ae06e86eb3cc71c37ca3a6a2094f, CN=ddfbc97c-7bed-40df-95ca-e664b29d7b27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2e:61:9d:44:b4:cd:19:80:3c:55:f3:66:b2:
                    fb:11:21:51:28:c2:da:b6:96:60:8c:24:9e:0a:54:
                    75:52:2c:57:58:f2:df:80:2a:45:d7:26:54:73:76:
                    1c:93:26:f5:53:8a:c8:4f:23:20:06:a9:ce:df:4c:
                    c8:db:ac:29:cb:f8:da:a5:6f:49:0a:09:1c:7d:8e:
                    0d:98:75:99:0f:0c:82:57:a3:27:0b:3d:52:e8:6e:
                    f0:74:c0:02:06:2d:85:4b:b2:c6:69:7c:4d:4c:07:
                    be:ad:76:d1:ea:dc:79:22:52:c3:fb:14:46:b8:54:
                    6f:57:db:81:d8:c4:ac:0e:b2:b9:63:07:05:f5:25:
                    bd:f2:e7:5a:ef:15:2b:46:96:41:ec:40:8b:b4:2d:
                    8f:43:8d:f4:76:38:f5:42:17:bd:45:df:d4:8f:b2:
                    c2:47:92:c6:92:6a:34:6c:32:f7:57:e2:32:15:cf:
                    08:15:d5:85:87:99:8d:2b:bc:41:da:01:64:a9:f0:
                    47:39:01:c4:02:03:37:e0:1c:2d:08:d6:2a:37:f5:
                    1b:33:89:41:68:77:b5:de:6d:6d:ea:11:b0:c2:e4:
                    71:d5:61:28:2e:d9:e0:10:0d:35:c7:34:fe:a0:58:
                    4b:a2:cd:5e:9f:9d:0e:25:f2:b0:2f:a7:61:0c:c4:
                    9e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:37:91:8D:03:2E:AA:F5:64:C1:CA:FE:65:96:46:18:B3:D7:BE:C9
            X509v3 Authority Key Identifier:
                keyid:91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/f77092a1-256a-4452-84c4-0af25699a382.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.112.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         16:60:e9:2f:d7:78:ef:72:dc:f5:61:15:55:63:e6:a3:11:13:
         10:b2:c3:61:b3:d5:4e:54:76:de:e7:d2:d2:f3:5b:db:b5:ad:
         81:e2:16:39:54:c5:02:24:0a:cb:7b:bc:1d:41:81:71:b8:83:
         e1:05:09:f0:2b:dd:c1:21:a6:8d:c2:6f:6c:b9:c6:9c:84:9f:
         00:fb:cb:00:b4:e5:ce:3d:7e:6c:c7:6b:77:2e:01:5c:6a:16:
         bb:28:64:07:e7:87:29:97:6a:54:de:ad:40:c7:cb:cc:b5:8a:
         29:53:bf:0b:23:bb:1d:9b:5a:4d:7a:2c:7e:b2:09:71:10:8f:
         74:65:98:21:20:49:db:3a:66:64:4b:df:69:2a:d7:99:35:4a:
         61:98:22:f4:e3:7f:1c:ee:66:c8:1b:2e:5f:75:6b:15:0a:6e:
         19:d0:4e:96:ee:65:47:ec:e8:7e:f3:5a:cc:d2:2d:51:af:fa:
         80:0d:a4:b9:a5:22:b0:bb:4c:8d:59:d8:27:7e:81:08:61:06:
         3b:f5:69:9f:ff:e5:d4:4a:fc:66:ca:62:bc:08:2f:3a:97:9f:
         1b:75:5e:f4:12:dd:ae:dc:59:e5:02:db:65:2b:71:65:39:fd:
         15:31:f3:1f:b8:ec:4e:eb:8d:15:dc:d6:98:a2:9f:94:1e:26:
         81:13:09:30
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfOOkTkfSMj0wBxAN3a0SgH69TZwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTE1ZDhhYTEwZDYyZGJkZDM0ODMyNjg3NmJhNTY3NTNj
Yjk5YjQ2NGNjNDU1MzI0YjMwHhcNMjUwMzMxMTYxMTE0WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDc2OWUyNDU5NjVlMTYyMzcyM2ZkZDgzMzQzMDBlZDEy
ODFhZTA2ZTg2ZWIzY2M3MWMzN2NhM2E2YTIwOTRmMS0wKwYDVQQDEyRkZGZiYzk3
Yy03YmVkLTQwZGYtOTVjYS1lNjY0YjI5ZDdiMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9LmGdRLTNGYA8VfNmsvsRIVEowtq2lmCMJJ4KVHVSLFdY
8t+AKkXXJlRzdhyTJvVTishPIyAGqc7fTMjbrCnL+Nqlb0kKCRx9jg2YdZkPDIJX
oycLPVLobvB0wAIGLYVLssZpfE1MB76tdtHq3HkiUsP7FEa4VG9X24HYxKwOsrlj
BwX1Jb3y51rvFStGlkHsQIu0LY9DjfR2OPVCF71F39SPssJHksaSajRsMvdX4jIV
zwgV1YWHmY0rvEHaAWSp8Ec5AcQCAzfgHC0I1io39RsziUFod7XebW3qEbDC5HHV
YSgu2eAQDTXHNP6gWEuizV6fnQ4l8rAvp2EMxJ6tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxDeRjQMuqvVkwcr+ZZZGGLPXvskwHwYDVR0jBBgwFoAUkS3GDddkKYK8
rn+B/jxMEnKAIh8wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83MTg4YWMyNC0w
OWNjLTRmMjAtOWRiZC1jZDkwMDVkMjc5N2UvYTE1ZDhhYTEwZDYyZGJkZDM0ODMy
Njg3NmJhNTY3NTNjYjk5YjQ2NGNjNDU1MzI0YjMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNjAyYTI2ZTUtNGE5ZS00ZTVlLTg5ZjAtZWY4
OTE0OTBkOWM5L2Y3NzA5MmExLTI1NmEtNDQ1Mi04NGM0LTBhZjI1Njk5YTM4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzYwMmEyNmU1LTRhOWUtNGU1ZS04OWYw
LWVmODkxNDkwZDljOS9ZdHZkTklNbWgydWxaMVBMbWJSa3pFVlRKTE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUycKAwDQYJKoZIhvcNAQELBQADggEBABZg6S/XeO9y3PVhFVVj5qMRExCy
w2Gz1U5Udt7n0tLzW9u1rYHiFjlUxQIkCst7vB1BgXG4g+EFCfAr3cEhpo3Cb2y5
xpyEnwD7ywC05c49fmzHa3cuAVxqFrsoZAfnhymXalTerUDHy8y1iilTvwsjux2b
Wk16LH6yCXEQj3RlmCEgSds6ZmRL32kq15k1SmGYIvTjfxzuZsgbLl91axUKbhnQ
TpbuZUfs6H7zWszSLVGv+oANpLmlIrC7TI1Z2Cd+gQhhBjv1aZ//5dRK/GbKYrwI
LzqXnxt1XvQS3a7cWeUC22UrcWU5/RUx8x+47E7rjRXc1piin5QeJoETCTA=
-----END CERTIFICATE-----