Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a23f57bf-3947-48c4-91f1-e4364b7d94a1.roa
File:                     a23f57bf-3947-48c4-91f1-e4364b7d94a1.roa (raw, json)
Hash identifier:          GtRVvb7BeaGERblJJelZwfSG0yyPnj6HlqmfpPMhflU=
Subject key identifier:   F0:0B:05:B4:50:AB:7E:92:88:F1:08:CF:1A:8A:E8:83:FE:4D:A3:F8
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       1B640C8FE3E8D1AC9576F61236493304006D89F3
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a23f57bf-3947-48c4-91f1-e4364b7d94a1.roa
Signing time:             Tue 15 Apr 2025 00:40:54 +0000
ROA not before:           Tue 15 Apr 2025 00:40:54 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        207.171.160.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:64:0c:8f:e3:e8:d1:ac:95:76:f6:12:36:49:33:04:00:6d:89:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Apr 15 00:40:54 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=8b9d8e07ce4f3940b63816fd092d4984794199bdd41a52f8759425240ce9c551, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:39:72:91:d1:b2:ce:60:9b:e5:75:e1:dd:e4:
                    cd:65:b5:a3:99:a9:db:3b:8a:22:1c:34:6b:6e:a5:
                    0a:20:fb:9e:6d:fa:f0:70:d3:d5:19:f9:2b:6b:8e:
                    0a:b7:b9:52:1d:ff:33:65:16:6e:a1:f2:2e:af:1e:
                    da:9a:a0:07:4e:2a:9c:4a:f9:78:75:24:a5:7f:b9:
                    59:03:06:a3:55:93:63:31:04:d5:5f:e2:dd:1f:b6:
                    e3:32:8f:c3:45:9b:d1:a5:04:b7:35:00:4f:80:d2:
                    eb:1f:b5:3e:4c:aa:33:64:78:05:43:32:1b:03:e9:
                    b9:2f:2b:cb:e9:89:f9:0e:b1:20:b3:65:21:e3:97:
                    14:95:e3:8a:19:78:e1:dc:29:2e:9e:65:64:10:0d:
                    3d:b6:ab:82:c9:e3:12:4e:ee:13:dd:fe:ec:4d:95:
                    2d:72:40:6a:02:6d:55:5f:11:2b:00:95:39:eb:13:
                    eb:ed:c6:4e:31:a5:9c:f7:bd:d2:fe:69:91:cc:1b:
                    01:d3:64:34:76:40:26:19:0c:d7:72:95:5c:7a:e8:
                    54:e7:7b:c4:0c:9e:69:4c:94:e8:99:92:6c:f1:66:
                    5b:0c:85:76:1a:9d:7f:98:99:fb:14:d9:db:d0:46:
                    70:ee:df:05:da:94:85:07:88:68:6e:e2:0e:ca:c2:
                    de:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:0B:05:B4:50:AB:7E:92:88:F1:08:CF:1A:8A:E8:83:FE:4D:A3:F8
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a23f57bf-3947-48c4-91f1-e4364b7d94a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.171.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         b6:ad:e6:5b:a4:5d:4c:77:ef:52:cc:7c:cb:3a:eb:8d:32:11:
         96:cf:8b:21:8a:83:48:7e:f3:2e:ad:dd:0d:bd:08:3c:06:4e:
         42:f1:5f:88:f0:76:39:cf:0d:e2:47:dd:d5:1f:20:fa:76:c5:
         1f:f3:f4:c2:4b:77:67:bd:7c:d6:53:ca:6a:ad:50:a7:a4:97:
         7a:91:0d:9b:5a:56:e9:4c:a5:56:4f:e8:54:80:93:f5:16:3e:
         43:7c:f5:9c:d4:96:18:e4:28:fe:f6:79:c4:81:5f:d2:72:58:
         52:47:72:89:75:6d:f6:e2:85:ea:64:1f:02:27:59:69:1a:11:
         c4:08:11:3e:f8:a4:d2:8f:62:c8:76:81:11:ee:3a:aa:d9:eb:
         3d:77:13:93:d2:7a:f4:fe:21:a6:64:d9:90:98:67:fa:d9:20:
         9f:69:0b:aa:87:26:d0:76:fd:8f:4b:ff:e2:0a:1a:53:c6:b4:
         a5:3b:c2:6d:14:35:29:13:86:47:3c:aa:8b:00:ea:8a:88:20:
         03:b9:5e:ba:ab:fd:65:c2:96:88:1a:46:39:5d:a7:10:f4:b6:
         90:35:e1:5b:b4:b8:21:0f:cb:a0:cc:f8:37:45:e1:d9:7e:7d:
         61:dc:d0:e3:77:cf:26:ec:a4:0b:a1:ff:35:16:8c:a9:ca:06:
         88:6c:a1:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG2QMj+Po0ayVdvYSNkkzBABtifMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNDE1MDA0MDU0WhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjlkOGUwN2NlNGYzOTQwYjYzODE2ZmQwOTJkNDk4NDc5
NDE5OWJkZDQxYTUyZjg3NTk0MjUyNDBjZTljNTUxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEOXKR0bLOYJvldeHd5M1ltaOZqds7iiIcNGtupQog+55t
+vBw09UZ+Strjgq3uVId/zNlFm6h8i6vHtqaoAdOKpxK+Xh1JKV/uVkDBqNVk2Mx
BNVf4t0ftuMyj8NFm9GlBLc1AE+A0usftT5MqjNkeAVDMhsD6bkvK8vpifkOsSCz
ZSHjlxSV44oZeOHcKS6eZWQQDT22q4LJ4xJO7hPd/uxNlS1yQGoCbVVfESsAlTnr
E+vtxk4xpZz3vdL+aZHMGwHTZDR2QCYZDNdylVx66FTne8QMnmlMlOiZkmzxZlsM
hXYanX+YmfsU2dvQRnDu3wXalIUHiGhu4g7Kwt6jAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8AsFtFCrfpKI8QjPGorog/5No/gwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2EyM2Y1N2JmLTM5NDctNDhjNC05MWYxLWU0MzY0YjdkOTRhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXPq6AwDQYJKoZIhvcNAQELBQADggEBALat5lukXUx371LMfMs6640yEZbP
iyGKg0h+8y6t3Q29CDwGTkLxX4jwdjnPDeJH3dUfIPp2xR/z9MJLd2e9fNZTymqt
UKekl3qRDZtaVulMpVZP6FSAk/UWPkN89ZzUlhjkKP72ecSBX9JyWFJHcol1bfbi
hepkHwInWWkaEcQIET74pNKPYsh2gRHuOqrZ6z13E5PSevT+IaZk2ZCYZ/rZIJ9p
C6qHJtB2/Y9L/+IKGlPGtKU7wm0UNSkThkc8qosA6oqIIAO5Xrqr/WXClogaRjld
pxD0tpA14Vu0uCEPy6DM+DdF4dl+fWHc0ON3zybspAuh/zUWjKnKBohsoe0=
-----END CERTIFICATE-----