Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34136975-3039-4a02-91e5-6ea288798aa0.roa
File:                     34136975-3039-4a02-91e5-6ea288798aa0.roa (raw, json)
Hash identifier:          mNHGgM3B0r3taF8TIDZgl8oqrmfO6BwxHgBieqXbjq0=
Subject key identifier:   99:8D:98:A2:DD:6D:16:F0:75:F1:BD:EC:2D:37:C5:2E:54:84:58:15
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       519F558A9AE649950B5246D344D7B76266FABC7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34136975-3039-4a02-91e5-6ea288798aa0.roa
Signing time:             Tue 21 Jan 2025 00:00:00 +0000
ROA not before:           Tue 21 Jan 2025 00:00:00 +0000
ROA not after:            Tue 25 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.187.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:9f:55:8a:9a:e6:49:95:0b:52:46:d3:44:d7:b7:62:66:fa:bc:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 21 00:00:00 2025 GMT
            Not After : Feb 25 23:59:59 2025 GMT
        Subject: serialNumber=19756b6e70b3c5317af43276f2a31f9d87c9484dcd4b0ea27497f2f29b7c995a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:cc:b9:21:17:08:bf:db:16:66:e9:8d:41:a4:
                    06:e3:ea:03:31:81:7f:94:80:6b:ea:97:ad:2f:f2:
                    e7:b7:7c:07:4b:7b:c6:51:c4:e1:ad:4f:80:5b:e8:
                    eb:c7:6c:59:63:5c:10:46:65:b9:03:29:9f:91:9a:
                    ed:a5:64:3f:e6:96:95:10:d5:07:10:d5:f0:02:01:
                    26:56:4b:4e:01:52:b5:ba:e7:1e:71:19:d3:16:27:
                    97:f8:3a:e5:11:d5:55:83:e5:84:98:96:d0:7a:c4:
                    46:bd:08:11:dd:e8:00:78:99:85:12:cf:6a:be:26:
                    73:10:c1:4a:69:81:47:82:b9:f4:80:05:13:e4:47:
                    17:c5:82:8a:d7:e8:90:90:10:5c:49:ed:ba:1b:bb:
                    96:1b:d8:30:d7:b7:26:9b:2c:9f:46:3f:30:b9:8e:
                    42:be:cd:c0:1e:39:c2:66:bc:4d:af:3a:1e:c9:01:
                    61:68:a4:f8:a1:9b:99:3f:b6:77:ca:29:6b:a8:91:
                    18:68:09:00:50:16:51:45:59:a4:5a:d1:d4:66:31:
                    81:df:27:24:db:f7:c1:f4:f0:aa:43:26:e0:34:b1:
                    f7:19:90:33:8f:76:df:4f:7e:1b:0f:73:a9:19:15:
                    6b:48:30:84:89:ef:80:9e:c3:42:8e:82:1e:76:f5:
                    5a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:8D:98:A2:DD:6D:16:F0:75:F1:BD:EC:2D:37:C5:2E:54:84:58:15
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34136975-3039-4a02-91e5-6ea288798aa0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:d4:32:85:ca:61:5c:9a:ed:51:e0:d1:89:32:47:b5:dd:ba:
         a1:1f:ef:15:d6:7e:a4:c9:f2:34:91:be:6d:50:09:9c:20:6e:
         9f:4b:d9:d1:db:86:11:ca:95:46:af:29:f3:84:e2:9d:4c:6b:
         fa:fa:53:51:e6:42:e7:a2:a9:64:8c:c2:c7:23:df:31:25:c6:
         34:d5:00:26:f2:06:4c:a3:c2:4a:6f:cb:a9:90:2d:82:19:6a:
         f6:1c:82:52:1f:b0:ee:cf:bb:62:4c:08:3d:54:14:97:55:13:
         e9:7c:df:b1:f1:68:a2:13:a6:65:ef:81:ef:5f:74:43:02:71:
         6a:52:2a:af:0c:2a:77:61:cc:ff:ba:71:4a:a1:11:ce:86:fe:
         14:e8:bf:3c:78:03:40:67:ef:da:2f:bf:9d:47:b9:6a:7b:57:
         c1:07:33:bc:eb:99:d3:1d:78:02:ee:49:65:09:b8:6a:ef:3a:
         e3:3d:22:3c:29:75:b5:8a:e3:f0:b7:5d:a7:b3:46:ad:02:11:
         43:8f:ae:5c:41:19:1f:24:91:34:01:ca:3c:81:e9:3e:db:d0:
         d7:6d:ac:32:f6:de:fe:b4:61:df:30:6c:12:54:b2:f2:d8:60:
         30:42:79:21:90:a7:c5:90:e1:2c:07:17:22:b7:93:bf:9a:ef:
         4e:e0:13:e9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUZ9ViprmSZULUkbTRNe3Ymb6vH4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTc1NmI2ZTcwYjNjNTMxN2FmNDMyNzZmMmEzMWY5ZDg3
Yzk0ODRkY2Q0YjBlYTI3NDk3ZjJmMjliN2M5OTVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbzLkhFwi/2xZm6Y1BpAbj6gMxgX+UgGvql60v8ue3fAdL
e8ZRxOGtT4Bb6OvHbFljXBBGZbkDKZ+Rmu2lZD/mlpUQ1QcQ1fACASZWS04BUrW6
5x5xGdMWJ5f4OuUR1VWD5YSYltB6xEa9CBHd6AB4mYUSz2q+JnMQwUppgUeCufSA
BRPkRxfFgorX6JCQEFxJ7bobu5Yb2DDXtyabLJ9GPzC5jkK+zcAeOcJmvE2vOh7J
AWFopPihm5k/tnfKKWuokRhoCQBQFlFFWaRa0dRmMYHfJyTb98H08KpDJuA0sfcZ
kDOPdt9PfhsPc6kZFWtIMISJ74Cew0KOgh529VoPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmY2Yot1tFvB18b3sLTfFLlSEWBUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0MTM2OTc1LTMwMzktNGEwMi05MWU1LTZlYTI4ODc5OGFhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTbswDQYJKoZIhvcNAQELBQADggEBAHHUMoXKYVya7VHg0YkyR7XduqEf
7xXWfqTJ8jSRvm1QCZwgbp9L2dHbhhHKlUavKfOE4p1Ma/r6U1HmQueiqWSMwscj
3zElxjTVACbyBkyjwkpvy6mQLYIZavYcglIfsO7Pu2JMCD1UFJdVE+l837HxaKIT
pmXvge9fdEMCcWpSKq8MKndhzP+6cUqhEc6G/hTovzx4A0Bn79ovv51HuWp7V8EH
M7zrmdMdeALuSWUJuGrvOuM9IjwpdbWK4/C3XaezRq0CEUOPrlxBGR8kkTQByjyB
6T7b0NdtrDL23v60Yd8wbBJUsvLYYDBCeSGQp8WQ4SwHFyK3k7+a707gE+k=
-----END CERTIFICATE-----