Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa
File:                     5928830b-bdc0-40c2-82a8-029c15dbefb1.roa (raw, json)
Hash identifier:          7gF6h/IVwj7u4tKd6dtA5XU8sENVhJ9JktKCJ2IaoLA=
Subject key identifier:   0C:2C:71:E5:39:68:FD:6E:46:2F:AC:81:66:06:C3:08:D0:A1:E8:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3276B46C3587F386C1D2A811E7DB9988F8101DA2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.76.128.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:76:b4:6c:35:87:f3:86:c1:d2:a8:11:e7:db:99:88:f8:10:1d:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: serialNumber=6bb341836a89bde11784df034887ed0fc432a1dcb19cd8775a208efb148aecf6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:50:df:7c:af:5d:d3:a3:e3:8b:3a:c3:2a:03:
                    b6:b1:44:61:e3:15:5b:0d:02:66:92:18:6a:a7:ae:
                    c9:db:e9:21:73:e5:62:c0:5c:5e:24:51:20:24:b3:
                    b0:11:66:c1:dd:98:b9:28:0f:e0:f4:a7:a8:af:be:
                    f0:c1:3c:aa:39:11:ff:5a:cb:8f:95:f1:89:ff:85:
                    d8:00:71:cd:e5:6f:95:e9:83:79:c9:df:ed:8d:80:
                    c6:ff:d5:37:5e:e0:c0:b2:83:2a:7a:f8:95:d2:b8:
                    a7:28:be:16:1c:1f:71:f2:82:8b:be:93:ef:1e:ee:
                    53:88:3a:13:17:87:d6:e9:27:9c:e9:cf:b0:4d:06:
                    dd:98:d2:56:6e:15:6e:97:d6:0a:3d:df:37:21:a6:
                    a0:7e:7e:0e:02:e1:88:ed:7c:3c:e5:95:e8:99:4a:
                    e4:2f:e5:25:bd:c8:a4:cc:b3:ab:c4:19:75:ab:64:
                    54:47:60:c9:3e:87:e7:fd:6d:6d:a9:53:c1:55:3d:
                    df:5f:b5:5c:c3:43:1e:c5:0f:89:ce:eb:af:bd:a3:
                    eb:82:4a:52:42:2c:81:22:97:f2:55:58:b6:24:f0:
                    2b:01:91:bf:c7:71:4f:63:e0:7e:44:25:ed:9a:f5:
                    47:e8:5a:06:39:c8:92:f2:9a:d2:5a:8e:60:27:de:
                    b4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:2C:71:E5:39:68:FD:6E:46:2F:AC:81:66:06:C3:08:D0:A1:E8:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.76.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         d1:e0:b9:92:64:b9:76:15:87:e5:40:8a:82:47:14:31:ef:62:
         b9:26:cc:0b:33:73:a8:10:5a:cc:d8:41:99:20:4d:e6:3f:eb:
         a2:8f:17:bb:29:72:9d:44:a5:3d:15:8b:1e:53:fd:b1:f3:fd:
         e8:50:7b:9a:16:f6:c4:7a:4e:d9:81:0b:29:d3:f7:2a:d6:90:
         5b:08:3e:31:5a:88:40:3d:00:c0:bb:d3:d0:27:71:12:5c:dd:
         74:f3:fc:e8:6a:c3:22:a8:87:87:e1:9c:cf:bb:f1:9a:13:10:
         ce:db:29:4b:83:29:89:01:9d:ec:7d:7e:37:12:a0:3a:de:bc:
         3a:1b:dd:9e:9b:2a:0a:17:0e:80:a2:9a:74:2c:ff:4c:72:74:
         17:1f:03:a7:6e:5c:6e:a0:3c:69:6a:29:72:42:a3:7d:a4:04:
         bc:8d:0a:20:7d:6a:79:38:66:36:b4:10:08:5d:49:d9:a4:81:
         09:82:66:8e:df:a8:0a:99:43:36:27:82:ad:dc:5e:0d:f5:8e:
         0f:16:5a:e1:a0:5e:5b:2b:72:c4:df:cc:d3:49:ff:ed:ab:cf:
         fd:ce:85:9e:87:d1:f7:a2:73:80:a5:f4:87:75:a3:f5:b8:0b:
         4d:3e:2f:14:75:b2:d2:f9:05:d5:c0:6b:2a:a2:6c:82:08:2b:
         ab:b2:77:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMna0bDWH84bB0qgR59uZiPgQHaIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmIzNDE4MzZhODliZGUxMTc4NGRmMDM0ODg3ZWQwZmM0
MzJhMWRjYjE5Y2Q4Nzc1YTIwOGVmYjE0OGFlY2Y2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCUN98r13To+OLOsMqA7axRGHjFVsNAmaSGGqnrsnb6SFz
5WLAXF4kUSAks7ARZsHdmLkoD+D0p6ivvvDBPKo5Ef9ay4+V8Yn/hdgAcc3lb5Xp
g3nJ3+2NgMb/1Tde4MCygyp6+JXSuKcovhYcH3Hygou+k+8e7lOIOhMXh9bpJ5zp
z7BNBt2Y0lZuFW6X1go93zchpqB+fg4C4YjtfDzlleiZSuQv5SW9yKTMs6vEGXWr
ZFRHYMk+h+f9bW2pU8FVPd9ftVzDQx7FD4nO66+9o+uCSlJCLIEil/JVWLYk8CsB
kb/HcU9j4H5EJe2a9UfoWgY5yJLymtJajmAn3rTFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDCxx5Tlo/W5GL6yBZgbDCNCh6PIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5Mjg4MzBiLWJkYzAtNDBjMi04MmE4LTAyOWMxNWRiZWZiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAddTIAwDQYJKoZIhvcNAQELBQADggEBANHguZJkuXYVh+VAioJHFDHvYrkm
zAszc6gQWszYQZkgTeY/66KPF7spcp1EpT0Vix5T/bHz/ehQe5oW9sR6TtmBCynT
9yrWkFsIPjFaiEA9AMC709AncRJc3XTz/OhqwyKoh4fhnM+78ZoTEM7bKUuDKYkB
nex9fjcSoDrevDob3Z6bKgoXDoCimnQs/0xydBcfA6duXG6gPGlqKXJCo32kBLyN
CiB9ank4Zja0EAhdSdmkgQmCZo7fqAqZQzYngq3cXg31jg8WWuGgXlsrcsTfzNNJ
/+2rz/3OhZ6H0feic4Cl9Id1o/W4C00+LxR1stL5BdXAayqibIIIK6uydxg=
-----END CERTIFICATE-----