Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa
File:                     e718f292-3534-48a9-a800-2739137ff5ea.roa (raw, json)
Hash identifier:          TI9Jx6vWla/GELgnTittvkUENEOUmqACuzUFfGRKcH8=
Subject key identifier:   C3:48:D2:ED:B5:A0:0D:27:D9:F9:D1:33:88:2F:10:5A:9C:F2:F9:FB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CF713B9D537106419ED019FEEE9A420FC9DEFBE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.246.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:f7:13:b9:d5:37:10:64:19:ed:01:9f:ee:e9:a4:20:fc:9d:ef:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: serialNumber=6a260a93fbd7c59dfda3bdc9cccb151e595ebc0a84a39107d56637bcdfb82b7d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:66:34:27:da:8f:71:98:8b:a6:dd:dd:6e:1e:
                    9e:56:91:5f:6e:35:d5:c3:9e:e9:0e:37:c0:a2:2b:
                    8a:b1:50:34:c6:f7:8e:b2:40:cf:70:52:53:3b:7b:
                    eb:08:01:47:77:b1:ca:1b:df:ca:e9:9c:1f:fd:3f:
                    d0:3b:80:1a:09:9b:fb:be:d2:ef:56:5f:3e:04:17:
                    3a:ee:b7:df:24:6c:92:86:ed:53:0b:04:07:e6:1b:
                    4f:fe:3c:1d:f7:a2:71:ee:ec:bc:49:1f:d6:76:67:
                    b4:1a:9a:e4:0b:bc:c5:16:dd:06:bc:60:08:95:a0:
                    11:97:94:50:bf:78:5d:bf:37:7f:11:b8:48:19:ad:
                    a9:85:f8:25:a7:47:b1:ec:75:cb:80:f8:d3:89:46:
                    57:a0:6a:a7:16:cb:3d:79:de:f1:15:0e:3a:d0:1f:
                    8d:35:0b:6a:dc:df:01:f6:03:7e:2d:35:7d:d1:ba:
                    fa:1e:7d:45:a0:23:e2:dc:a1:cf:fa:c6:8b:cc:f0:
                    66:2a:26:f0:35:fe:ec:fd:80:91:58:c2:3d:57:47:
                    2b:b5:e6:a1:e2:65:e1:c2:3b:84:bf:58:99:84:d6:
                    2f:e3:d1:97:52:0b:fb:1c:16:e1:62:d4:d7:51:f5:
                    9c:c6:0c:ab:60:4e:22:b9:79:92:5d:a4:8d:95:3b:
                    89:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:48:D2:ED:B5:A0:0D:27:D9:F9:D1:33:88:2F:10:5A:9C:F2:F9:FB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:47:9f:d2:af:5d:28:56:6d:39:5c:67:ad:25:23:05:a1:16:
         93:7c:65:9f:fe:37:1d:8a:2c:58:22:d7:24:cc:0f:0d:83:dd:
         57:dd:3a:64:2b:c1:09:1f:24:83:5c:ca:41:65:78:45:9d:e5:
         96:03:c0:68:10:ad:51:fd:d0:0e:03:a6:fe:1d:14:ae:29:8b:
         c8:6e:d8:9a:c1:c0:8c:a0:f8:6c:cb:47:3a:dc:36:ea:7c:55:
         eb:e3:8c:75:d3:49:ea:0b:72:15:92:ee:c0:ec:b3:e7:ea:f8:
         c3:8a:e7:9b:98:42:b8:f6:ce:3c:d3:a0:4d:c3:af:6a:04:e0:
         b1:8c:48:94:e7:04:ca:0d:d9:d2:c6:3a:18:2e:4e:72:c4:b7:
         f0:0a:ab:f3:63:9f:7f:6d:20:90:f8:ca:b9:2c:a2:86:18:c9:
         b6:62:55:f3:95:b2:f1:c1:93:9f:d1:f8:86:ff:e7:46:e3:b9:
         b2:bc:52:d4:76:3f:69:87:7d:9a:48:48:5b:81:93:90:4a:7f:
         7b:72:b4:3d:24:3a:1c:88:2f:99:52:d9:64:5e:eb:13:7c:f7:
         90:17:03:64:63:4d:1e:fa:0b:a3:51:ff:f5:58:d8:15:cb:54:
         0e:5d:ab:48:58:da:4c:43:aa:e1:f7:13:79:f9:83:bb:0b:08:
         04:c9:da:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfPcTudU3EGQZ7QGf7umkIPyd774wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTI2MGE5M2ZiZDdjNTlkZmRhM2JkYzljY2NiMTUxZTU5
NWViYzBhODRhMzkxMDdkNTY2MzdiY2RmYjgyYjdkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXZjQn2o9xmIum3d1uHp5WkV9uNdXDnukON8CiK4qxUDTG
946yQM9wUlM7e+sIAUd3scob38rpnB/9P9A7gBoJm/u+0u9WXz4EFzrut98kbJKG
7VMLBAfmG0/+PB33onHu7LxJH9Z2Z7QamuQLvMUW3Qa8YAiVoBGXlFC/eF2/N38R
uEgZramF+CWnR7HsdcuA+NOJRlegaqcWyz153vEVDjrQH401C2rc3wH2A34tNX3R
uvoefUWgI+Lcoc/6xovM8GYqJvA1/uz9gJFYwj1XRyu15qHiZeHCO4S/WJmE1i/j
0ZdSC/scFuFi1NdR9ZzGDKtgTiK5eZJdpI2VO4m1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUw0jS7bWgDSfZ+dEziC8QWpzy+fswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3MThmMjkyLTM1MzQtNDhhOS1hODAwLTI3MzkxMzdmZjVlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfYwDQYJKoZIhvcNAQELBQADggEBAFtHn9KvXShWbTlcZ60lIwWhFpN8
ZZ/+Nx2KLFgi1yTMDw2D3VfdOmQrwQkfJINcykFleEWd5ZYDwGgQrVH90A4Dpv4d
FK4pi8hu2JrBwIyg+GzLRzrcNup8VevjjHXTSeoLchWS7sDss+fq+MOK55uYQrj2
zjzToE3Dr2oE4LGMSJTnBMoN2dLGOhguTnLEt/AKq/Njn39tIJD4yrksooYYybZi
VfOVsvHBk5/R+Ib/50bjubK8UtR2P2mHfZpISFuBk5BKf3tytD0kOhyIL5lS2WRe
6xN895AXA2RjTR76C6NR//VY2BXLVA5dq0hY2kxDquH3E3n5g7sLCATJ2mM=
-----END CERTIFICATE-----