Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1d13217f-f773-4398-981b-ffc64bffbbc2.roa
File:                     1d13217f-f773-4398-981b-ffc64bffbbc2.roa (raw, json)
Hash identifier:          FZpdbYAoy34sPQV6bxeSZSoshUp1Nfx8eIaEUWkZsYo=
Subject key identifier:   96:04:2E:08:9E:FA:FA:7A:4F:7C:4B:2C:F3:DA:D6:C1:B5:74:B2:C2
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       110C8649E06DD9E7C34BC108D63F6513F0A05A83
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1d13217f-f773-4398-981b-ffc64bffbbc2.roa
Signing time:             Tue 28 Jan 2025 00:00:00 +0000
ROA not before:           Tue 28 Jan 2025 00:00:00 +0000
ROA not after:            Tue 04 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.17.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:0c:86:49:e0:6d:d9:e7:c3:4b:c1:08:d6:3f:65:13:f0:a0:5a:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 28 00:00:00 2025 GMT
            Not After : Mar  4 23:59:59 2025 GMT
        Subject: serialNumber=86a2603efedfae658640c31cee3d4f917ff96a84a0955cd2a12723d3f180a1d1, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ba:ad:3b:05:d9:bd:c7:54:a2:2f:24:b9:4e:
                    46:2e:d4:96:55:aa:8d:25:45:ed:ee:63:e7:f1:dc:
                    8a:a8:33:3c:6b:92:51:77:36:bc:da:08:16:a4:a4:
                    3f:b1:d6:29:22:27:3a:b8:f4:3b:57:5c:0a:ac:c4:
                    10:88:0e:b1:2d:18:36:ec:f5:f3:da:45:a5:b4:8e:
                    d0:3e:ff:6c:e3:2e:14:14:50:c8:ab:49:82:08:a9:
                    9f:52:c4:73:b1:39:47:3f:e0:fd:cc:77:18:13:89:
                    51:54:28:fb:35:2e:a9:1e:91:ec:16:7e:c6:f5:78:
                    89:60:1a:82:f2:5d:f3:90:ab:19:e9:22:07:0e:a4:
                    8f:21:32:3a:ac:81:36:02:a5:b0:ab:59:da:19:8b:
                    49:ca:18:79:a3:fd:e0:2a:f0:03:70:2e:b9:98:2e:
                    90:6d:d8:b7:68:88:2f:5c:12:8b:52:ff:63:d3:18:
                    87:c3:f7:6c:b0:56:09:3f:81:92:d6:e3:85:76:a4:
                    0d:31:b4:4d:17:7a:dc:1f:11:a5:31:13:71:af:8f:
                    de:a8:b9:c3:84:07:60:6f:8a:79:f3:6a:25:2a:28:
                    3d:47:63:f4:41:21:af:d8:60:e6:72:68:e9:5a:fb:
                    4f:ef:10:80:3e:7b:b1:c4:07:bb:e4:1b:7f:32:37:
                    cd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:04:2E:08:9E:FA:FA:7A:4F:7C:4B:2C:F3:DA:D6:C1:B5:74:B2:C2
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1d13217f-f773-4398-981b-ffc64bffbbc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:71:39:1a:41:fb:5b:d1:27:2c:6e:ad:80:a2:0c:c1:6b:56:
         ff:3c:f3:0f:45:0c:bd:dc:b7:c0:5d:32:eb:89:46:02:1b:fc:
         45:6a:07:35:b6:04:b3:ca:4d:72:56:a5:d8:ed:c1:53:99:4f:
         e1:ba:f0:8b:78:79:0a:42:a2:47:de:15:a7:ff:fa:c3:c3:f2:
         00:06:cd:6c:12:92:a1:47:69:1d:11:b6:c3:f7:33:db:0a:42:
         bf:cd:6e:63:85:d8:85:9e:26:37:23:30:23:ed:b8:47:f1:7c:
         4b:3b:58:cb:0f:c0:cf:ee:23:9a:20:61:95:cb:a1:4d:c8:c0:
         b4:2e:08:c8:62:75:b6:d3:8a:29:64:9f:d1:ff:56:a6:7c:b7:
         54:69:80:15:c7:9b:54:ae:ec:c0:93:c6:9c:c5:82:72:f6:32:
         05:3d:22:a4:ec:db:10:ce:b7:66:f2:20:5d:c8:70:ad:ea:19:
         48:e3:2b:60:63:e3:95:39:7f:94:4b:50:52:75:fd:eb:e7:49:
         bc:15:88:09:ca:30:df:3c:e1:0c:b2:b5:36:a4:8f:78:33:65:
         9b:13:b2:93:58:2a:b8:44:7b:5c:12:1f:b5:35:2f:c5:84:c6:
         17:19:bc:3c:4a:d7:bc:32:24:5b:4e:f8:f1:83:10:21:f5:08:
         2a:fb:de:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEQyGSeBt2efDS8EI1j9lE/CgWoMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NmEyNjAzZWZlZGZhZTY1ODY0MGMzMWNlZTNkNGY5MTdm
Zjk2YTg0YTA5NTVjZDJhMTI3MjNkM2YxODBhMWQxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkuq07Bdm9x1SiLyS5TkYu1JZVqo0lRe3uY+fx3IqoMzxr
klF3NrzaCBakpD+x1ikiJzq49DtXXAqsxBCIDrEtGDbs9fPaRaW0jtA+/2zjLhQU
UMirSYIIqZ9SxHOxOUc/4P3MdxgTiVFUKPs1LqkekewWfsb1eIlgGoLyXfOQqxnp
IgcOpI8hMjqsgTYCpbCrWdoZi0nKGHmj/eAq8ANwLrmYLpBt2LdoiC9cEotS/2PT
GIfD92ywVgk/gZLW44V2pA0xtE0XetwfEaUxE3Gvj96oucOEB2BvinnzaiUqKD1H
Y/RBIa/YYOZyaOla+0/vEIA+e7HEB7vkG38yN80xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlgQuCJ76+npPfEss89rWwbV0ssIwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzFkMTMyMTdmLWY3NzMtNDM5OC05ODFiLWZmYzY0YmZmYmJjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUhEwDQYJKoZIhvcNAQELBQADggEBAEdxORpB+1vRJyxurYCiDMFrVv88
8w9FDL3ct8BdMuuJRgIb/EVqBzW2BLPKTXJWpdjtwVOZT+G68It4eQpCokfeFaf/
+sPD8gAGzWwSkqFHaR0RtsP3M9sKQr/NbmOF2IWeJjcjMCPtuEfxfEs7WMsPwM/u
I5ogYZXLoU3IwLQuCMhidbbTiilkn9H/VqZ8t1RpgBXHm1Su7MCTxpzFgnL2MgU9
IqTs2xDOt2byIF3IcK3qGUjjK2Bj45U5f5RLUFJ1/evnSbwViAnKMN884QyytTak
j3gzZZsTspNYKrhEe1wSH7U1L8WExhcZvDxK17wyJFtO+PGDECH1CCr73sM=
-----END CERTIFICATE-----