Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7886a458-feff-41db-ba90-69c2775beda9.roa
File:                     7886a458-feff-41db-ba90-69c2775beda9.roa (raw, json)
Hash identifier:          eW995t9O68eX+CRoua0O3Vq3rXJ8b9Rv+rH90wgauNI=
Subject key identifier:   74:83:CA:E6:5C:EE:89:58:E8:F9:1A:CA:57:ED:F9:09:43:72:15:17
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       27A31F83398FC3B331E8E3E2E84798DC1DDE4778
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7886a458-feff-41db-ba90-69c2775beda9.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.18.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:a3:1f:83:39:8f:c3:b3:31:e8:e3:e2:e8:47:98:dc:1d:de:47:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=1e000baedd32739edf11c35d34610a834ed69befd278cc6dd269ac52e773b724, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:91:73:75:a5:fd:5f:42:f4:62:48:31:35:bb:
                    10:c6:95:cb:14:33:fc:da:26:72:69:65:60:43:60:
                    32:b7:18:b0:fe:73:2f:a9:94:7c:e3:2d:c0:f2:09:
                    f7:35:3e:1d:cc:64:34:ab:ff:22:67:6b:66:50:b6:
                    b6:fb:6c:41:ec:e0:5c:01:68:75:3b:c2:b3:63:32:
                    35:e1:cf:b3:cf:3d:b5:5d:6b:06:73:b5:ed:09:5a:
                    a4:ac:1e:4a:e3:ae:ac:f0:33:f3:0b:f4:4c:33:b9:
                    ad:7a:7e:3d:2b:0c:8e:18:a0:8c:88:91:31:ba:fa:
                    fa:3e:f5:7e:c2:68:bb:52:e5:4a:dd:9f:b6:0e:10:
                    e8:77:66:ae:73:ce:65:04:a6:e8:7e:d3:d7:10:5d:
                    c1:f3:e7:8e:16:9f:3b:9d:22:1c:58:af:0e:fa:1f:
                    a8:4c:78:02:9b:45:5b:19:5b:5b:48:03:99:89:a1:
                    28:c5:e9:b2:d8:cd:93:a8:86:d1:37:9f:71:1d:31:
                    ea:1c:5a:49:f6:b9:86:fa:9c:35:2d:de:b4:29:73:
                    78:7e:a4:7b:cd:8a:0b:a0:e6:72:4c:7f:52:2b:84:
                    1b:24:ee:03:ad:99:67:e1:99:15:5f:6d:01:69:ab:
                    e5:b2:72:8f:3f:34:8f:27:20:f0:ad:83:40:0a:79:
                    11:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:83:CA:E6:5C:EE:89:58:E8:F9:1A:CA:57:ED:F9:09:43:72:15:17
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7886a458-feff-41db-ba90-69c2775beda9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:62:c1:98:7e:4e:8e:41:c4:9f:19:0a:a4:45:82:ef:61:25:
         b8:c1:a6:b6:8f:78:0d:80:82:c1:9e:5b:63:b7:fb:86:a5:5e:
         57:7d:eb:c7:79:95:79:3f:7c:14:91:b6:d8:ad:e5:ce:ef:a9:
         c4:ce:1d:fe:54:d9:55:8e:e9:43:8a:8c:78:10:1b:c0:89:87:
         31:a5:72:2a:2a:23:db:b4:e4:95:ed:ec:a2:03:2b:c1:2c:b2:
         54:9b:fc:fe:6f:0a:7c:39:3d:d4:bd:d3:d9:0c:77:0d:92:fa:
         54:71:df:db:d0:e7:20:2a:e5:0f:52:9a:c0:6d:76:54:9f:07:
         6c:b0:3c:9c:de:e4:bc:21:1e:a5:0f:70:1e:44:69:2d:b2:de:
         46:9a:6f:e4:66:2d:39:f3:cf:2a:44:5c:a7:15:fd:6c:52:31:
         f3:97:64:19:f6:bf:6f:64:db:4c:3e:64:b5:a4:07:8d:04:a4:
         9e:4d:82:02:96:6a:ce:ba:ab:9f:bf:db:21:b8:62:0a:62:42:
         22:92:26:18:ec:7e:11:ac:16:a5:b3:ed:d6:99:60:b7:50:da:
         9b:d2:11:34:68:52:9e:3c:10:d5:f9:e1:07:33:55:e6:77:e5:
         df:cb:6c:e1:5d:c2:ef:19:99:cf:1f:92:c0:b1:67:45:f3:0d:
         7e:b7:3d:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ6MfgzmPw7Mx6OPi6EeY3B3eR3gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTAwMGJhZWRkMzI3MzllZGYxMWMzNWQzNDYxMGE4MzRl
ZDY5YmVmZDI3OGNjNmRkMjY5YWM1MmU3NzNiNzI0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOkXN1pf1fQvRiSDE1uxDGlcsUM/zaJnJpZWBDYDK3GLD+
cy+plHzjLcDyCfc1Ph3MZDSr/yJna2ZQtrb7bEHs4FwBaHU7wrNjMjXhz7PPPbVd
awZzte0JWqSsHkrjrqzwM/ML9Ewzua16fj0rDI4YoIyIkTG6+vo+9X7CaLtS5Urd
n7YOEOh3Zq5zzmUEpuh+09cQXcHz544WnzudIhxYrw76H6hMeAKbRVsZW1tIA5mJ
oSjF6bLYzZOohtE3n3EdMeocWkn2uYb6nDUt3rQpc3h+pHvNigug5nJMf1IrhBsk
7gOtmWfhmRVfbQFpq+Wyco8/NI8nIPCtg0AKeRF3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdIPK5lzuiVjo+RrKV+35CUNyFRcwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzc4ODZhNDU4LWZlZmYtNDFkYi1iYTkwLTY5YzI3NzViZWRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUhIwDQYJKoZIhvcNAQELBQADggEBAAdiwZh+To5BxJ8ZCqRFgu9hJbjB
praPeA2AgsGeW2O3+4alXld968d5lXk/fBSRttit5c7vqcTOHf5U2VWO6UOKjHgQ
G8CJhzGlcioqI9u05JXt7KIDK8EsslSb/P5vCnw5PdS909kMdw2S+lRx39vQ5yAq
5Q9SmsBtdlSfB2ywPJze5LwhHqUPcB5EaS2y3kaab+RmLTnzzypEXKcV/WxSMfOX
ZBn2v29k20w+ZLWkB40EpJ5NggKWas66q5+/2yG4YgpiQiKSJhjsfhGsFqWz7daZ
YLdQ2pvSETRoUp48ENX54QczVeZ35d/LbOFdwu8Zmc8fksCxZ0XzDX63PfQ=
-----END CERTIFICATE-----