Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8d9096e0-0a8d-4981-b350-e9a3a2a59a8b.roa
File:                     8d9096e0-0a8d-4981-b350-e9a3a2a59a8b.roa (raw, json)
Hash identifier:          S2poZnoKPFMkRjXg0m1KHddGNwPLQK8rSXNnTHBEs4o=
Subject key identifier:   44:42:97:00:28:1F:41:A0:8C:F8:95:45:8E:08:25:D2:9A:B5:FC:12
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       089DC7F47CB8148FA161AF3B3F244332C2BE2A96
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8d9096e0-0a8d-4981-b350-e9a3a2a59a8b.roa
Signing time:             Sat 18 Jan 2025 00:00:00 +0000
ROA not before:           Sat 18 Jan 2025 00:00:00 +0000
ROA not after:            Sat 22 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.255.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:9d:c7:f4:7c:b8:14:8f:a1:61:af:3b:3f:24:43:32:c2:be:2a:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 18 00:00:00 2025 GMT
            Not After : Feb 22 23:59:59 2025 GMT
        Subject: serialNumber=fb1b339bd188297e9040363f9ff345aab3c64a0a01dda5680ca9822c00ab82c7, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:4e:b1:07:6a:2b:b5:af:ca:a7:25:82:79:89:
                    4a:0c:b3:90:ad:82:e3:80:36:e9:67:d5:a7:b2:61:
                    40:07:cc:d0:45:d5:e9:ba:a7:6b:51:7b:a9:c9:23:
                    9e:3b:3b:db:4c:42:87:ab:a1:1f:94:18:f0:35:a4:
                    bb:f2:3b:80:a8:7d:4a:a6:da:4d:62:8e:9e:c2:35:
                    95:4a:a1:10:dd:98:0d:1c:e7:8e:86:40:08:23:c6:
                    e6:a0:98:e4:ad:2c:94:3b:73:71:d7:d1:1d:96:85:
                    fa:97:ce:43:e4:23:67:5c:4e:e2:50:67:52:3e:2f:
                    cf:4c:a9:96:6a:eb:d5:9a:48:fe:8e:91:a1:7b:ff:
                    c5:9b:74:08:98:79:6b:23:3a:e8:ec:b2:91:b4:d7:
                    10:eb:ce:82:f4:06:d5:16:b1:2b:5c:9d:b8:79:e1:
                    fc:a5:e5:11:06:3a:07:2b:e7:c8:15:cc:3f:56:5d:
                    5c:b0:aa:d3:8c:43:f7:d2:7e:a3:50:8b:bd:e2:a7:
                    d8:75:ae:2f:4d:5b:71:e1:e3:12:14:85:db:ee:a7:
                    15:6c:9f:a9:7c:76:46:4d:68:f1:7a:f2:5d:c7:42:
                    ad:92:39:7f:55:16:4e:c5:8d:b2:53:ce:1b:e7:22:
                    96:59:b1:1f:32:7d:69:73:27:c0:7d:d3:bf:9b:68:
                    b9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:42:97:00:28:1F:41:A0:8C:F8:95:45:8E:08:25:D2:9A:B5:FC:12
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8d9096e0-0a8d-4981-b350-e9a3a2a59a8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:71:d3:98:ce:f1:7f:86:90:26:67:8b:8c:a4:46:14:cf:98:
         ca:95:93:7e:6d:38:f4:17:99:5d:98:e2:0c:20:30:73:7f:22:
         b8:bf:64:4f:4d:d6:96:3d:8f:1a:02:fe:71:97:2f:d2:95:51:
         84:90:c1:b8:15:21:99:60:d4:a7:bf:0a:95:31:d6:e2:3a:50:
         ad:34:78:b0:7e:1e:d5:96:1f:de:e0:97:a1:91:b8:70:b6:4b:
         48:8f:5a:9a:06:59:06:20:55:7b:ac:1a:d1:ff:2b:41:d7:d3:
         5e:08:0d:ce:19:11:04:3d:51:3e:b2:be:2d:b1:62:d0:6c:8d:
         3f:68:d3:49:49:4e:69:5a:65:11:0a:48:e6:e5:59:cf:0c:a1:
         40:29:32:90:49:b9:cb:66:25:7f:90:3f:ab:af:b7:31:21:00:
         d5:d4:ae:0e:a4:86:ef:1f:96:74:49:3c:c2:cb:24:7f:cd:3b:
         15:ba:f1:29:15:82:b5:98:84:40:79:e6:01:ae:81:5c:b4:6d:
         57:a9:93:3d:1e:d7:cd:cb:10:71:24:92:c3:bf:9f:54:ec:b3:
         99:58:57:f9:65:29:8d:d6:f2:c4:01:4a:7b:b0:a9:31:d3:36:
         c4:6a:e3:ac:88:59:43:e8:5a:03:fe:28:42:4d:d6:71:9e:0e:
         d6:30:f6:c2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCJ3H9Hy4FI+hYa87PyRDMsK+KpYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTE4MDAwMDAwWhcNMjUwMjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjFiMzM5YmQxODgyOTdlOTA0MDM2M2Y5ZmYzNDVhYWIz
YzY0YTBhMDFkZGE1NjgwY2E5ODIyYzAwYWI4MmM3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcTrEHaiu1r8qnJYJ5iUoMs5CtguOANuln1aeyYUAHzNBF
1em6p2tRe6nJI547O9tMQoeroR+UGPA1pLvyO4CofUqm2k1ijp7CNZVKoRDdmA0c
546GQAgjxuagmOStLJQ7c3HX0R2WhfqXzkPkI2dcTuJQZ1I+L89MqZZq69WaSP6O
kaF7/8WbdAiYeWsjOujsspG01xDrzoL0BtUWsStcnbh54fyl5REGOgcr58gVzD9W
XVywqtOMQ/fSfqNQi73ip9h1ri9NW3Hh4xIUhdvupxVsn6l8dkZNaPF68l3HQq2S
OX9VFk7FjbJTzhvnIpZZsR8yfWlzJ8B907+baLnRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUREKXACgfQaCM+JVFjggl0pq1/BIwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhkOTA5NmUwLTBhOGQtNDk4MS1iMzUwLWU5YTNhMmE1OWE4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUv8wDQYJKoZIhvcNAQELBQADggEBAFtx05jO8X+GkCZni4ykRhTPmMqV
k35tOPQXmV2Y4gwgMHN/Iri/ZE9N1pY9jxoC/nGXL9KVUYSQwbgVIZlg1Ke/CpUx
1uI6UK00eLB+HtWWH97gl6GRuHC2S0iPWpoGWQYgVXusGtH/K0HX014IDc4ZEQQ9
UT6yvi2xYtBsjT9o00lJTmlaZREKSOblWc8MoUApMpBJuctmJX+QP6uvtzEhANXU
rg6khu8flnRJPMLLJH/NOxW68SkVgrWYhEB55gGugVy0bVepkz0e183LEHEkksO/
n1Tss5lYV/llKY3W8sQBSnuwqTHTNsRq46yIWUPoWgP+KEJN1nGeDtYw9sI=
-----END CERTIFICATE-----