Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa
File:                     fc2e9df4-0643-4bfc-b528-6948594de8d8.roa (raw, json)
Hash identifier:          GqU7BJtVvJ05Si+YvNFCnXNnCtjCybL10b6MNRB3Q+U=
Subject key identifier:   28:0B:AE:57:81:BA:C1:08:98:3B:DC:8B:63:AE:E3:73:01:7E:5A:55
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       24432995D0201EC60764BAA520A74196EBE7F209
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa
Signing time:             Fri 21 Mar 2025 00:50:21 +0000
ROA not before:           Fri 21 Mar 2025 00:50:21 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        173.82.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:43:29:95:d0:20:1e:c6:07:64:ba:a5:20:a7:41:96:eb:e7:f2:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 21 00:50:21 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:cb:4c:7c:60:89:35:ee:a0:cd:6d:75:7e:c6:
                    21:3f:2c:cf:62:9d:30:7f:35:2f:c8:aa:45:3c:65:
                    c1:08:1a:eb:e9:03:a1:52:2a:23:64:f0:1f:96:cd:
                    5b:70:14:fa:8b:31:bc:30:ec:67:78:17:6e:fc:4b:
                    1b:15:cd:44:3e:f3:f0:23:e7:1e:24:95:b8:3a:36:
                    ac:a4:9b:f7:bd:43:de:7f:48:af:08:51:40:e6:b9:
                    53:05:70:f7:2a:ad:df:c6:cc:2c:6a:11:51:0e:2d:
                    8d:fc:ee:b0:8d:09:4e:81:cb:48:26:9c:b3:59:4e:
                    3c:f8:3d:50:67:0b:ee:47:5d:0f:2b:f2:f3:30:3b:
                    3f:ad:b7:40:40:da:f8:87:a8:aa:5e:81:9b:86:03:
                    35:63:46:0c:2c:5b:8c:6f:29:4c:dc:ec:b9:09:8b:
                    0b:66:64:d8:d9:66:92:f3:91:ee:4a:14:d4:d9:a2:
                    cc:67:08:90:d6:e0:c6:38:94:16:af:20:b7:34:fb:
                    f3:38:ed:d5:a1:ae:23:76:2f:88:24:dc:f1:c4:60:
                    7f:72:3b:0a:16:69:39:de:48:b3:fe:cc:46:31:6c:
                    82:b1:86:ab:20:38:ee:58:38:43:fe:52:b0:c5:6f:
                    5a:53:b9:11:ff:f4:5d:1b:71:2d:2c:de:00:e4:b6:
                    35:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:0B:AE:57:81:BA:C1:08:98:3B:DC:8B:63:AE:E3:73:01:7E:5A:55
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a6:d2:02:73:fc:c7:00:4d:42:c2:04:ed:04:38:69:fa:f3:f4:
         8c:2d:bf:29:ce:3f:94:52:53:f0:ce:3c:f2:c1:66:b9:55:a4:
         a7:47:a8:23:88:10:5b:64:5a:8f:53:5f:ed:c4:b9:63:d4:a8:
         77:67:f0:39:56:1c:1a:06:5f:d8:e7:ae:ef:9a:4b:1e:64:2f:
         9c:e3:87:88:83:b0:5d:82:7f:44:87:4e:4a:ef:91:21:7d:76:
         73:1d:cd:f0:81:35:22:fe:59:75:a3:1e:e1:73:d7:c7:36:3f:
         e4:da:0b:d1:91:f8:b6:cf:96:f6:5c:fe:df:7b:7d:81:ff:79:
         64:23:08:1e:1b:29:e2:ec:54:aa:ba:e0:62:45:84:8a:10:fd:
         f2:ab:3d:fe:63:bc:31:b2:5e:25:6b:5a:80:2b:a5:1f:71:dc:
         05:5c:87:fb:30:32:7e:42:ae:6d:6d:05:7b:13:e5:5c:b0:13:
         6a:85:8e:3d:2c:9c:58:b5:77:52:e9:78:d9:07:cc:d5:d0:f3:
         38:c3:15:24:c3:b3:10:68:88:22:92:36:5d:df:c9:75:d4:10:
         b9:fe:14:cd:b6:7e:1a:80:41:95:bc:d5:d2:25:f5:56:b8:b8:
         27:63:60:71:60:13:e5:46:5e:e4:f7:12:1f:7d:22:72:97:e1:
         d4:8e:5d:85
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJEMpldAgHsYHZLqlIKdBluvn8gkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzIxMDA1MDIxWhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWE3ZmEzMzQ2OTk3YTAzYWRlMWI2Nzk5YTgzMWQ2YzFl
NTdlMjI3ODE5ZjJjN2ZhZDQzYmRkZDk4MDk1MDhiMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYy0x8YIk17qDNbXV+xiE/LM9inTB/NS/IqkU8ZcEIGuvp
A6FSKiNk8B+WzVtwFPqLMbww7Gd4F278SxsVzUQ+8/Aj5x4klbg6Nqykm/e9Q95/
SK8IUUDmuVMFcPcqrd/GzCxqEVEOLY387rCNCU6By0gmnLNZTjz4PVBnC+5HXQ8r
8vMwOz+tt0BA2viHqKpegZuGAzVjRgwsW4xvKUzc7LkJiwtmZNjZZpLzke5KFNTZ
osxnCJDW4MY4lBavILc0+/M47dWhriN2L4gk3PHEYH9yOwoWaTneSLP+zEYxbIKx
hqsgOO5YOEP+UrDFb1pTuRH/9F0bcS0s3gDktjW3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKAuuV4G6wQiYO9yLY67jcwF+WlUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2ZjMmU5ZGY0LTA2NDMtNGJmYy1iNTI4LTY5NDg1OTRkZThkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCtUjANBgkqhkiG9w0BAQsFAAOCAQEAptICc/zHAE1CwgTtBDhp+vP0jC2/
Kc4/lFJT8M488sFmuVWkp0eoI4gQW2Raj1Nf7cS5Y9Sod2fwOVYcGgZf2Oeu75pL
HmQvnOOHiIOwXYJ/RIdOSu+RIX12cx3N8IE1Iv5ZdaMe4XPXxzY/5NoL0ZH4ts+W
9lz+33t9gf95ZCMIHhsp4uxUqrrgYkWEihD98qs9/mO8MbJeJWtagCulH3HcBVyH
+zAyfkKubW0FexPlXLATaoWOPSycWLV3Uul42QfM1dDzOMMVJMOzEGiIIpI2Xd/J
ddQQuf4UzbZ+GoBBlbzV0iX1Vri4J2NgcWAT5UZe5PcSH30icpfh1I5dhQ==
-----END CERTIFICATE-----