Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa
File:                     3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa (raw, json)
Hash identifier:          +1NOppFOaU3Tg+JPYfj+Ws0tlmDyxepEmxuI0U1IajU=
Subject key identifier:   EA:07:F5:5E:51:5B:A2:52:02:D9:E8:D2:74:54:A0:24:D1:29:03:A8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13ADE50C24F8B7728B9A8ADA2CC10DFCA5D2C28B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa
Signing time:             Mon 10 Mar 2025 15:11:15 +0000
ROA not before:           Mon 10 Mar 2025 15:11:15 +0000
ROA not after:            Mon 14 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        46.215.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:ad:e5:0c:24:f8:b7:72:8b:9a:8a:da:2c:c1:0d:fc:a5:d2:c2:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 10 15:11:15 2025 GMT
            Not After : Apr 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:33:38:9a:15:8c:21:75:02:0d:05:47:17:19:
                    24:b6:70:ae:a5:4a:4f:f5:ed:f5:ed:70:55:6c:80:
                    bc:fd:4c:41:b4:01:0f:f3:bf:0b:87:2d:aa:c7:b3:
                    05:a7:dc:2c:d1:e0:6f:9d:ee:b8:86:1d:49:80:d5:
                    e7:93:a3:36:15:8a:4d:ce:3c:80:96:16:2c:28:64:
                    58:c6:0e:6b:de:b0:68:93:bd:2e:ac:da:41:9c:f4:
                    ba:9c:18:e1:ed:d7:19:9d:83:03:35:54:29:96:1e:
                    19:43:9f:bb:f5:cd:81:45:e1:1e:6b:7f:95:3d:73:
                    2b:92:43:c9:f9:6d:40:a6:ad:8a:0a:f7:35:1d:80:
                    4a:9c:66:a3:41:9e:96:84:18:b4:f4:ec:5c:ab:81:
                    dc:8a:95:ea:53:b3:a1:5e:f9:04:0c:ba:d5:d0:40:
                    36:15:1e:e7:83:52:45:d6:d4:56:86:e9:18:0a:36:
                    06:3d:04:f8:bb:f9:66:00:61:c0:90:9b:41:93:d0:
                    9b:d8:6c:7c:5a:e6:69:d3:be:e3:69:45:57:3c:45:
                    eb:63:fb:61:50:73:ba:a9:06:59:dc:16:f2:6b:c9:
                    a2:1a:da:1f:15:65:13:fd:43:f9:12:b8:72:08:2c:
                    c4:ef:c4:3b:e8:cc:b8:d9:08:4d:33:b1:b4:ae:3d:
                    b6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:07:F5:5E:51:5B:A2:52:02:D9:E8:D2:74:54:A0:24:D1:29:03:A8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.215.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         13:a3:9a:fe:dc:d4:a3:6d:ba:38:37:78:e7:8f:ab:e9:70:1b:
         f2:95:b0:13:f3:b2:f2:16:c4:af:63:54:a6:e3:cb:4b:ce:08:
         55:bf:d9:a6:5a:cc:38:c6:fd:e8:3c:a2:40:fe:bc:95:b1:5b:
         27:c5:fc:39:69:8e:cb:46:2f:1d:e3:0f:47:5e:5a:4d:67:60:
         67:e6:8b:37:ef:c4:d3:d4:61:b0:0c:cf:3d:3a:2f:3d:f4:73:
         71:87:da:e8:dc:f0:bc:00:7f:cf:64:5c:ad:4f:a2:83:da:d8:
         7f:5b:21:8f:bf:51:ac:05:34:80:7b:91:ae:13:3a:34:7f:b8:
         10:19:15:29:4f:86:97:6f:89:55:f7:90:cc:07:49:2f:38:4d:
         cc:62:09:40:6e:fb:e0:5d:73:4b:aa:4e:39:7e:50:ff:0c:04:
         0e:34:0d:5d:87:b9:84:26:14:64:38:18:b8:3f:04:6a:16:50:
         a2:84:f2:1e:fc:b2:94:93:68:02:e8:a2:81:69:e1:b3:7f:07:
         03:a4:24:09:f3:3a:27:e8:08:19:61:e0:e0:18:5e:fa:6f:17:
         3f:db:17:9a:18:ed:2e:93:0f:d2:9c:b1:03:4c:1b:de:b4:88:
         7a:2d:7a:4f:43:17:ad:6f:7a:4c:3b:37:08:ff:64:33:5e:cc:
         4b:21:57:7a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUE63lDCT4t3KLmoraLMEN/KXSwoswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEwMTUxMTE1WhcNMjUwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGU0OTc4M2FhZjMzNDMxZGU2YjA1M2Q0MzE3YTg0ZGM5
ZjRjNjQxZDU4MWI0Njc0YzA5ZTYxMjVkYTg5MmE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPMziaFYwhdQINBUcXGSS2cK6lSk/17fXtcFVsgLz9TEG0
AQ/zvwuHLarHswWn3CzR4G+d7riGHUmA1eeTozYVik3OPICWFiwoZFjGDmvesGiT
vS6s2kGc9LqcGOHt1xmdgwM1VCmWHhlDn7v1zYFF4R5rf5U9cyuSQ8n5bUCmrYoK
9zUdgEqcZqNBnpaEGLT07FyrgdyKlepTs6Fe+QQMutXQQDYVHueDUkXW1FaG6RgK
NgY9BPi7+WYAYcCQm0GT0JvYbHxa5mnTvuNpRVc8Retj+2FQc7qpBlncFvJryaIa
2h8VZRP9Q/kSuHIILMTvxDvozLjZCE0zsbSuPbY3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6gf1XlFbolIC2ejSdFSgJNEpA6gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiMGE4YjQ2LWY4YTYtNGYwMy04MWNjLWU0MjgxN2E2YTgyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAu1zANBgkqhkiG9w0BAQsFAAOCAQEAE6Oa/tzUo226ODd454+r6XAb8pWw
E/Oy8hbEr2NUpuPLS84IVb/ZplrMOMb96DyiQP68lbFbJ8X8OWmOy0YvHeMPR15a
TWdgZ+aLN+/E09RhsAzPPTovPfRzcYfa6NzwvAB/z2RcrU+ig9rYf1shj79RrAU0
gHuRrhM6NH+4EBkVKU+Gl2+JVfeQzAdJLzhNzGIJQG774F1zS6pOOX5Q/wwEDjQN
XYe5hCYUZDgYuD8EahZQooTyHvyylJNoAuiigWnhs38HA6QkCfM6J+gIGWHg4Bhe
+m8XP9sXmhjtLpMP0pyxA0wb3rSIei16T0MXrW96TDs3CP9kM17MSyFXeg==
-----END CERTIFICATE-----