Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02ccc043-7526-4ebb-a4fd-40b36b580f29.roa
File:                     02ccc043-7526-4ebb-a4fd-40b36b580f29.roa (raw, json)
Hash identifier:          ZQow7f4ns9+cmAPRkoU5re/j0d/paSMcaLGAoZ4iWSU=
Subject key identifier:   6D:8C:1F:F0:AF:C7:8D:2A:66:47:04:D0:F9:DE:36:FE:0F:B1:3C:52
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C90FC2F7C3AE3BFF4684FF16DC7C0821422F7D8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02ccc043-7526-4ebb-a4fd-40b36b580f29.roa
Signing time:             Fri 20 Dec 2024 00:00:00 +0000
ROA not before:           Fri 20 Dec 2024 00:00:00 +0000
ROA not after:            Fri 24 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.180.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:90:fc:2f:7c:3a:e3:bf:f4:68:4f:f1:6d:c7:c0:82:14:22:f7:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 20 00:00:00 2024 GMT
            Not After : Jan 24 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:09:55:c6:9e:c3:78:61:91:ca:80:ec:7f:02:
                    c7:fc:35:88:1f:2e:c3:f9:01:09:45:30:78:c8:66:
                    a3:12:71:ac:7e:ca:29:c6:f8:39:88:88:e9:9e:22:
                    8a:2b:93:54:c5:cb:ef:f7:b4:07:ea:84:cf:92:b4:
                    4b:18:eb:8d:df:81:82:a5:0b:dc:02:c8:ca:2f:2b:
                    ef:37:d3:75:9a:db:33:00:26:94:3b:9e:ed:74:66:
                    98:d8:dc:49:52:c6:36:65:8e:e2:6e:b7:9e:e7:83:
                    2f:8f:c7:f4:92:b8:1a:58:d6:52:5a:4a:75:38:26:
                    7a:29:81:73:bd:03:a9:7b:03:aa:44:c1:f8:f4:52:
                    37:92:d1:c0:3d:bd:5a:b5:09:fe:56:f0:52:5a:3d:
                    b0:4e:ae:88:96:be:fa:91:bc:41:ca:a4:15:17:5d:
                    6d:c6:80:1c:82:b0:2e:ed:fe:1c:3d:8f:da:69:cb:
                    eb:ad:2d:58:33:ee:50:4b:47:7e:e0:59:bf:77:c6:
                    a9:6e:a7:f0:fd:ca:90:99:a7:91:35:73:f8:1b:38:
                    fe:03:4d:fd:c9:90:87:60:46:78:b8:a6:6a:63:a5:
                    ca:de:51:39:c5:88:28:bf:f1:1b:07:01:29:f1:d1:
                    4f:b8:72:7c:b8:72:d8:8e:43:e6:29:1f:c9:98:eb:
                    dd:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:8C:1F:F0:AF:C7:8D:2A:66:47:04:D0:F9:DE:36:FE:0F:B1:3C:52
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02ccc043-7526-4ebb-a4fd-40b36b580f29.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.180.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:08:ca:d2:c9:a1:39:36:ba:c4:09:1b:3e:20:7b:88:18:f3:
         3f:c4:0c:9f:67:5c:c2:2b:67:5f:c0:39:54:9d:d9:17:19:f0:
         1d:ad:94:e6:a8:d2:99:48:46:e5:c8:d6:0b:3c:78:87:1d:a7:
         07:ca:ee:0d:40:b9:42:c7:b1:c7:6a:be:b9:8a:9c:5b:26:60:
         f2:02:66:20:f6:eb:b0:56:8c:db:17:00:06:2d:22:8b:5a:3e:
         5e:47:f5:88:db:35:c7:9d:1d:76:21:eb:17:3b:42:1e:02:6f:
         03:9e:6f:11:f8:ad:bb:0c:8c:36:57:1f:51:d5:31:d1:23:46:
         24:16:07:a7:ed:da:48:b9:1c:10:6b:6e:04:d0:40:73:0f:80:
         07:f5:49:0a:05:1a:0e:8b:d3:2a:e3:6e:6a:7b:22:07:ff:a1:
         0b:1f:5b:72:f9:e8:89:23:68:ae:c7:eb:10:ee:0a:1c:da:1b:
         5e:a7:83:f5:e1:2a:cf:d6:a0:50:ab:f5:43:07:91:91:91:cf:
         dd:36:0f:72:92:ca:14:93:9d:23:fc:58:fd:5d:7a:62:fc:56:
         8d:4b:da:21:2f:7d:8f:03:19:ed:5c:c1:24:48:ed:33:78:b3:
         33:ed:35:d4:2c:31:2c:22:1c:4a:33:55:23:a8:bc:32:7f:a5:
         28:7a:9c:96
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbJD8L3w647/0aE/xbcfAghQi99gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWZiMTIwNmU5MGFmZWZmM2I3NWQ0YjFkNTgwY2IxMjVj
ZTYzNmQ1MmE5YzNmOWVjNThmZGExZGJiODg2ZDgwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnCVXGnsN4YZHKgOx/Asf8NYgfLsP5AQlFMHjIZqMScax+
yinG+DmIiOmeIoork1TFy+/3tAfqhM+StEsY643fgYKlC9wCyMovK+8303Wa2zMA
JpQ7nu10ZpjY3ElSxjZljuJut57ngy+Px/SSuBpY1lJaSnU4JnopgXO9A6l7A6pE
wfj0UjeS0cA9vVq1Cf5W8FJaPbBOroiWvvqRvEHKpBUXXW3GgByCsC7t/hw9j9pp
y+utLVgz7lBLR37gWb93xqlup/D9ypCZp5E1c/gbOP4DTf3JkIdgRni4pmpjpcre
UTnFiCi/8RsHASnx0U+4cny4ctiOQ+YpH8mY691HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbYwf8K/HjSpmRwTQ+d42/g+xPFIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyY2NjMDQzLTc1MjYtNGViYi1hNGZkLTQwYjM2YjU4MGYyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPtDANBgkqhkiG9w0BAQsFAAOCAQEAnQjK0smhOTa6xAkbPiB7iBjzP8QM
n2dcwitnX8A5VJ3ZFxnwHa2U5qjSmUhG5cjWCzx4hx2nB8ruDUC5Qsexx2q+uYqc
WyZg8gJmIPbrsFaM2xcABi0ii1o+Xkf1iNs1x50ddiHrFztCHgJvA55vEfituwyM
NlcfUdUx0SNGJBYHp+3aSLkcEGtuBNBAcw+AB/VJCgUaDovTKuNuansiB/+hCx9b
cvnoiSNorsfrEO4KHNobXqeD9eEqz9agUKv1QweRkZHP3TYPcpLKFJOdI/xY/V16
YvxWjUvaIS99jwMZ7VzBJEjtM3izM+011CwxLCIcSjNVI6i8Mn+lKHqclg==
-----END CERTIFICATE-----