Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fb005b77-c7a4-4c3c-a061-76d84a81f91a.roa
File:                     fb005b77-c7a4-4c3c-a061-76d84a81f91a.roa (raw, json)
Hash identifier:          QsbO6DvR/Bl/i6z8Avcmd+9iFaqLvcbYnjSiqpuB/fM=
Subject key identifier:   EB:D9:29:5B:56:D3:9D:DA:29:E7:CF:C4:FA:DD:4F:80:21:FE:F3:C6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4020E4659606EDBA1CD293B6FDD461D65F942453
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fb005b77-c7a4-4c3c-a061-76d84a81f91a.roa
Signing time:             Mon 25 Nov 2024 00:00:00 +0000
ROA not before:           Mon 25 Nov 2024 00:00:00 +0000
ROA not after:            Mon 30 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        15.205.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:20:e4:65:96:06:ed:ba:1c:d2:93:b6:fd:d4:61:d6:5f:94:24:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 25 00:00:00 2024 GMT
            Not After : Dec 30 23:59:59 2024 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:6c:93:d4:27:dc:f4:da:5a:a5:af:b3:59:75:
                    8f:58:ec:33:97:3c:65:d1:74:a1:59:5c:a4:61:e8:
                    2a:e8:0d:40:fa:6d:c9:25:6f:8f:59:61:b5:0a:f1:
                    aa:8d:db:88:23:d9:2b:3b:94:7a:54:fa:f0:25:d9:
                    6c:58:d1:56:1a:28:11:42:60:2f:4c:06:e8:55:25:
                    4f:d4:70:ca:47:13:ef:13:d3:c2:a2:3c:39:04:23:
                    13:f3:fc:71:57:69:94:7d:63:8f:64:59:b9:9f:8d:
                    df:79:23:7d:d1:53:e6:f6:9f:0e:d1:a6:5a:1c:12:
                    98:53:59:7d:33:d5:ef:55:79:c3:0b:71:51:7e:5f:
                    32:72:16:ef:c8:60:b6:bf:ed:af:e1:4f:5b:4b:a3:
                    01:c9:80:35:eb:a7:2a:88:37:e5:9a:5a:a0:bf:99:
                    8a:f9:23:26:1e:56:a9:6e:ca:4c:d7:f9:48:d1:1a:
                    f7:0e:4e:35:a5:f6:c2:d2:df:46:56:c1:11:17:ec:
                    85:7f:ad:91:32:97:cc:8e:71:d7:c0:e3:39:30:01:
                    40:c0:e7:5d:e6:a4:05:82:04:5e:17:59:5f:ad:4d:
                    db:b0:36:0b:eb:2f:de:55:1c:59:b3:48:94:99:f5:
                    9e:ac:e4:0f:67:d4:e9:96:f7:3c:84:9b:5a:3b:e5:
                    ea:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:D9:29:5B:56:D3:9D:DA:29:E7:CF:C4:FA:DD:4F:80:21:FE:F3:C6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fb005b77-c7a4-4c3c-a061-76d84a81f91a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.205.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:8b:d7:f5:20:31:8f:86:cc:53:72:55:1a:0f:96:39:93:84:
         ee:ce:ee:a7:1a:aa:ce:bc:e4:12:70:8f:47:ee:ca:a1:f9:c3:
         4a:b8:b5:7c:6f:ad:8f:c6:22:47:1c:02:ea:c3:7f:25:8e:4e:
         b6:62:d0:d9:a2:1f:bb:b7:45:84:11:9a:7c:3f:3e:e5:e2:79:
         59:39:d8:df:5c:e4:e8:35:12:ec:4b:b5:17:69:c3:02:bf:91:
         9a:ac:88:96:c0:de:68:a7:50:65:bd:df:a7:e0:ef:3f:f9:d8:
         41:36:c1:e2:f8:dc:0a:2b:83:29:c9:3e:65:dd:df:92:5c:8f:
         22:c5:84:17:42:f8:11:01:2a:18:93:8a:2c:5b:f1:8f:9c:31:
         4f:ff:5f:de:f9:07:64:4b:92:b9:49:b4:9e:1f:0e:1b:e7:c0:
         55:19:aa:ab:67:21:69:b0:00:1b:96:96:3d:ce:75:20:95:57:
         48:0f:d9:a5:9b:15:5d:42:d2:fb:16:98:5d:9e:4a:1f:c4:d6:
         67:ff:3c:5f:75:2a:b4:4e:d4:fc:05:3e:18:f4:36:e0:f9:5a:
         ff:b1:8b:18:5b:db:05:49:ba:9d:15:57:84:15:52:b3:f8:8b:
         53:d5:98:82:ff:31:89:57:e1:11:1a:19:de:a9:b8:98:55:b4:
         93:0c:b8:b7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQCDkZZYG7boc0pO2/dRh1l+UJFMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMTI1MDAwMDAwWhcNMjQxMjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjU4YmM3MTUzZDg1ZDJmOGUxNzJmNDZhMWFkOTI2MDQ3
ZWRmMmRhMGE5NmU4YzMzYzk0YzNmMGZiNWJlNzU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIbJPUJ9z02lqlr7NZdY9Y7DOXPGXRdKFZXKRh6CroDUD6
bcklb49ZYbUK8aqN24gj2Ss7lHpU+vAl2WxY0VYaKBFCYC9MBuhVJU/UcMpHE+8T
08KiPDkEIxPz/HFXaZR9Y49kWbmfjd95I33RU+b2nw7RplocEphTWX0z1e9VecML
cVF+XzJyFu/IYLa/7a/hT1tLowHJgDXrpyqIN+WaWqC/mYr5IyYeVqluykzX+UjR
GvcOTjWl9sLS30ZWwREX7IV/rZEyl8yOcdfA4zkwAUDA513mpAWCBF4XWV+tTduw
NgvrL95VHFmzSJSZ9Z6s5A9n1OmW9zyEm1o75erzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU69kpW1bTndop58/E+t1PgCH+88YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZiMDA1Yjc3LWM3YTQtNGMzYy1hMDYxLTc2ZDg0YTgxZjkxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPzTANBgkqhkiG9w0BAQsFAAOCAQEAgYvX9SAxj4bMU3JVGg+WOZOE7s7u
pxqqzrzkEnCPR+7KofnDSri1fG+tj8YiRxwC6sN/JY5OtmLQ2aIfu7dFhBGafD8+
5eJ5WTnY31zk6DUS7Eu1F2nDAr+RmqyIlsDeaKdQZb3fp+DvP/nYQTbB4vjcCiuD
Kck+Zd3fklyPIsWEF0L4EQEqGJOKLFvxj5wxT/9f3vkHZEuSuUm0nh8OG+fAVRmq
q2chabAAG5aWPc51IJVXSA/ZpZsVXULS+xaYXZ5KH8TWZ/88X3UqtE7U/AU+GPQ2
4Pla/7GLGFvbBUm6nRVXhBVSs/iLU9WYgv8xiVfhERoZ3qm4mFW0kwy4tw==
-----END CERTIFICATE-----