Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fe8156d-cfdf-43c7-9200-41d92c81d4df.roa
File:                     0fe8156d-cfdf-43c7-9200-41d92c81d4df.roa (raw, json)
Hash identifier:          NPnhefwNSCDUKokLgv/fkkD2J923CVqjdCZFCxdnlk4=
Subject key identifier:   22:B9:E8:86:C4:2A:4A:FE:48:A8:A5:66:72:95:7A:17:AD:EA:D9:FF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       11C0670F5953C3DE6C54F46D78C2BAA43829F799
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fe8156d-cfdf-43c7-9200-41d92c81d4df.roa
Signing time:             Fri 28 Mar 2025 17:41:39 +0000
ROA not before:           Fri 28 Mar 2025 17:41:39 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.186.0.0/15 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:c0:67:0f:59:53:c3:de:6c:54:f4:6d:78:c2:ba:a4:38:29:f7:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 28 17:41:39 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: serialNumber=af689b38454bba688ed7223317440b540d37de69ec3b446884e87d840db6d8f7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bf:d5:f3:7e:5a:17:af:ba:ea:eb:ea:ab:6f:
                    13:87:50:95:ed:82:e5:97:79:9f:bd:5e:f1:4b:35:
                    53:9f:c4:2e:8e:b1:b8:cd:89:51:90:50:ed:d8:5d:
                    67:6d:af:83:2d:24:0d:13:9b:ea:de:8c:c8:d8:6e:
                    c3:dd:70:17:44:1c:0e:1e:e8:41:31:13:46:89:bc:
                    0c:7d:7d:52:7e:87:f1:8f:d0:7f:35:27:42:a3:a9:
                    01:0b:54:2d:87:21:69:46:30:37:bc:1f:c3:e1:0d:
                    4b:27:7a:51:13:58:d4:31:70:ee:2e:99:f6:53:51:
                    6f:ee:ce:d4:67:44:b8:3a:29:57:99:d0:b7:18:55:
                    85:d1:1d:eb:97:9d:3a:af:f1:3f:89:8a:63:f6:62:
                    7c:c7:15:74:0a:f7:04:ad:08:41:0f:df:95:4f:b7:
                    e3:9b:cd:2f:f9:35:16:84:40:f8:e2:66:52:b9:01:
                    05:68:3f:56:98:fc:66:15:5d:5d:f8:83:6a:fe:17:
                    19:5f:31:d2:4f:90:88:81:f9:25:8c:f2:93:33:3b:
                    52:e2:52:f8:21:41:32:8e:e7:cc:0b:ee:d9:dc:d7:
                    05:8e:e1:ef:2a:23:1f:93:43:d6:42:b5:47:30:c4:
                    1c:e4:59:47:6b:bb:3d:e5:c0:e7:ef:9c:1c:5e:fb:
                    d2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B9:E8:86:C4:2A:4A:FE:48:A8:A5:66:72:95:7A:17:AD:EA:D9:FF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fe8156d-cfdf-43c7-9200-41d92c81d4df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.186.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         2c:f2:92:2c:44:6b:90:31:ce:e9:3a:f6:cd:4f:c0:cd:68:05:
         4d:50:a8:13:d8:8f:d4:30:07:e3:03:e6:5a:a1:82:8c:59:ea:
         48:88:b6:4c:00:73:e8:86:e3:41:d9:8e:b0:9b:f7:e0:29:13:
         68:2b:9d:89:64:4d:ec:c1:00:cf:aa:f2:cf:d0:77:3b:2d:fa:
         c4:73:35:b5:a8:cb:eb:03:ee:d7:60:0d:ee:c2:30:a2:2a:ae:
         95:99:52:0f:4c:b3:4a:c3:ab:8a:a6:8d:d3:cd:4e:89:dd:d6:
         93:5f:89:e8:12:66:84:07:8a:19:55:87:4a:fe:95:b4:fb:00:
         d8:05:70:5e:2b:67:80:f7:3a:c8:9a:f7:6a:7c:a3:aa:d4:31:
         f0:f0:7d:c6:8f:1a:3d:d0:90:ca:e0:66:58:de:8a:b8:15:df:
         64:f6:51:ec:80:06:8d:79:aa:3e:83:e8:5a:a1:4d:ff:14:d1:
         05:6a:8e:89:d5:a6:c7:91:4d:14:bc:ee:43:7f:5b:f9:1a:76:
         8d:55:07:a0:be:40:da:df:e6:0f:d6:65:ff:5e:ef:9f:db:f0:
         92:7b:c0:72:d2:02:71:12:23:81:48:58:55:11:59:23:5b:aa:
         6c:77:e2:8a:2a:03:6f:ba:a5:fe:63:37:ea:2a:ce:e7:08:5b:
         de:65:11:2a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEcBnD1lTw95sVPRteMK6pDgp95kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzI4MTc0MTM5WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjY4OWIzODQ1NGJiYTY4OGVkNzIyMzMxNzQ0MGI1NDBk
MzdkZTY5ZWMzYjQ0Njg4NGU4N2Q4NDBkYjZkOGY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsv9XzfloXr7rq6+qrbxOHUJXtguWXeZ+9XvFLNVOfxC6O
sbjNiVGQUO3YXWdtr4MtJA0Tm+rejMjYbsPdcBdEHA4e6EExE0aJvAx9fVJ+h/GP
0H81J0KjqQELVC2HIWlGMDe8H8PhDUsnelETWNQxcO4umfZTUW/uztRnRLg6KVeZ
0LcYVYXRHeuXnTqv8T+JimP2YnzHFXQK9wStCEEP35VPt+ObzS/5NRaEQPjiZlK5
AQVoP1aY/GYVXV34g2r+FxlfMdJPkIiB+SWM8pMzO1LiUvghQTKO58wL7tnc1wWO
4e8qIx+TQ9ZCtUcwxBzkWUdruz3lwOfvnBxe+9IvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIrnohsQqSv5IqKVmcpV6F63q2f8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBmZTgxNTZkLWNmZGYtNDNjNy05MjAwLTQxZDkyYzgxZDRkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEPujANBgkqhkiG9w0BAQsFAAOCAQEALPKSLERrkDHO6Tr2zU/AzWgFTVCo
E9iP1DAH4wPmWqGCjFnqSIi2TABz6IbjQdmOsJv34CkTaCudiWRN7MEAz6ryz9B3
Oy36xHM1tajL6wPu12AN7sIwoiqulZlSD0yzSsOriqaN081Oid3Wk1+J6BJmhAeK
GVWHSv6VtPsA2AVwXitngPc6yJr3anyjqtQx8PB9xo8aPdCQyuBmWN6KuBXfZPZR
7IAGjXmqPoPoWqFN/xTRBWqOidWmx5FNFLzuQ39b+Rp2jVUHoL5A2t/mD9Zl/17v
n9vwknvActICcRIjgUhYVRFZI1uqbHfiiioDb7ql/mM36irO5whb3mURKg==
-----END CERTIFICATE-----