Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/072c09c9-2b2b-47f3-bf8f-9e94d6cf69e2.roa
File:                     072c09c9-2b2b-47f3-bf8f-9e94d6cf69e2.roa (raw, json)
Hash identifier:          wpEhbvaAxKHOIl9O++7smq3MW6CL5MQZCqdKIW8TY4s=
Subject key identifier:   4D:B2:CA:2A:CF:65:2F:3B:0B:C9:52:8E:8B:9C:E1:52:A0:7A:DD:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       03D9D35AB1A96B637F6D2FD3E1E30D17193A0F81
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/072c09c9-2b2b-47f3-bf8f-9e94d6cf69e2.roa
Signing time:             Tue 07 Oct 2025 00:23:20 +0000
ROA not before:           Tue 07 Oct 2025 00:23:20 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        162.247.66.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:d9:d3:5a:b1:a9:6b:63:7f:6d:2f:d3:e1:e3:0d:17:19:3a:0f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:23:20 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=6026a3ea4c764cf19410cea7f1d9b92882932e9ce91c7b64ea5e5ffb76d2aab4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:00:ca:7e:51:d5:9b:a3:06:f7:7e:4c:7e:52:
                    65:7b:13:97:e6:3d:b9:d0:60:b2:a8:b9:89:43:dd:
                    ea:57:e2:4e:d9:1b:e5:2d:8c:8a:0a:23:6e:66:ad:
                    6c:04:47:55:10:27:a4:a7:6b:5a:95:68:1a:d8:bf:
                    61:d4:69:7e:1d:f2:c3:dd:88:f9:29:5e:6e:1b:69:
                    6c:8d:9a:ef:d9:e9:66:bb:65:09:ef:33:54:1a:f9:
                    fe:3d:1d:e8:5f:05:99:60:ea:63:8b:a1:46:4d:3a:
                    05:75:6d:f0:5b:ab:c2:99:eb:1a:e1:a5:5b:7e:c1:
                    70:b3:9b:79:86:b1:2c:ef:1d:82:ed:6a:42:4f:42:
                    0f:65:0e:a5:6d:6b:45:d9:af:8b:b0:ea:ab:27:1f:
                    16:2b:3d:34:32:8b:dc:66:f8:fc:74:c2:2b:dc:be:
                    2c:95:de:f5:8f:08:43:12:5a:9a:6b:fc:b6:b9:95:
                    31:d0:98:e5:64:e9:da:a5:7e:0c:94:54:59:36:b8:
                    03:94:ab:b7:c4:fb:17:81:cc:fb:8c:a9:8e:66:2c:
                    40:e4:68:19:10:4d:df:b1:df:8d:43:7e:88:95:07:
                    60:65:6f:8e:27:ea:b1:01:31:64:0f:08:ec:56:ed:
                    1a:75:9a:3b:b7:73:62:40:a6:69:bc:ca:50:6e:2e:
                    3f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B2:CA:2A:CF:65:2F:3B:0B:C9:52:8E:8B:9C:E1:52:A0:7A:DD:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/072c09c9-2b2b-47f3-bf8f-9e94d6cf69e2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.247.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         80:33:1d:1c:5b:67:7a:83:ba:26:c6:2a:15:b1:61:e2:50:f5:
         f0:08:2d:80:76:46:42:d6:82:30:2c:fd:70:49:ed:7d:f5:9f:
         d7:db:2b:dd:76:48:1c:96:37:fd:e5:25:1d:3a:f6:48:30:c7:
         9e:ca:de:46:0a:e2:3d:a9:e7:68:2a:84:06:15:a2:cf:24:89:
         bb:c8:ba:17:33:7f:aa:b6:1d:a3:0f:5f:5d:cb:62:5e:54:70:
         eb:f3:f7:8c:a0:bc:3c:e6:7c:5f:c5:4d:04:76:b6:4c:60:27:
         ab:c9:fd:ec:e0:f3:46:c4:fb:eb:20:18:43:85:9b:25:21:73:
         28:16:d2:6c:cd:45:b5:95:82:c0:fa:b5:a8:e2:45:78:1d:5c:
         d9:de:c7:a6:96:9f:54:a0:74:61:dd:a3:ac:b1:0b:89:7f:61:
         3a:63:56:da:97:75:c2:00:31:6c:db:04:30:5e:bd:48:84:d7:
         be:fa:b8:62:a1:86:16:86:4e:1b:d9:e2:96:7b:56:c4:61:1c:
         3a:c1:40:dc:c5:54:f8:36:9c:86:16:05:e7:5f:54:26:08:7d:
         21:55:aa:f7:5c:f0:2e:3c:1b:6f:3f:d5:43:58:20:74:d5:f8:
         65:2e:78:2f:43:0b:19:6b:d8:85:31:57:73:7d:07:18:f4:67:
         16:94:d1:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA9nTWrGpa2N/bS/T4eMNFxk6D4EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMzIwWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MDI2YTNlYTRjNzY0Y2YxOTQxMGNlYTdmMWQ5YjkyODgy
OTMyZTljZTkxYzdiNjRlYTVlNWZmYjc2ZDJhYWI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCFAMp+UdWbowb3fkx+UmV7E5fmPbnQYLKouYlD3epX4k7Z
G+UtjIoKI25mrWwER1UQJ6Sna1qVaBrYv2HUaX4d8sPdiPkpXm4baWyNmu/Z6Wa7
ZQnvM1Qa+f49HehfBZlg6mOLoUZNOgV1bfBbq8KZ6xrhpVt+wXCzm3mGsSzvHYLt
akJPQg9lDqVta0XZr4uw6qsnHxYrPTQyi9xm+Px0wivcviyV3vWPCEMSWppr/La5
lTHQmOVk6dqlfgyUVFk2uAOUq7fE+xeBzPuMqY5mLEDkaBkQTd+x341DfoiVB2Bl
b44n6rEBMWQPCOxW7Rp1mju3c2JApmm8ylBuLj+1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTbLKKs9lLzsLyVKOi5zhUqB63cgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA3MmMwOWM5LTJiMmItNDdmMy1iZjhmLTllOTRkNmNmNjllMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGi90IwDQYJKoZIhvcNAQELBQADggEBAIAzHRxbZ3qDuibGKhWxYeJQ9fAI
LYB2RkLWgjAs/XBJ7X31n9fbK912SByWN/3lJR069kgwx57K3kYK4j2p52gqhAYV
os8kibvIuhczf6q2HaMPX13LYl5UcOvz94ygvDzmfF/FTQR2tkxgJ6vJ/ezg80bE
++sgGEOFmyUhcygW0mzNRbWVgsD6tajiRXgdXNnex6aWn1SgdGHdo6yxC4l/YTpj
VtqXdcIAMWzbBDBevUiE1776uGKhhhaGThvZ4pZ7VsRhHDrBQNzFVPg2nIYWBedf
VCYIfSFVqvdc8C48G28/1UNYIHTV+GUueC9DCxlr2IUxV3N9Bxj0ZxaU0RM=
-----END CERTIFICATE-----