Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ab4bbb2-995f-426a-b772-87c418889125.roa
File:                     0ab4bbb2-995f-426a-b772-87c418889125.roa (raw, json)
Hash identifier:          MNLpnD5CbU9JyfmMvnrrd6D9VxCht55zZB7E5QtH70o=
Subject key identifier:   7C:DB:0C:18:1F:59:6B:F0:2C:56:EF:2C:A5:1A:C7:B3:DA:94:2E:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       69860942EA8C19C62D8B38727D2D6FEDEC4FE44D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ab4bbb2-995f-426a-b772-87c418889125.roa
Signing time:             Fri 03 Oct 2025 00:51:10 +0000
ROA not before:           Fri 03 Oct 2025 00:51:10 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.239.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:86:09:42:ea:8c:19:c6:2d:8b:38:72:7d:2d:6f:ed:ec:4f:e4:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:51:10 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=f628555238aa77700fcbd9382610b663a21c14d49e2fed92cec04c4dc13a0423, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7a:22:5e:6b:e4:91:70:09:f1:7f:74:12:47:
                    3c:88:c5:96:11:17:df:76:cc:05:9e:04:a9:a0:48:
                    a4:c4:c0:c1:d1:c6:e8:ce:7f:26:1d:a3:e8:1c:0c:
                    d2:ab:c6:f9:a0:30:da:55:48:04:41:5d:0e:e2:10:
                    bf:c0:ad:96:f3:a1:6f:bd:20:7c:41:cb:4e:d3:57:
                    54:ea:1d:1d:fe:e3:94:c0:b1:43:bb:75:80:cc:57:
                    33:62:aa:41:b2:cd:4c:a4:eb:33:7b:84:30:a4:40:
                    a8:82:5f:d6:cc:8d:c8:f1:41:8e:74:3b:60:b1:1f:
                    6d:c8:00:98:2c:c5:7e:36:4d:43:3a:38:69:e7:4f:
                    a4:6f:13:2e:0c:7b:bd:d6:48:a7:a8:78:e9:5d:a3:
                    77:81:2e:d8:8e:30:90:24:6a:c3:d5:1c:6d:83:41:
                    d0:c6:a9:a8:15:18:e6:fc:de:0c:ef:58:d3:56:ef:
                    a5:db:5c:22:ca:f7:02:22:f2:78:08:6f:14:f4:40:
                    00:38:92:03:2f:5c:00:57:2e:36:0e:c6:e6:2c:66:
                    c1:47:3d:99:dc:32:13:17:37:dc:95:33:2e:aa:fe:
                    46:8e:41:8e:86:e9:62:6c:e5:de:76:f4:77:1d:2e:
                    86:5b:55:80:c1:33:2b:da:45:5f:3b:7f:fb:34:23:
                    4e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:DB:0C:18:1F:59:6B:F0:2C:56:EF:2C:A5:1A:C7:B3:DA:94:2E:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ab4bbb2-995f-426a-b772-87c418889125.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:03:93:e0:8e:45:15:ad:ef:77:e9:d1:b0:e9:26:16:2a:f6:
         b9:11:ad:d3:38:58:25:8a:5c:a7:b2:72:23:04:1d:3a:4c:09:
         d9:c5:5e:d0:b5:e0:35:67:91:c5:e9:45:a1:3f:b9:d2:2d:86:
         5b:70:de:37:9f:0e:41:9f:57:ad:35:0d:b2:74:d9:19:ab:65:
         99:56:62:f7:0f:78:34:b6:52:4e:8a:f8:28:22:65:32:5f:b6:
         49:9b:65:12:7c:8f:43:fc:a8:bc:30:5d:ec:eb:6f:23:99:89:
         4b:19:e4:37:86:35:a6:9b:8d:2b:62:e8:fb:17:b1:b6:40:de:
         6b:45:cd:d3:0a:72:f6:4f:f1:cd:6a:84:d4:b0:ae:ad:ea:4d:
         8c:c2:ed:9a:50:f8:3c:ea:b9:c2:72:3d:e3:87:c8:03:e1:32:
         4b:5b:96:72:5d:34:e4:a4:42:e3:f2:e8:7c:3e:a0:06:5b:58:
         da:f0:53:bb:dc:e0:aa:54:b6:b9:dc:d0:f6:fc:27:e4:1d:c2:
         5c:51:1e:5e:4b:5a:ee:b9:f7:7a:ea:2d:ca:f2:2c:d6:33:9c:
         bb:3f:a2:62:92:39:f4:8a:6d:25:a4:59:a1:b3:3a:30:16:eb:
         bb:f6:24:c7:f8:ca:a6:33:a2:c3:64:86:89:a2:fb:6a:7e:15:
         4e:14:14:79
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaYYJQuqMGcYtizhyfS1v7exP5E0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTEwWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjI4NTU1MjM4YWE3NzcwMGZjYmQ5MzgyNjEwYjY2M2Ey
MWMxNGQ0OWUyZmVkOTJjZWMwNGM0ZGMxM2EwNDIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyeiJea+SRcAnxf3QSRzyIxZYRF992zAWeBKmgSKTEwMHR
xujOfyYdo+gcDNKrxvmgMNpVSARBXQ7iEL/ArZbzoW+9IHxBy07TV1TqHR3+45TA
sUO7dYDMVzNiqkGyzUyk6zN7hDCkQKiCX9bMjcjxQY50O2CxH23IAJgsxX42TUM6
OGnnT6RvEy4Me73WSKeoeOldo3eBLtiOMJAkasPVHG2DQdDGqagVGOb83gzvWNNW
76XbXCLK9wIi8ngIbxT0QAA4kgMvXABXLjYOxuYsZsFHPZncMhMXN9yVMy6q/kaO
QY6G6WJs5d529HcdLoZbVYDBMyvaRV87f/s0I04bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfNsMGB9Za/AsVu8spRrHs9qULjgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBhYjRiYmIyLTk5NWYtNDI2YS1iNzcyLTg3YzQxODg4OTEyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTe8wDQYJKoZIhvcNAQELBQADggEBAKkDk+CORRWt73fp0bDpJhYq9rkR
rdM4WCWKXKeyciMEHTpMCdnFXtC14DVnkcXpRaE/udIthltw3jefDkGfV601DbJ0
2RmrZZlWYvcPeDS2Uk6K+CgiZTJftkmbZRJ8j0P8qLwwXezrbyOZiUsZ5DeGNaab
jSti6PsXsbZA3mtFzdMKcvZP8c1qhNSwrq3qTYzC7ZpQ+DzqucJyPeOHyAPhMktb
lnJdNOSkQuPy6Hw+oAZbWNrwU7vc4KpUtrnc0Pb8J+QdwlxRHl5LWu6593rqLcry
LNYznLs/omKSOfSKbSWkWaGzOjAW67v2JMf4yqYzosNkhomi+2p+FU4UFHk=
-----END CERTIFICATE-----