Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/202fa196-7fc4-42d7-9eda-ead645c20087.roa
File:                     202fa196-7fc4-42d7-9eda-ead645c20087.roa (raw, json)
Hash identifier:          /z8Ra1whsc3B8yY9DkEUqJOFbLaz/Q7Fd9DsN3780Xg=
Subject key identifier:   C0:A9:6F:28:CA:46:47:82:9D:37:26:5D:86:EE:E6:B1:1D:9A:63:44
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63CD65D2CE4142D13B59FBED099556DD4BCA861F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/202fa196-7fc4-42d7-9eda-ead645c20087.roa
Signing time:             Wed 01 Oct 2025 00:52:47 +0000
ROA not before:           Wed 01 Oct 2025 00:52:47 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.160.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:cd:65:d2:ce:41:42:d1:3b:59:fb:ed:09:95:56:dd:4b:ca:86:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:52:47 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=498ba544f0ea2c71b5adeeed895b2f2b7f42fe2e8b9e21b53fc6f03253f9cbc4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bc:5a:9d:1e:b7:f5:0d:41:c2:0e:57:be:40:
                    35:c7:2d:07:06:8d:ec:e6:f1:01:86:13:17:dc:80:
                    c3:08:a2:25:47:2d:a7:82:a6:35:7e:6c:d7:65:ed:
                    4f:bf:20:a6:fb:99:5f:92:31:16:69:50:bc:76:45:
                    d5:95:fe:86:19:a6:66:00:ad:11:dc:60:92:30:ae:
                    79:95:52:ff:51:7e:24:bc:ec:4c:ec:c3:96:4d:8c:
                    9e:b8:f0:bc:99:d0:67:aa:0e:8f:41:52:74:1a:af:
                    79:4c:8d:73:0d:ef:f3:80:b9:b7:8a:f2:d9:7e:72:
                    08:d7:03:2c:ba:a5:a1:42:04:73:53:4c:61:ea:88:
                    d5:24:f2:48:47:18:94:67:ea:5d:f6:b7:84:41:59:
                    f7:ed:48:bf:60:33:c4:14:5c:a8:f6:70:bc:36:42:
                    db:e1:fb:45:af:70:0d:2c:d8:d0:b6:91:00:57:c5:
                    2b:d1:33:96:53:92:b7:1b:87:9d:f4:f8:bf:b2:7f:
                    71:14:cb:0c:bb:b9:48:0f:ee:6f:ac:73:e1:a6:ae:
                    ae:ea:b9:e0:e6:94:d9:e6:03:b3:53:73:bf:e6:b4:
                    e0:72:4b:40:ae:f0:3b:e6:48:28:db:d0:49:fa:5e:
                    13:59:b9:04:b0:7f:d6:c5:0f:93:c1:d9:22:0e:0f:
                    09:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A9:6F:28:CA:46:47:82:9D:37:26:5D:86:EE:E6:B1:1D:9A:63:44
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/202fa196-7fc4-42d7-9eda-ead645c20087.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:c2:6d:3d:bf:5e:62:e0:e0:2e:c7:9e:e8:bc:38:fb:0c:62:
         23:f6:64:af:6a:39:31:e5:27:16:81:07:06:01:f2:3a:aa:28:
         5a:55:68:1c:68:79:b6:32:99:e9:af:51:73:e0:99:63:4e:2c:
         22:98:f7:93:9b:21:ee:3d:5f:dd:c1:8f:ad:21:e0:4d:cc:4a:
         d6:fc:72:f9:7e:d3:7f:aa:3b:ec:93:a2:39:d8:ca:0c:82:f4:
         c5:9d:cf:53:f3:40:87:f5:cd:8f:87:18:2e:b9:35:e7:84:ce:
         13:fd:66:b8:50:f6:1f:6d:d3:e8:da:0e:9c:41:53:67:81:9b:
         e7:bd:c6:3f:a0:2a:2d:d1:58:90:c2:c9:c0:bc:d3:5f:46:f3:
         1b:4f:68:24:17:3b:e9:46:b7:3b:5d:70:ec:fc:15:1c:d8:32:
         a7:83:85:a5:c3:96:1b:a8:ac:b1:6e:0a:d8:f8:dc:df:0d:a5:
         38:56:d2:53:3b:29:c1:4c:20:e3:51:1d:69:2f:84:ff:56:e6:
         8b:dd:d1:f1:85:7a:27:a5:33:a8:ee:9d:cb:81:03:39:af:c8:
         a9:f7:2d:0f:00:d4:0c:59:aa:3e:4b:1c:02:b2:6f:9b:20:89:
         e8:8b:96:62:64:dd:2e:26:9b:86:f5:98:b8:d4:07:73:70:2e:
         7d:2f:cf:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY81l0s5BQtE7WfvtCZVW3UvKhh8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA1MjQ3WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OThiYTU0NGYwZWEyYzcxYjVhZGVlZWQ4OTViMmYyYjdm
NDJmZTJlOGI5ZTIxYjUzZmM2ZjAzMjUzZjljYmM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIvFqdHrf1DUHCDle+QDXHLQcGjezm8QGGExfcgMMIoiVH
LaeCpjV+bNdl7U+/IKb7mV+SMRZpULx2RdWV/oYZpmYArRHcYJIwrnmVUv9RfiS8
7Ezsw5ZNjJ648LyZ0GeqDo9BUnQar3lMjXMN7/OAubeK8tl+cgjXAyy6paFCBHNT
TGHqiNUk8khHGJRn6l32t4RBWfftSL9gM8QUXKj2cLw2Qtvh+0WvcA0s2NC2kQBX
xSvRM5ZTkrcbh530+L+yf3EUywy7uUgP7m+sc+Gmrq7queDmlNnmA7NTc7/mtOBy
S0Cu8DvmSCjb0En6XhNZuQSwf9bFD5PB2SIODwmnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwKlvKMpGR4KdNyZdhu7msR2aY0QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwMmZhMTk2LTdmYzQtNDJkNy05ZWRhLWVhZDY0NWMyMDA4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM36AwDQYJKoZIhvcNAQELBQADggEBALTCbT2/XmLg4C7Hnui8OPsMYiP2
ZK9qOTHlJxaBBwYB8jqqKFpVaBxoebYymemvUXPgmWNOLCKY95ObIe49X93Bj60h
4E3MStb8cvl+03+qO+yTojnYygyC9MWdz1PzQIf1zY+HGC65NeeEzhP9ZrhQ9h9t
0+jaDpxBU2eBm+e9xj+gKi3RWJDCycC8019G8xtPaCQXO+lGtztdcOz8FRzYMqeD
haXDlhuorLFuCtj43N8NpThW0lM7KcFMIONRHWkvhP9W5ovd0fGFeielM6juncuB
AzmvyKn3LQ8A1AxZqj5LHAKyb5sgieiLlmJk3S4mm4b1mLjUB3NwLn0vzxo=
-----END CERTIFICATE-----