Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203fa97e-bcf4-49c7-9e30-ad3cb5ce755d.roa
File:                     203fa97e-bcf4-49c7-9e30-ad3cb5ce755d.roa (raw, json)
Hash identifier:          xD8iCzaNmO6EOsHPbnpwg5VUGExcI4ysJRQMmsfOjho=
Subject key identifier:   C2:36:AE:96:B8:33:B8:80:B3:CB:9D:3D:CE:A3:69:32:56:40:02:62
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46FF22ED28B5699A43EC99069301BE38E2B7814F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203fa97e-bcf4-49c7-9e30-ad3cb5ce755d.roa
Signing time:             Fri 03 Oct 2025 00:51:12 +0000
ROA not before:           Fri 03 Oct 2025 00:51:12 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.132.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:ff:22:ed:28:b5:69:9a:43:ec:99:06:93:01:be:38:e2:b7:81:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:51:12 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=ae45bc083351531178de84a42443e43a82af42b3742a895647efbe7cca7233df, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:97:d0:66:5f:b5:1c:2e:e9:c8:24:8f:77:00:
                    11:6e:74:60:30:f2:07:ae:50:12:07:c2:ea:11:82:
                    6d:64:87:5d:38:89:1f:43:4a:e1:1f:b9:1a:ba:b1:
                    3d:7c:26:92:25:04:ea:81:bf:1c:87:78:fd:98:7b:
                    eb:d5:80:a1:ce:0b:de:ad:01:3f:a1:00:57:e8:9d:
                    20:d7:bb:85:dd:3b:75:cf:9f:90:df:9c:f4:e0:4b:
                    62:1d:ca:fa:ad:b4:c7:e7:2d:76:ab:f6:9a:3f:55:
                    99:0a:7a:d6:3a:f9:8d:17:4c:4b:4a:0a:60:db:96:
                    a1:a1:9d:a8:55:a1:0d:88:37:4b:8c:9c:a2:54:29:
                    cc:36:a3:57:9f:93:a8:18:e5:46:12:08:b4:69:d4:
                    71:9a:68:ec:c7:a8:77:18:b3:e3:60:81:76:30:fd:
                    3c:d4:21:40:cf:4b:1c:f1:2c:3b:51:a9:ff:4c:62:
                    07:63:1b:d2:e6:5c:f4:d6:65:bc:78:1a:7d:e5:90:
                    86:02:40:be:0f:e9:4d:3f:88:40:39:04:fd:d9:b7:
                    bf:35:fd:9b:70:34:2e:48:24:c5:80:31:7f:28:1a:
                    30:3e:1e:29:f3:3a:59:ab:bd:f7:e1:64:9b:6a:29:
                    4e:f9:da:04:05:b4:92:84:3f:00:c8:6b:fe:2c:5b:
                    99:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:36:AE:96:B8:33:B8:80:B3:CB:9D:3D:CE:A3:69:32:56:40:02:62
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203fa97e-bcf4-49c7-9e30-ad3cb5ce755d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:17:a1:33:c2:f1:b2:db:e3:44:9e:03:c0:f5:11:f1:98:be:
         c2:7b:7b:f2:90:05:34:90:f5:2a:27:8a:c2:0c:61:f8:13:3e:
         39:57:f9:8c:3c:23:bc:56:2e:b7:06:a7:ad:73:e9:66:9c:04:
         21:7a:fe:7a:1b:bc:e7:be:34:3b:f1:f0:94:50:fb:58:86:8a:
         33:40:39:e7:f3:44:7a:45:b5:f9:56:0b:80:fe:25:37:fe:f1:
         aa:db:ef:c5:19:cb:dd:5f:13:b1:1f:71:42:2f:22:c2:aa:2b:
         35:3a:ad:2e:bd:15:e8:40:fb:26:b3:91:24:cc:b6:b6:93:5c:
         28:39:7e:44:76:c4:0d:b4:c2:bd:52:ec:b4:93:7d:dc:88:31:
         6c:2c:6e:67:fc:f7:ed:09:24:61:ad:1d:6c:0b:e5:7b:c4:a7:
         f2:a5:a8:b9:13:9c:4f:43:61:e9:13:58:20:39:3a:93:24:19:
         a5:b3:f2:c4:96:4d:12:99:66:76:96:d1:ba:36:ed:c7:5d:e6:
         d4:15:80:94:a3:1a:98:12:3f:c9:bd:26:bb:51:c8:86:28:7b:
         6a:f1:1c:02:e4:90:63:25:85:01:bb:8a:96:ee:6a:61:ce:3d:
         43:4d:af:08:22:5e:51:8b:53:ca:a6:01:c0:f3:91:4e:e3:c3:
         c2:57:6f:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURv8i7Si1aZpD7JkGkwG+OOK3gU8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTEyWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTQ1YmMwODMzNTE1MzExNzhkZTg0YTQyNDQzZTQzYTgy
YWY0MmIzNzQyYTg5NTY0N2VmYmU3Y2NhNzIzM2RmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtl9BmX7UcLunIJI93ABFudGAw8geuUBIHwuoRgm1kh104
iR9DSuEfuRq6sT18JpIlBOqBvxyHeP2Ye+vVgKHOC96tAT+hAFfonSDXu4XdO3XP
n5DfnPTgS2IdyvqttMfnLXar9po/VZkKetY6+Y0XTEtKCmDblqGhnahVoQ2IN0uM
nKJUKcw2o1efk6gY5UYSCLRp1HGaaOzHqHcYs+NggXYw/TzUIUDPSxzxLDtRqf9M
YgdjG9LmXPTWZbx4Gn3lkIYCQL4P6U0/iEA5BP3Zt781/ZtwNC5IJMWAMX8oGjA+
HinzOlmrvffhZJtqKU752gQFtJKEPwDIa/4sW5lVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwjaulrgzuICzy509zqNpMlZAAmIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwM2ZhOTdlLWJjZjQtNDljNy05ZTMwLWFkM2NiNWNlNzU1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYQwDQYJKoZIhvcNAQELBQADggEBAL8XoTPC8bLb40SeA8D1EfGYvsJ7
e/KQBTSQ9SonisIMYfgTPjlX+Yw8I7xWLrcGp61z6WacBCF6/nobvOe+NDvx8JRQ
+1iGijNAOefzRHpFtflWC4D+JTf+8arb78UZy91fE7EfcUIvIsKqKzU6rS69FehA
+yazkSTMtraTXCg5fkR2xA20wr1S7LSTfdyIMWwsbmf89+0JJGGtHWwL5XvEp/Kl
qLkTnE9DYekTWCA5OpMkGaWz8sSWTRKZZnaW0bo27cdd5tQVgJSjGpgSP8m9JrtR
yIYoe2rxHALkkGMlhQG7ipbuamHOPUNNrwgiXlGLU8qmAcDzkU7jw8JXb2s=
-----END CERTIFICATE-----