Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2430bb70-fa76-4b0a-8657-71906d79b7e5.roa
File:                     2430bb70-fa76-4b0a-8657-71906d79b7e5.roa (raw, json)
Hash identifier:          +Len99DqtBTl3jXMVbM0Diy8anGWAzmzOmaB9KMu8lY=
Subject key identifier:   6C:55:67:18:EC:3A:AE:A3:7F:E2:D9:89:A8:28:DA:54:CC:43:1A:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       434EFF8A6A89CB2DA5C0B45FBFE38E7A69E47A6E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2430bb70-fa76-4b0a-8657-71906d79b7e5.roa
Signing time:             Fri 26 Sep 2025 00:12:14 +0000
ROA not before:           Fri 26 Sep 2025 00:12:14 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        139.73.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:4e:ff:8a:6a:89:cb:2d:a5:c0:b4:5f:bf:e3:8e:7a:69:e4:7a:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:12:14 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=628ea27a0d410773e6c3dcb252c0ad112ade756973dd4c47c979a36fdd1f5f83, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:85:7a:d9:78:87:0d:ac:77:3c:77:8f:a2:dc:
                    85:1d:ff:b6:6d:18:c2:76:0e:c1:85:7e:84:13:84:
                    15:76:c1:03:8b:6f:15:57:cd:67:b8:2f:0b:90:13:
                    7d:e8:82:d3:3d:6e:dc:dc:e5:1d:21:4f:95:69:02:
                    3c:22:d6:5b:59:82:4b:d1:ba:92:0d:01:62:a4:4c:
                    34:ef:5a:3a:25:cf:a9:87:26:83:ff:11:8e:bb:55:
                    34:85:62:d1:62:c7:20:0d:17:7a:6a:3d:e9:5a:1a:
                    17:a7:f8:82:9b:44:b3:20:e1:0e:85:33:6a:14:f8:
                    9a:17:ad:b5:ab:cc:e3:ef:f4:a1:c4:42:6d:b8:4a:
                    7a:76:17:69:b8:a8:68:0b:9d:bd:27:19:a2:93:a3:
                    cd:bf:0a:36:3a:5e:66:b8:24:17:42:5f:24:2b:47:
                    6e:a6:54:0b:97:63:83:bc:93:c1:a7:b0:d1:d5:24:
                    54:19:f9:6b:67:91:70:b1:c6:a4:17:36:c6:06:36:
                    b0:6f:19:ff:fc:95:c4:b1:1c:4b:c3:c3:a0:ac:a5:
                    bc:c8:7a:dc:2b:5f:39:3e:1c:2a:55:eb:61:a6:12:
                    c5:e7:87:b7:3e:d3:3e:a6:4c:45:7e:6d:3a:20:0f:
                    75:60:12:7c:0b:d9:4c:67:89:ae:2b:02:f5:f9:63:
                    a4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:55:67:18:EC:3A:AE:A3:7F:E2:D9:89:A8:28:DA:54:CC:43:1A:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2430bb70-fa76-4b0a-8657-71906d79b7e5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ad:ba:21:7c:32:d8:d1:40:9c:c1:a5:f6:b4:cd:7a:44:17:b1:
         4c:40:5d:7c:74:6e:25:2f:9e:1f:a6:21:b3:68:0b:b3:6e:1e:
         34:3b:10:2f:ff:f8:d7:6a:9a:d1:f0:d5:6a:c4:89:99:6e:2c:
         3f:70:34:f3:48:45:93:26:73:b8:9d:e5:6f:9b:bb:e7:83:df:
         8e:51:0e:94:8d:b9:b8:63:e0:1a:02:52:5e:33:26:a7:35:24:
         40:f6:c8:c8:d6:4a:a5:71:ff:f6:9d:d9:71:8b:89:80:16:05:
         9b:bf:e4:e2:a1:87:3f:14:94:ac:2c:03:34:9d:90:3d:1f:f0:
         46:21:ff:02:90:09:07:49:c4:53:17:ec:79:fc:8f:a7:fc:52:
         c0:14:e3:ae:fd:c6:d6:bb:6c:12:e6:28:ff:8f:2f:27:6c:c6:
         62:d8:87:b6:47:db:09:aa:87:b1:b9:e6:b6:e4:ad:d6:1d:cf:
         2c:d8:be:f6:c2:d7:58:8b:08:ce:66:73:e8:d8:4d:7e:0d:83:
         d5:52:d2:c9:8d:56:96:49:1f:72:95:97:e9:10:ef:5c:d3:81:
         bd:04:f6:a8:22:0b:22:42:cb:09:3a:51:b8:28:90:92:5e:fb:
         69:54:b9:ca:50:7f:6a:08:30:1d:bf:6c:6e:1b:9c:6b:ef:32:
         bb:30:87:3b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQ07/imqJyy2lwLRfv+OOemnkem4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAxMjE0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MjhlYTI3YTBkNDEwNzczZTZjM2RjYjI1MmMwYWQxMTJh
ZGU3NTY5NzNkZDRjNDdjOTc5YTM2ZmRkMWY1ZjgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+hXrZeIcNrHc8d4+i3IUd/7ZtGMJ2DsGFfoQThBV2wQOL
bxVXzWe4LwuQE33ogtM9btzc5R0hT5VpAjwi1ltZgkvRupINAWKkTDTvWjolz6mH
JoP/EY67VTSFYtFixyANF3pqPelaGhen+IKbRLMg4Q6FM2oU+JoXrbWrzOPv9KHE
Qm24Snp2F2m4qGgLnb0nGaKTo82/CjY6Xma4JBdCXyQrR26mVAuXY4O8k8GnsNHV
JFQZ+WtnkXCxxqQXNsYGNrBvGf/8lcSxHEvDw6CspbzIetwrXzk+HCpV62GmEsXn
h7c+0z6mTEV+bTogD3VgEnwL2Uxnia4rAvX5Y6QJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbFVnGOw6rqN/4tmJqCjaVMxDGu0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0MzBiYjcwLWZhNzYtNGIwYS04NjU3LTcxOTA2ZDc5YjdlNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCLSTANBgkqhkiG9w0BAQsFAAOCAQEArbohfDLY0UCcwaX2tM16RBexTEBd
fHRuJS+eH6Yhs2gLs24eNDsQL//412qa0fDVasSJmW4sP3A080hFkyZzuJ3lb5u7
54PfjlEOlI25uGPgGgJSXjMmpzUkQPbIyNZKpXH/9p3ZcYuJgBYFm7/k4qGHPxSU
rCwDNJ2QPR/wRiH/ApAJB0nEUxfsefyPp/xSwBTjrv3G1rtsEuYo/48vJ2zGYtiH
tkfbCaqHsbnmtuSt1h3PLNi+9sLXWIsIzmZz6NhNfg2D1VLSyY1WlkkfcpWX6RDv
XNOBvQT2qCILIkLLCTpRuCiQkl77aVS5ylB/aggwHb9sbhuca+8yuzCHOw==
-----END CERTIFICATE-----