Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2468224a-586c-4b15-b2f7-6aab1f7b768d.roa
File:                     2468224a-586c-4b15-b2f7-6aab1f7b768d.roa (raw, json)
Hash identifier:          LeQAB418EkvFwgBnqWj8sh999EETq3Pl4tjwndM87zQ=
Subject key identifier:   A1:39:61:EB:C4:40:7A:DF:09:20:DE:43:0B:BF:7B:05:D7:93:22:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       293F8D48FD37C85E34A7B21BB429745E872899BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2468224a-586c-4b15-b2f7-6aab1f7b768d.roa
Signing time:             Fri 26 Sep 2025 00:13:36 +0000
ROA not before:           Fri 26 Sep 2025 00:13:36 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.74.96.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:3f:8d:48:fd:37:c8:5e:34:a7:b2:1b:b4:29:74:5e:87:28:99:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:13:36 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=e44c17a72983633a4254af996874781b94cbfb3d56a12f67a541d5b96e766b06, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:45:19:08:13:20:2d:f6:8a:4b:d1:23:af:e8:
                    e7:f4:b3:c7:8d:6d:b7:13:3a:0d:ff:11:a1:09:0f:
                    65:1e:1a:78:4e:35:bd:52:91:63:b8:a2:08:0b:bc:
                    8c:3e:be:6b:2d:c7:72:21:c4:1a:1e:59:6c:78:57:
                    c7:de:86:33:87:e4:73:c7:b3:bb:6e:b2:5f:1e:f2:
                    86:9a:06:10:15:59:c8:e3:80:fb:0e:ee:c3:95:fa:
                    99:96:69:57:ea:ee:0e:98:25:b1:df:dd:76:b6:25:
                    20:db:e2:da:30:76:de:ae:89:8f:0c:3b:99:5e:a4:
                    8f:41:a6:63:53:76:4f:5b:31:5e:fa:1e:9a:22:28:
                    c9:7a:c0:f4:3a:76:6d:8f:3a:45:86:c3:3c:43:4e:
                    a7:e7:ee:90:ea:6f:1a:80:50:03:99:8a:07:8b:75:
                    b0:c0:b1:77:83:ab:44:98:ca:7f:a0:aa:92:e4:c0:
                    d1:09:2b:21:e9:53:b0:00:7f:92:42:00:70:b1:31:
                    0a:7e:9d:4b:35:43:c5:7e:e7:09:84:20:32:aa:62:
                    af:a4:9d:c5:a5:44:c3:bc:f7:a6:57:2f:a8:48:d6:
                    3e:1e:1c:e5:39:3a:ba:c5:c4:20:1f:6c:66:9e:8e:
                    3f:40:22:b3:1b:f8:ef:a1:dd:06:9d:5e:54:76:8f:
                    33:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:39:61:EB:C4:40:7A:DF:09:20:DE:43:0B:BF:7B:05:D7:93:22:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2468224a-586c-4b15-b2f7-6aab1f7b768d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.74.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5c:cf:51:eb:22:75:3e:42:85:80:d8:3e:36:f8:d7:32:19:ee:
         1e:86:09:0b:22:b5:7f:46:de:43:59:6b:22:82:8c:f8:60:ea:
         99:2f:bc:ab:f9:f4:cc:5a:7d:21:3f:2b:fa:6f:f3:85:d2:c8:
         e2:04:52:23:50:82:ea:97:a6:fe:c7:81:24:ad:0d:07:f8:93:
         89:63:ab:1f:ee:f7:6c:97:f1:fa:a6:82:1b:51:16:3d:30:ad:
         c4:cf:27:57:d3:35:75:df:f9:f5:51:58:c9:c8:e6:e7:64:3c:
         f2:4a:87:b4:00:6c:b7:12:f5:ed:e5:28:86:e8:fc:cd:88:88:
         6f:9e:1e:2d:29:5c:9d:0d:c9:ec:50:c5:51:b2:bd:8a:c5:a4:
         32:6f:e2:77:61:9e:8e:60:5c:05:f1:75:15:e0:0a:82:80:1b:
         e2:88:39:1b:89:55:57:66:1f:38:cf:fa:45:41:62:7d:29:ef:
         85:12:53:d2:43:74:d6:ce:76:26:eb:23:5a:05:8d:44:07:bb:
         0f:9a:eb:9e:91:5f:3b:e4:aa:3f:e5:ac:a9:24:3a:62:75:ae:
         75:5d:86:76:7a:af:22:fd:ad:94:26:45:f2:80:6d:63:85:95:
         bd:91:37:bb:48:96:c2:a7:11:56:56:e0:16:bb:69:87:a4:dc:
         46:01:ea:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKT+NSP03yF40p7IbtCl0XocombowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAxMzM2WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNDRjMTdhNzI5ODM2MzNhNDI1NGFmOTk2ODc0NzgxYjk0
Y2JmYjNkNTZhMTJmNjdhNTQxZDViOTZlNzY2YjA2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDERRkIEyAt9opL0SOv6Of0s8eNbbcTOg3/EaEJD2UeGnhO
Nb1SkWO4oggLvIw+vmstx3IhxBoeWWx4V8fehjOH5HPHs7tusl8e8oaaBhAVWcjj
gPsO7sOV+pmWaVfq7g6YJbHf3Xa2JSDb4towdt6uiY8MO5lepI9BpmNTdk9bMV76
HpoiKMl6wPQ6dm2POkWGwzxDTqfn7pDqbxqAUAOZigeLdbDAsXeDq0SYyn+gqpLk
wNEJKyHpU7AAf5JCAHCxMQp+nUs1Q8V+5wmEIDKqYq+kncWlRMO896ZXL6hI1j4e
HOU5OrrFxCAfbGaejj9AIrMb+O+h3QadXlR2jzNLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoTlh68RAet8JIN5DC797BdeTIiMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0NjgyMjRhLTU4NmMtNGIxNS1iMmY3LTZhYWIxZjdiNzY4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXGSmAwDQYJKoZIhvcNAQELBQADggEBAFzPUesidT5ChYDYPjb41zIZ7h6G
CQsitX9G3kNZayKCjPhg6pkvvKv59MxafSE/K/pv84XSyOIEUiNQguqXpv7HgSSt
DQf4k4ljqx/u92yX8fqmghtRFj0wrcTPJ1fTNXXf+fVRWMnI5udkPPJKh7QAbLcS
9e3lKIbo/M2IiG+eHi0pXJ0NyexQxVGyvYrFpDJv4ndhno5gXAXxdRXgCoKAG+KI
ORuJVVdmHzjP+kVBYn0p74USU9JDdNbOdibrI1oFjUQHuw+a656RXzvkqj/lrKkk
OmJ1rnVdhnZ6ryL9rZQmRfKAbWOFlb2RN7tIlsKnEVZW4Ba7aYek3EYB6og=
-----END CERTIFICATE-----