Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa
File:                     27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa (raw, json)
Hash identifier:          ayJtl90XApKwEl8yqJ7Bl/uQ5nTtOJMI7AcqYR33cuI=
Subject key identifier:   20:DF:B0:84:8E:FF:E4:1B:E7:C7:D8:DD:1E:15:9E:BC:F4:FB:7B:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5764957656184F0EB2BEB4B378A6BE14DFF69346
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa
Signing time:             Mon 06 Oct 2025 16:21:15 +0000
ROA not before:           Mon 06 Oct 2025 16:21:15 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        5.174.112.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:64:95:76:56:18:4f:0e:b2:be:b4:b3:78:a6:be:14:df:f6:93:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:21:15 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=e6eb356ade7fe9370a25e1278b003a8edc57e24da7574c0d544f7801a0cc9761, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:03:3c:5c:c4:ee:15:82:21:2f:da:21:19:0c:
                    cf:f6:65:4c:5f:b2:0a:7d:27:9e:a8:86:6e:53:d3:
                    44:a6:36:65:c1:94:e0:ce:0b:b6:4c:b5:4e:05:f7:
                    f3:19:61:12:7a:2f:be:1f:54:a3:18:7e:fc:82:4a:
                    fd:84:d7:04:cd:0b:0c:68:66:43:7a:65:20:ba:e6:
                    a6:e0:27:ce:00:4d:86:66:70:cf:a3:f9:2c:cf:96:
                    4b:13:8c:a2:bb:e0:07:7b:cb:4c:74:54:d6:9d:35:
                    8c:4e:d3:76:3f:04:39:83:14:69:24:9c:39:41:c8:
                    50:06:20:f6:2e:81:ec:4c:a6:4d:cb:2f:3e:18:3a:
                    26:f3:f2:50:1a:38:26:20:08:31:b1:1b:55:4c:b4:
                    95:0f:33:98:c9:ea:d8:75:20:b5:d0:05:1c:87:b6:
                    56:ce:e9:82:24:2c:0d:39:2c:4c:10:df:21:db:f7:
                    12:d3:0b:74:50:7f:55:5a:01:87:08:ce:1c:c4:99:
                    0d:58:96:64:07:5f:88:49:b0:21:94:60:13:45:e3:
                    b9:02:9d:a1:3a:01:42:eb:a1:4c:cd:42:50:1b:6b:
                    94:e7:71:ed:c0:3c:7a:b2:ac:69:7c:a7:79:74:a0:
                    56:55:ba:0f:b9:14:28:f3:8c:f6:10:19:25:b8:35:
                    10:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DF:B0:84:8E:FF:E4:1B:E7:C7:D8:DD:1E:15:9E:BC:F4:FB:7B:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.174.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b1:36:b8:5a:40:65:47:df:95:28:54:66:c0:50:5d:b3:b5:8f:
         b9:27:a8:dd:4f:ed:fe:46:15:31:39:a4:c8:54:36:55:c9:da:
         7e:8c:cb:30:ab:53:1a:6e:ce:8e:16:9f:9e:14:59:7e:3b:59:
         e7:5b:ff:f0:10:ea:68:7a:f7:30:9d:cc:6d:61:2c:cb:b3:93:
         c0:b5:7d:69:69:15:be:5b:8b:4f:35:6d:87:f4:8c:84:37:1f:
         b2:c7:08:40:ed:f7:db:43:f7:da:e3:e4:44:92:5f:86:3d:c6:
         13:e9:aa:be:2b:34:37:d8:ef:84:76:7c:a8:81:92:0e:d2:3e:
         49:5f:e7:27:e9:f9:40:e2:a2:78:74:f9:76:aa:f7:bd:1c:34:
         a8:0f:4f:0b:7b:ca:05:99:ab:81:3a:a4:aa:1d:06:25:bb:58:
         ad:ec:83:a3:46:53:3e:24:b8:9f:de:84:e8:72:7e:89:23:8e:
         9c:6b:cc:4e:f6:78:d8:3f:88:99:35:71:f1:e6:82:11:df:77:
         d7:f4:b6:6d:f3:5f:db:91:88:96:4f:30:40:57:bb:b4:49:57:
         14:d7:a6:05:e2:f9:90:96:5f:c2:2b:8d:39:39:1c:83:42:98:
         1d:c0:11:9f:03:10:a8:4d:0e:af:ad:a7:38:29:1c:85:74:63:
         a2:53:de:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV2SVdlYYTw6yvrSzeKa+FN/2k0YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYyMTE1WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNmViMzU2YWRlN2ZlOTM3MGEyNWUxMjc4YjAwM2E4ZWRj
NTdlMjRkYTc1NzRjMGQ1NDRmNzgwMWEwY2M5NzYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAAzxcxO4VgiEv2iEZDM/2ZUxfsgp9J56ohm5T00SmNmXB
lODOC7ZMtU4F9/MZYRJ6L74fVKMYfvyCSv2E1wTNCwxoZkN6ZSC65qbgJ84ATYZm
cM+j+SzPlksTjKK74Ad7y0x0VNadNYxO03Y/BDmDFGkknDlByFAGIPYugexMpk3L
Lz4YOibz8lAaOCYgCDGxG1VMtJUPM5jJ6th1ILXQBRyHtlbO6YIkLA05LEwQ3yHb
9xLTC3RQf1VaAYcIzhzEmQ1YlmQHX4hJsCGUYBNF47kCnaE6AULroUzNQlAba5Tn
ce3APHqyrGl8p3l0oFZVug+5FCjzjPYQGSW4NRDDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIN+whI7/5Bvnx9jdHhWevPT7ey8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3Zjc3ODFmLWRiYzUtNGM0MC05NzFmLTU3NTFlMWVhMzViMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQFrnAwDQYJKoZIhvcNAQELBQADggEBALE2uFpAZUfflShUZsBQXbO1j7kn
qN1P7f5GFTE5pMhUNlXJ2n6MyzCrUxpuzo4Wn54UWX47Wedb//AQ6mh69zCdzG1h
LMuzk8C1fWlpFb5bi081bYf0jIQ3H7LHCEDt99tD99rj5ESSX4Y9xhPpqr4rNDfY
74R2fKiBkg7SPklf5yfp+UDionh0+Xaq970cNKgPTwt7ygWZq4E6pKodBiW7WK3s
g6NGUz4kuJ/ehOhyfokjjpxrzE72eNg/iJk1cfHmghHfd9f0tm3zX9uRiJZPMEBX
u7RJVxTXpgXi+ZCWX8IrjTk5HINCmB3AEZ8DEKhNDq+tpzgpHIV0Y6JT3jg=
-----END CERTIFICATE-----