Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e4d4a7d-c1f7-4655-87ba-3956e2f6bad4.roa
File:                     2e4d4a7d-c1f7-4655-87ba-3956e2f6bad4.roa (raw, json)
Hash identifier:          Udt47nf4dw/HjFZzxWHjv3rSB6eDRRJjHecYrUey0y8=
Subject key identifier:   9D:A1:46:25:97:A4:00:F3:9C:32:44:66:5A:88:17:23:27:C9:79:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41BC6805950215900741C79588D221C847A69387
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e4d4a7d-c1f7-4655-87ba-3956e2f6bad4.roa
Signing time:             Fri 03 Oct 2025 00:01:22 +0000
ROA not before:           Fri 03 Oct 2025 00:01:22 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        104.153.115.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:bc:68:05:95:02:15:90:07:41:c7:95:88:d2:21:c8:47:a6:93:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:01:22 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=4591f78d168c0ef49d81ed705c1aa4db6752ee67149cd896ab991b704e9368a5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:58:4e:f8:2a:17:99:6c:fe:75:71:60:0b:fe:
                    3d:d5:66:d4:f6:07:3e:d9:d1:cd:79:87:22:37:8e:
                    22:79:bd:0e:08:83:bb:b1:c9:e7:06:a9:04:ae:e5:
                    b1:67:8e:a3:07:08:4b:09:d8:94:06:4c:59:0e:43:
                    dc:b5:1f:fd:6b:d9:7d:36:9c:72:3a:c6:12:6c:a8:
                    92:a3:6c:d2:93:ff:e0:b4:21:f5:58:43:43:79:01:
                    66:79:36:61:c8:cc:06:8d:57:e4:d8:fc:c2:9c:99:
                    60:5f:54:80:ed:65:d8:bb:c5:cd:a0:53:df:54:17:
                    fe:e7:f9:13:e4:d5:7b:35:b9:46:c5:2a:26:e5:74:
                    be:f1:3b:4d:50:08:05:45:00:a0:c6:38:45:2b:39:
                    1f:73:6d:af:ae:e7:dd:7f:99:47:b2:88:15:bc:e4:
                    e4:5b:4d:eb:dd:be:52:b5:f4:73:38:66:ea:93:e7:
                    a2:0a:0f:4c:6b:cf:5d:ba:74:0e:f3:b9:9e:93:ce:
                    38:20:e6:37:b7:0c:03:8e:c6:49:46:a8:21:82:94:
                    26:3d:3f:56:74:11:bb:0c:c9:4f:7c:8a:6e:1e:0f:
                    e7:38:dc:fc:40:83:5c:16:37:16:88:5a:38:9d:46:
                    62:aa:0a:54:b3:d3:21:68:41:5a:c2:b9:66:2f:fb:
                    cb:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:A1:46:25:97:A4:00:F3:9C:32:44:66:5A:88:17:23:27:C9:79:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e4d4a7d-c1f7-4655-87ba-3956e2f6bad4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.153.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:62:bf:1c:ba:9c:97:16:d9:94:d9:0b:78:cf:55:67:92:24:
         94:57:a4:8e:6f:80:ea:00:e6:f0:2c:c4:ad:39:3f:99:cb:fe:
         33:35:85:be:87:f2:e1:6e:3d:dd:34:44:7d:7f:b1:6f:34:36:
         76:16:1a:da:aa:ef:33:54:4b:66:ce:ca:a2:80:b3:54:0c:9a:
         b5:fd:3e:af:8d:c2:be:74:50:8c:1e:a5:ac:44:cc:03:d2:47:
         53:52:82:28:84:7a:37:16:c1:2b:85:70:bb:07:2c:07:28:9a:
         14:ff:53:c7:c3:52:8e:1d:68:54:96:93:b9:f8:17:1d:df:af:
         8f:08:87:00:96:c7:4c:72:8f:05:3e:80:03:c2:be:e3:cc:f0:
         54:1b:5c:82:18:c1:c0:31:d5:db:50:cc:3b:14:fb:a6:bb:87:
         f5:c9:c0:2f:e9:13:d8:f3:64:8c:c3:f1:1d:7f:1e:42:fb:20:
         b9:45:a6:ae:f5:8d:53:bf:25:ec:c0:84:0a:98:9a:e5:78:4f:
         60:1c:ec:a5:83:54:39:44:5c:33:84:e1:99:42:2c:c3:8a:71:
         66:2f:b3:be:be:ad:49:88:03:b4:98:2d:e0:e7:95:79:49:98:
         e4:dd:65:13:ab:3b:4f:40:c3:3f:eb:05:94:ff:e0:71:3d:cd:
         58:54:a9:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQbxoBZUCFZAHQceViNIhyEemk4cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAwMTIyWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTkxZjc4ZDE2OGMwZWY0OWQ4MWVkNzA1YzFhYTRkYjY3
NTJlZTY3MTQ5Y2Q4OTZhYjk5MWI3MDRlOTM2OGE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9WE74KheZbP51cWAL/j3VZtT2Bz7Z0c15hyI3jiJ5vQ4I
g7uxyecGqQSu5bFnjqMHCEsJ2JQGTFkOQ9y1H/1r2X02nHI6xhJsqJKjbNKT/+C0
IfVYQ0N5AWZ5NmHIzAaNV+TY/MKcmWBfVIDtZdi7xc2gU99UF/7n+RPk1Xs1uUbF
KibldL7xO01QCAVFAKDGOEUrOR9zba+u591/mUeyiBW85ORbTevdvlK19HM4ZuqT
56IKD0xrz126dA7zuZ6Tzjgg5je3DAOOxklGqCGClCY9P1Z0EbsMyU98im4eD+c4
3PxAg1wWNxaIWjidRmKqClSz0yFoQVrCuWYv+8tTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnaFGJZekAPOcMkRmWogXIyfJeaswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJlNGQ0YTdkLWMxZjctNDY1NS04N2JhLTM5NTZlMmY2YmFkNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXMwDQYJKoZIhvcNAQELBQADggEBAH5ivxy6nJcW2ZTZC3jPVWeSJJRX
pI5vgOoA5vAsxK05P5nL/jM1hb6H8uFuPd00RH1/sW80NnYWGtqq7zNUS2bOyqKA
s1QMmrX9Pq+Nwr50UIwepaxEzAPSR1NSgiiEejcWwSuFcLsHLAcomhT/U8fDUo4d
aFSWk7n4Fx3fr48IhwCWx0xyjwU+gAPCvuPM8FQbXIIYwcAx1dtQzDsU+6a7h/XJ
wC/pE9jzZIzD8R1/HkL7ILlFpq71jVO/JezAhAqYmuV4T2Ac7KWDVDlEXDOE4ZlC
LMOKcWYvs76+rUmIA7SYLeDnlXlJmOTdZROrO09Awz/rBZT/4HE9zVhUqSM=
-----END CERTIFICATE-----