Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30c76e3f-40c4-4c53-be40-2732ffa9f975.roa
File:                     30c76e3f-40c4-4c53-be40-2732ffa9f975.roa (raw, json)
Hash identifier:          eLYc9vVnMfNzf4Ac/rEjbsoGKcY2fXB+i7iMNDab3To=
Subject key identifier:   58:78:31:FF:AA:F0:37:6A:8B:18:11:37:73:E4:98:DF:3A:06:29:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73594E86B285E7F4E174AE3E67BC5E5A4AEA65FB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30c76e3f-40c4-4c53-be40-2732ffa9f975.roa
Signing time:             Tue 14 Oct 2025 17:52:00 +0000
ROA not before:           Tue 14 Oct 2025 17:52:00 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        71.152.50.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:59:4e:86:b2:85:e7:f4:e1:74:ae:3e:67:bc:5e:5a:4a:ea:65:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 17:52:00 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=e68d46d3c4696293aed489a3c98745af70f29a8dc83b6a5f3846e43a65de4c4a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e4:80:49:1d:be:13:04:75:c5:ce:02:6d:2d:
                    0c:47:af:0d:d6:06:ec:1d:2b:20:30:9b:a5:a5:76:
                    8e:ca:74:1a:71:44:98:c0:14:3b:d3:dd:bc:ff:e4:
                    29:22:79:42:f6:88:a3:96:0f:a4:99:ed:07:90:fb:
                    cb:77:5f:26:0a:c5:29:d2:96:b6:20:68:94:f4:16:
                    a3:27:f8:3c:2e:98:68:04:72:86:9d:43:21:71:4d:
                    64:bc:e3:78:af:da:7d:4c:a0:42:22:b0:5b:a2:e3:
                    e6:50:8e:b6:68:5e:d1:43:07:b4:a7:3b:88:be:13:
                    8e:00:c4:9f:95:6e:95:95:67:de:c3:66:53:cf:09:
                    ac:3e:8d:8c:4e:2d:7e:78:fe:de:fa:ea:88:11:ba:
                    5a:02:f5:ac:f6:f0:ac:60:53:d5:4c:a0:94:67:7a:
                    81:9f:f8:57:11:e1:d3:50:6a:c1:07:ba:65:3f:6f:
                    56:b0:22:8c:2c:1f:2e:98:3f:e4:5c:0e:7e:d9:32:
                    6d:b7:b9:ef:ab:99:c7:8d:dc:0b:11:67:64:28:d3:
                    be:8e:0f:d2:79:ab:86:cc:cd:1d:62:97:dd:99:6e:
                    fd:83:c1:2b:15:e1:19:a6:c5:f1:26:3c:91:ad:cd:
                    9a:96:e3:ba:bc:66:38:d0:2c:46:80:43:88:32:3f:
                    c6:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:78:31:FF:AA:F0:37:6A:8B:18:11:37:73:E4:98:DF:3A:06:29:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30c76e3f-40c4-4c53-be40-2732ffa9f975.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  71.152.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:01:1e:a1:98:27:98:ee:49:74:29:57:36:d8:87:30:12:8c:
         96:d0:39:e5:fd:45:a5:a0:64:d1:20:7f:7f:64:22:f3:1e:4a:
         0f:70:75:14:81:8e:11:1a:be:97:06:93:36:5a:07:ec:b0:92:
         07:51:9e:a8:01:4d:ec:1b:1e:b4:4c:7c:7b:05:b4:af:7e:b8:
         f8:1f:14:3d:f6:6a:44:59:ec:fc:9c:09:2b:ef:da:11:f9:1a:
         43:8a:c4:11:71:81:45:9d:72:88:0f:2b:3b:57:42:c3:55:5c:
         1c:f1:d5:eb:fa:5a:81:66:2d:9e:c2:32:78:b1:67:6e:d8:90:
         58:c1:97:c0:5f:6c:a4:56:af:96:ab:6a:a9:b7:a8:f7:b2:48:
         fd:ee:47:7c:95:60:30:e4:11:e5:00:ab:27:0f:6c:1e:c4:55:
         cc:55:85:79:1f:87:f0:35:62:a1:15:ae:0b:2c:22:cd:14:6c:
         69:de:26:b4:2a:08:2a:8a:4d:53:22:a3:ab:44:56:48:2b:32:
         31:3c:8d:31:34:22:ff:54:66:b9:65:7b:eb:91:3c:20:f1:4a:
         a0:fd:72:39:0d:6e:f6:fe:c4:21:65:4d:5a:c0:d0:ef:27:46:
         60:24:b5:e7:77:12:4e:79:dd:25:6c:96:29:94:7b:77:12:61:
         82:9e:39:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc1lOhrKF5/ThdK4+Z7xeWkrqZfswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTc1MjAwWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjhkNDZkM2M0Njk2MjkzYWVkNDg5YTNjOTg3NDVhZjcw
ZjI5YThkYzgzYjZhNWYzODQ2ZTQzYTY1ZGU0YzRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC25IBJHb4TBHXFzgJtLQxHrw3WBuwdKyAwm6Wldo7KdBpx
RJjAFDvT3bz/5CkieUL2iKOWD6SZ7QeQ+8t3XyYKxSnSlrYgaJT0FqMn+DwumGgE
coadQyFxTWS843iv2n1MoEIisFui4+ZQjrZoXtFDB7SnO4i+E44AxJ+VbpWVZ97D
ZlPPCaw+jYxOLX54/t766ogRuloC9az28KxgU9VMoJRneoGf+FcR4dNQasEHumU/
b1awIowsHy6YP+RcDn7ZMm23ue+rmceN3AsRZ2Qo076OD9J5q4bMzR1il92Zbv2D
wSsV4RmmxfEmPJGtzZqW47q8ZjjQLEaAQ4gyP8bJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWHgx/6rwN2qLGBE3c+SY3zoGKWcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwYzc2ZTNmLTQwYzQtNGM1My1iZTQwLTI3MzJmZmE5Zjk3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABHmDIwDQYJKoZIhvcNAQELBQADggEBAEkBHqGYJ5juSXQpVzbYhzASjJbQ
OeX9RaWgZNEgf39kIvMeSg9wdRSBjhEavpcGkzZaB+ywkgdRnqgBTewbHrRMfHsF
tK9+uPgfFD32akRZ7PycCSvv2hH5GkOKxBFxgUWdcogPKztXQsNVXBzx1ev6WoFm
LZ7CMnixZ27YkFjBl8BfbKRWr5araqm3qPeySP3uR3yVYDDkEeUAqycPbB7EVcxV
hXkfh/A1YqEVrgssIs0UbGneJrQqCCqKTVMio6tEVkgrMjE8jTE0Iv9UZrlle+uR
PCDxSqD9cjkNbvb+xCFlTVrA0O8nRmAkted3Ek553SVslimUe3cSYYKeOdc=
-----END CERTIFICATE-----