Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/359d868f-0289-4071-ad8a-da34c89bd4a9.roa
File:                     359d868f-0289-4071-ad8a-da34c89bd4a9.roa (raw, json)
Hash identifier:          SWblZmFTR/EBzeG8AYrwDATu4vGED2cj32f0dgcr2JE=
Subject key identifier:   F3:7C:87:75:BE:C9:D1:36:65:62:08:33:A0:41:D6:39:AA:2A:AA:80
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1AE31563947EDF50A029283947842AC98D13FC27
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/359d868f-0289-4071-ad8a-da34c89bd4a9.roa
Signing time:             Mon 06 Oct 2025 16:38:26 +0000
ROA not before:           Mon 06 Oct 2025 16:38:26 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.19.64.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:e3:15:63:94:7e:df:50:a0:29:28:39:47:84:2a:c9:8d:13:fc:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:38:26 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=4566d1a0009d510c66c619274308e868dc292834286c69d8615b4f2940d6dd1a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ec:76:b1:6c:25:d6:4f:2b:c7:37:58:d3:4f:
                    ec:1b:5e:f9:03:11:20:b2:f3:3c:c2:ff:38:c0:0b:
                    db:d3:47:78:5e:43:53:bf:91:22:63:81:a9:b1:3a:
                    3e:46:68:f8:fc:99:ee:4e:77:3b:63:92:ab:ef:0a:
                    6e:20:02:cb:64:84:bb:cc:6a:55:e5:9d:8d:b0:5d:
                    83:d3:38:56:dd:88:ad:81:62:73:08:67:8f:53:ed:
                    29:8b:f9:3e:e6:ff:17:22:8d:62:fd:07:55:1b:f0:
                    fe:a5:86:9d:fe:82:81:20:92:db:fa:9d:fa:b8:62:
                    35:b8:55:57:09:f9:10:d5:ad:1f:b9:da:18:a7:e1:
                    73:62:ab:43:ac:7f:38:fb:03:0a:c4:43:0a:32:11:
                    fe:28:67:92:37:9e:f4:78:5f:41:62:12:41:29:e9:
                    5d:1f:52:32:24:80:4b:ff:87:e5:87:45:e3:6f:a4:
                    86:15:9f:f7:e7:a8:c8:d4:37:6c:80:2d:8f:e2:f5:
                    b9:81:ed:f7:bd:9d:24:33:15:ac:25:66:0b:af:78:
                    44:54:dd:97:87:a0:02:5e:a4:8f:4e:8f:e6:2f:bc:
                    98:2b:4e:df:3f:35:4a:e7:39:d8:53:38:1b:58:27:
                    48:91:32:77:7f:24:02:ed:90:1e:79:8b:6c:3b:21:
                    a0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:7C:87:75:BE:C9:D1:36:65:62:08:33:A0:41:D6:39:AA:2A:AA:80
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/359d868f-0289-4071-ad8a-da34c89bd4a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.19.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         97:4c:7f:ef:41:7d:8c:a6:82:7d:b4:00:84:e3:3e:5f:bd:5b:
         87:45:11:3f:e5:11:f7:0e:ea:6c:dd:1c:81:0f:2b:76:8e:95:
         bc:5b:3e:70:c5:d6:b6:41:0f:12:ba:7d:db:69:99:94:cf:07:
         1a:fa:cb:29:8e:e7:13:c5:0d:f2:9d:ee:56:48:2d:1c:61:15:
         c2:2b:7b:84:6f:0a:e9:75:1f:80:fe:4a:6d:d7:f4:fe:49:ae:
         3f:44:06:58:a9:9a:e5:ef:7a:7a:9a:32:ba:68:4e:fe:17:82:
         88:38:81:a1:e7:8b:0e:7f:7d:01:57:c6:8a:4b:3f:8a:b6:ef:
         ce:a3:f6:92:98:72:28:4a:93:25:31:4a:ae:e8:ba:98:66:fe:
         4d:cd:de:b5:60:82:62:42:03:ca:7c:c9:5c:21:42:4e:35:e3:
         b6:05:a2:a6:ea:74:01:d3:3a:cb:83:d9:44:0b:09:2b:5b:63:
         32:81:21:1a:a1:08:84:89:e9:a6:0e:40:0d:3f:65:73:4b:25:
         9a:bf:89:83:7d:cd:e7:e9:52:a2:cd:31:17:6b:4b:9b:4e:99:
         70:b0:1a:4d:45:87:ed:3b:ab:0c:8d:ed:9e:e3:b3:68:0a:78:
         f4:27:53:29:1c:33:11:d4:bf:1f:02:d6:90:b5:49:49:23:cc:
         0f:fd:59:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGuMVY5R+31CgKSg5R4QqyY0T/CcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYzODI2WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTY2ZDFhMDAwOWQ1MTBjNjZjNjE5Mjc0MzA4ZTg2OGRj
MjkyODM0Mjg2YzY5ZDg2MTViNGYyOTQwZDZkZDFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCw7HaxbCXWTyvHN1jTT+wbXvkDESCy8zzC/zjAC9vTR3he
Q1O/kSJjgamxOj5GaPj8me5OdztjkqvvCm4gAstkhLvMalXlnY2wXYPTOFbdiK2B
YnMIZ49T7SmL+T7m/xcijWL9B1Ub8P6lhp3+goEgktv6nfq4YjW4VVcJ+RDVrR+5
2hin4XNiq0Osfzj7AwrEQwoyEf4oZ5I3nvR4X0FiEkEp6V0fUjIkgEv/h+WHReNv
pIYVn/fnqMjUN2yALY/i9bmB7fe9nSQzFawlZguveERU3ZeHoAJepI9Oj+YvvJgr
Tt8/NUrnOdhTOBtYJ0iRMnd/JALtkB55i2w7IaBPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU83yHdb7J0TZlYggzoEHWOaoqqoAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1OWQ4NjhmLTAyODktNDA3MS1hZDhhLWRhMzRjODliZDRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyE0AwDQYJKoZIhvcNAQELBQADggEBAJdMf+9BfYymgn20AITjPl+9W4dF
ET/lEfcO6mzdHIEPK3aOlbxbPnDF1rZBDxK6fdtpmZTPBxr6yymO5xPFDfKd7lZI
LRxhFcIre4RvCul1H4D+Sm3X9P5Jrj9EBlipmuXvenqaMrpoTv4Xgog4gaHniw5/
fQFXxopLP4q2786j9pKYcihKkyUxSq7ouphm/k3N3rVggmJCA8p8yVwhQk4147YF
oqbqdAHTOsuD2UQLCStbYzKBIRqhCISJ6aYOQA0/ZXNLJZq/iYN9zefpUqLNMRdr
S5tOmXCwGk1Fh+07qwyN7Z7js2gKePQnUykcMxHUvx8C1pC1SUkjzA/9WQQ=
-----END CERTIFICATE-----