Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3736fb83-358c-4ea5-a82f-fa5a7eea0836.roa
File:                     3736fb83-358c-4ea5-a82f-fa5a7eea0836.roa (raw, json)
Hash identifier:          fgnYH5PHvSl0MxU6H+SWoeKYS7MFH7abIXxaTK5+yuo=
Subject key identifier:   9E:87:19:79:E8:8A:C6:0D:D2:15:DE:6C:43:74:FE:04:F4:B0:4E:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       794A9045E72624A4149E7AA9B087877C020CFC97
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3736fb83-358c-4ea5-a82f-fa5a7eea0836.roa
Signing time:             Fri 03 Oct 2025 00:41:39 +0000
ROA not before:           Fri 03 Oct 2025 00:41:39 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        76.223.172.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:4a:90:45:e7:26:24:a4:14:9e:7a:a9:b0:87:87:7c:02:0c:fc:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:41:39 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=58f82e4ec6c87a447b2f2a45361b6c12552f192148cd0d92dfece99bebd56503, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cf:3a:cb:67:3c:45:50:ae:cf:a4:d3:0c:71:
                    28:1b:44:2e:b7:b9:3d:e9:1d:41:ad:eb:6c:47:a3:
                    de:19:cd:6a:1e:f1:08:c2:b7:c1:3a:0d:4e:58:af:
                    1d:c6:5f:e6:b0:f6:8b:d9:61:cd:25:3a:37:d2:bb:
                    b5:d3:35:13:57:c2:0a:84:91:af:59:7d:02:8c:a1:
                    64:ce:36:a9:2d:97:6c:6f:ae:9e:53:b9:e3:b6:2b:
                    28:50:a6:7c:99:60:66:5f:8c:06:99:8e:23:af:9a:
                    33:80:1a:10:0a:ec:da:67:3b:33:e6:51:75:e0:78:
                    81:7e:d1:cb:4e:c4:99:3f:ac:ab:3b:99:55:a7:cf:
                    a1:db:d8:17:c3:08:4e:53:5e:42:16:e0:28:95:23:
                    0d:bb:bf:71:1c:b2:ea:ad:5f:c0:ad:8a:46:7e:a5:
                    2e:59:8b:f3:a8:00:2e:20:3b:5d:ca:c7:41:f1:96:
                    15:81:01:ff:a7:e5:97:6f:8c:a1:96:03:18:0c:15:
                    ea:6d:e5:96:5b:80:15:1a:e8:41:87:dd:89:ce:bc:
                    4f:a5:01:19:87:ba:35:43:8f:3b:3a:43:74:2d:53:
                    37:d6:5c:ca:1f:55:d5:d5:c2:0e:a0:24:1f:ac:53:
                    1a:6a:a2:ba:6d:9a:95:40:b6:98:3d:55:7d:a6:da:
                    5b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:87:19:79:E8:8A:C6:0D:D2:15:DE:6C:43:74:FE:04:F4:B0:4E:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3736fb83-358c-4ea5-a82f-fa5a7eea0836.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:2f:91:81:7b:26:c9:0c:3d:da:3e:ce:64:46:51:9d:80:ca:
         1c:49:f9:71:2b:f9:c1:0a:06:6b:b6:c9:ba:6d:0b:03:50:09:
         e3:94:88:d3:db:ee:12:09:f3:1d:b3:2d:13:3a:a9:27:11:de:
         b7:c8:a7:da:c2:a7:50:dc:3f:b1:cd:be:60:f3:c8:6c:1f:56:
         74:e9:c0:f6:f4:77:77:68:e2:22:07:cb:a5:3c:f3:ae:ee:83:
         5f:f9:aa:fe:0c:ad:8f:5b:e8:6b:9a:43:d9:89:7e:d9:97:1b:
         a5:20:f9:2d:56:ca:ad:03:4a:b5:79:ee:95:08:63:a1:64:1a:
         a8:ad:25:0a:ca:fd:bf:8d:8b:88:83:e4:f4:4c:97:7c:90:74:
         88:40:dd:8e:5b:ca:f1:60:e5:56:77:2f:52:c5:cc:ee:81:37:
         7e:a8:ae:e9:fe:5b:67:89:71:fc:ef:7f:35:34:5f:c8:30:1f:
         1e:80:d8:a3:66:fa:ef:28:01:9e:da:68:cb:0e:a0:ea:d6:3e:
         8b:fa:95:04:dd:5e:90:81:48:c6:a3:49:1a:a3:86:de:98:b8:
         b5:0e:45:06:b6:f3:3f:4a:e2:61:5c:2d:ec:eb:55:aa:ef:fa:
         cb:c3:7e:e9:4d:70:42:70:06:82:33:e7:9c:94:9e:a1:fa:9f:
         71:78:89:09
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeUqQRecmJKQUnnqpsIeHfAIM/JcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA0MTM5WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OGY4MmU0ZWM2Yzg3YTQ0N2IyZjJhNDUzNjFiNmMxMjU1
MmYxOTIxNDhjZDBkOTJkZmVjZTk5YmViZDU2NTAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7zzrLZzxFUK7PpNMMcSgbRC63uT3pHUGt62xHo94ZzWoe
8QjCt8E6DU5Yrx3GX+aw9ovZYc0lOjfSu7XTNRNXwgqEka9ZfQKMoWTONqktl2xv
rp5TueO2KyhQpnyZYGZfjAaZjiOvmjOAGhAK7NpnOzPmUXXgeIF+0ctOxJk/rKs7
mVWnz6Hb2BfDCE5TXkIW4CiVIw27v3EcsuqtX8CtikZ+pS5Zi/OoAC4gO13Kx0Hx
lhWBAf+n5ZdvjKGWAxgMFept5ZZbgBUa6EGH3YnOvE+lARmHujVDjzs6Q3QtUzfW
XMofVdXVwg6gJB+sUxpqorptmpVAtpg9VX2m2luDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnocZeeiKxg3SFd5sQ3T+BPSwTrMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3MzZmYjgzLTM1OGMtNGVhNS1hODJmLWZhNWE3ZWVhMDgzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJM36wwDQYJKoZIhvcNAQELBQADggEBAA0vkYF7JskMPdo+zmRGUZ2AyhxJ
+XEr+cEKBmu2ybptCwNQCeOUiNPb7hIJ8x2zLRM6qScR3rfIp9rCp1DcP7HNvmDz
yGwfVnTpwPb0d3do4iIHy6U8867ug1/5qv4MrY9b6GuaQ9mJftmXG6Ug+S1Wyq0D
SrV57pUIY6FkGqitJQrK/b+Ni4iD5PRMl3yQdIhA3Y5byvFg5VZ3L1LFzO6BN36o
run+W2eJcfzvfzU0X8gwHx6A2KNm+u8oAZ7aaMsOoOrWPov6lQTdXpCBSMajSRqj
ht6YuLUORQa28z9K4mFcLezrVarv+svDfulNcEJwBoIz55yUnqH6n3F4iQk=
-----END CERTIFICATE-----