Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e05c00c-2e9b-482c-bbfb-ebd9aebd7cb1.roa
File:                     3e05c00c-2e9b-482c-bbfb-ebd9aebd7cb1.roa (raw, json)
Hash identifier:          CwwzisdV0+d8cjwSUsoUgTCzeGXqEns3ciJlHlbUkcs=
Subject key identifier:   82:6B:D5:E2:96:F2:27:D0:DC:84:35:86:51:BE:01:80:72:16:60:6B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72455F25ADB04F8F980EBB5773BA5F08CC28C1D4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e05c00c-2e9b-482c-bbfb-ebd9aebd7cb1.roa
Signing time:             Fri 26 Sep 2025 00:41:36 +0000
ROA not before:           Fri 26 Sep 2025 00:41:36 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.83.128.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:45:5f:25:ad:b0:4f:8f:98:0e:bb:57:73:ba:5f:08:cc:28:c1:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:41:36 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=a4dd2f4b38c7f1edd08b43360093e4c8e4fa08d2ffda0a7c96e6679d9031f596, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c3:fd:e3:94:65:6f:10:fd:36:7d:f0:f3:0c:
                    9a:72:8d:a3:14:09:92:ea:35:ac:49:97:9b:4b:44:
                    37:52:41:1f:22:d1:65:43:42:5d:e5:18:26:10:13:
                    a0:01:4c:49:35:f3:41:c6:1c:8e:7c:50:a5:3d:4f:
                    32:75:97:a7:43:74:2b:24:22:55:f2:f4:83:55:c0:
                    68:7f:40:57:fe:e0:b7:4e:b5:16:bc:6f:55:f9:1d:
                    0f:14:49:18:00:b3:0e:db:72:b3:10:54:c2:f1:7a:
                    bc:80:38:3e:08:27:e6:51:65:c8:1c:3a:54:41:b9:
                    43:f7:1d:e3:9b:c6:f6:b7:88:cb:f7:ee:7b:a7:63:
                    a3:d5:85:ce:dc:2f:c9:c6:6a:60:9f:e3:e5:fe:f3:
                    85:25:d0:c8:0f:6d:7e:be:f2:2f:16:f2:9c:33:d3:
                    09:72:2d:1a:ef:15:34:c0:1a:d4:0e:23:66:e5:d8:
                    b5:c2:5c:07:d3:6e:77:5b:34:29:7f:9a:d3:42:74:
                    c9:4b:c3:8f:4f:a8:32:76:ce:6b:b9:4d:e3:6e:d8:
                    ae:6e:8a:ae:2c:20:3a:4a:80:a9:9e:8c:c2:f0:02:
                    25:77:28:4b:89:6b:1b:a9:0b:3f:77:3c:cc:2b:ea:
                    ab:ba:bf:70:3c:af:23:10:bd:ab:0c:21:9c:6c:1b:
                    79:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:6B:D5:E2:96:F2:27:D0:DC:84:35:86:51:BE:01:80:72:16:60:6B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e05c00c-2e9b-482c-bbfb-ebd9aebd7cb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.83.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         70:f3:eb:bf:75:40:a3:e9:48:f7:d8:8d:58:98:32:a3:e0:3c:
         af:32:7d:9a:1c:23:67:8d:78:3a:84:bf:b5:ac:eb:4c:ff:bb:
         81:60:32:07:2e:5f:4d:3a:4f:13:3b:c0:49:c2:44:40:31:06:
         e1:fd:d7:b1:a8:2e:92:ae:e1:9a:5e:92:0b:fc:fa:d4:7b:53:
         b9:fa:ce:78:2c:54:8e:12:5d:f0:f1:28:c9:e0:dd:93:69:a4:
         a0:bb:95:62:c6:4a:7b:4c:73:57:2f:47:ba:f1:e4:a3:3d:97:
         7b:6a:8f:b3:b7:31:28:cd:80:0c:36:4d:fe:66:59:89:7f:b5:
         d2:07:c4:7c:1b:8b:e8:32:fb:1c:12:57:ec:80:36:dd:9b:13:
         18:e2:1f:25:11:ba:54:bf:bb:45:d4:3e:55:11:9b:d6:ec:d3:
         68:f9:8b:53:af:01:3d:d7:99:ac:e1:9b:24:ef:76:f3:00:b3:
         38:e5:27:ba:7f:b4:7a:78:ee:2e:81:c1:f4:13:7a:57:f8:41:
         00:5a:7f:cd:9f:60:89:24:d8:09:9a:e7:ee:95:53:ca:6d:3f:
         af:31:4c:70:10:06:49:52:5d:03:1f:5a:db:7b:c7:b4:4f:db:
         95:4e:8a:f5:02:69:56:57:51:18:6b:15:c7:77:44:af:8d:b2:
         89:87:9a:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUckVfJa2wT4+YDrtXc7pfCMwowdQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDA0MTM2WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNGRkMmY0YjM4YzdmMWVkZDA4YjQzMzYwMDkzZTRjOGU0
ZmEwOGQyZmZkYTBhN2M5NmU2Njc5ZDkwMzFmNTk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaw/3jlGVvEP02ffDzDJpyjaMUCZLqNaxJl5tLRDdSQR8i
0WVDQl3lGCYQE6ABTEk180HGHI58UKU9TzJ1l6dDdCskIlXy9INVwGh/QFf+4LdO
tRa8b1X5HQ8USRgAsw7bcrMQVMLxeryAOD4IJ+ZRZcgcOlRBuUP3HeObxva3iMv3
7nunY6PVhc7cL8nGamCf4+X+84Ul0MgPbX6+8i8W8pwz0wlyLRrvFTTAGtQOI2bl
2LXCXAfTbndbNCl/mtNCdMlLw49PqDJ2zmu5TeNu2K5uiq4sIDpKgKmejMLwAiV3
KEuJaxupCz93PMwr6qu6v3A8ryMQvasMIZxsG3nnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgmvV4pbyJ9DchDWGUb4BgHIWYGswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNlMDVjMDBjLTJlOWItNDgyYy1iYmZiLWViZDlhZWJkN2NiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdjU4AwDQYJKoZIhvcNAQELBQADggEBAHDz6791QKPpSPfYjViYMqPgPK8y
fZocI2eNeDqEv7Ws60z/u4FgMgcuX006TxM7wEnCREAxBuH917GoLpKu4Zpekgv8
+tR7U7n6zngsVI4SXfDxKMng3ZNppKC7lWLGSntMc1cvR7rx5KM9l3tqj7O3MSjN
gAw2Tf5mWYl/tdIHxHwbi+gy+xwSV+yANt2bExjiHyURulS/u0XUPlURm9bs02j5
i1OvAT3XmazhmyTvdvMAszjlJ7p/tHp47i6BwfQTelf4QQBaf82fYIkk2Ama5+6V
U8ptP68xTHAQBklSXQMfWtt7x7RP25VOivUCaVZXURhrFcd3RK+NsomHmkQ=
-----END CERTIFICATE-----