Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a87e6de-abd8-4be0-a610-ec23b4c9818c.roa
File:                     4a87e6de-abd8-4be0-a610-ec23b4c9818c.roa (raw, json)
Hash identifier:          xDEH0NADQ5GkpQEGCu/mf3geVgpepiZWjczL6FGQFgY=
Subject key identifier:   AC:C3:14:DC:AC:11:48:6B:58:FE:BC:D4:2A:30:AF:13:42:C1:BC:FD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5DA5AF25CCFBB4484C462696EF8E92EA983745C7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a87e6de-abd8-4be0-a610-ec23b4c9818c.roa
Signing time:             Mon 29 Sep 2025 15:02:05 +0000
ROA not before:           Mon 29 Sep 2025 15:02:05 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.175.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:a5:af:25:cc:fb:b4:48:4c:46:26:96:ef:8e:92:ea:98:37:45:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 29 15:02:05 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=efd86c366f7f3ef65937adc7be010ad7582e39c5e2bcfd530cc048e393d7491b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e8:0b:d9:1d:41:89:61:20:3b:3c:1d:06:ee:
                    1c:c7:1e:46:6e:cd:a0:22:9b:16:49:c4:8a:e7:80:
                    b6:1f:6a:de:59:e9:f5:72:54:8c:3c:42:7c:4e:59:
                    13:c3:d6:cc:3a:da:91:0f:97:7b:f9:57:e8:4b:77:
                    47:79:03:22:3a:58:01:98:37:ae:7e:7c:5c:27:ca:
                    7c:35:9e:65:f0:a4:b1:f1:3c:5d:06:7f:46:4f:82:
                    b9:06:53:22:a8:a3:16:fd:01:4e:86:24:2d:0e:56:
                    11:85:de:ea:18:6b:12:3c:d4:22:c7:90:c1:56:d8:
                    06:01:97:dc:64:13:9e:0c:07:d9:e6:46:9e:70:13:
                    f5:cf:2f:26:1b:a7:82:9e:bb:6b:e7:a8:51:79:ee:
                    16:39:87:ae:65:24:4a:c0:45:2e:43:23:7d:f0:2d:
                    55:7c:c1:36:7d:e0:63:11:85:ca:e5:c5:6c:fc:7d:
                    aa:77:37:7b:55:86:7d:a4:7f:2e:bc:cd:84:14:58:
                    e3:42:cf:1a:94:69:bd:a6:03:fb:1d:e0:c4:4b:ec:
                    8e:64:7e:17:4b:b8:be:a0:9b:e7:5a:f2:67:f0:d6:
                    8d:27:8c:2a:9d:8c:d6:df:28:74:86:ee:8f:51:bd:
                    82:7c:19:3c:48:d0:96:50:f9:d4:e0:ce:f1:0e:38:
                    3c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C3:14:DC:AC:11:48:6B:58:FE:BC:D4:2A:30:AF:13:42:C1:BC:FD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a87e6de-abd8-4be0-a610-ec23b4c9818c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.175.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7e:3d:d1:d8:8e:29:a1:97:2a:fd:78:e0:0d:3b:41:46:ff:b4:
         93:b4:59:50:74:c9:b0:93:25:5a:07:98:77:87:fa:62:d2:90:
         0b:af:9f:54:3f:69:64:99:73:13:25:dd:6c:f6:83:80:0f:76:
         43:72:aa:7c:c9:a2:54:8d:4d:c0:d2:7a:2e:af:da:df:00:79:
         c5:ef:51:80:c8:fa:bd:ba:7a:c2:51:2f:d7:e1:2e:ad:8a:e8:
         c7:5b:21:75:06:f5:80:41:17:cb:6c:01:26:98:ff:69:bd:68:
         ad:5b:66:6a:50:3e:6e:e8:20:5b:d1:bb:09:72:f2:fe:4e:b2:
         d5:57:ef:2f:1f:1b:00:af:0a:0a:a1:f3:4c:a5:30:1a:b2:e9:
         24:6d:c3:54:89:11:9f:41:42:82:90:6e:63:34:96:b9:ed:69:
         e8:c8:fa:07:d5:59:52:d2:d6:a0:22:4f:5d:e1:dc:8e:3b:af:
         0e:cd:32:da:d0:e9:8f:63:c0:71:5d:a3:41:b5:6e:a3:2f:3e:
         6c:4e:81:e8:41:1a:7b:2b:bf:8f:eb:34:cb:7c:33:b3:6c:13:
         b6:6f:e3:11:63:f2:af:c5:39:c2:bd:72:47:02:c4:40:53:f8:
         73:b2:df:fc:77:0d:10:60:be:b2:08:35:99:77:1c:f4:24:ad:
         8b:9f:e4:e7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXaWvJcz7tEhMRiaW746S6pg3RccwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUwMjA1WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZmQ4NmMzNjZmN2YzZWY2NTkzN2FkYzdiZTAxMGFkNzU4
MmUzOWM1ZTJiY2ZkNTMwY2MwNDhlMzkzZDc0OTFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt6AvZHUGJYSA7PB0G7hzHHkZuzaAimxZJxIrngLYfat5Z
6fVyVIw8QnxOWRPD1sw62pEPl3v5V+hLd0d5AyI6WAGYN65+fFwnynw1nmXwpLHx
PF0Gf0ZPgrkGUyKooxb9AU6GJC0OVhGF3uoYaxI81CLHkMFW2AYBl9xkE54MB9nm
Rp5wE/XPLyYbp4Keu2vnqFF57hY5h65lJErARS5DI33wLVV8wTZ94GMRhcrlxWz8
fap3N3tVhn2kfy68zYQUWONCzxqUab2mA/sd4MRL7I5kfhdLuL6gm+da8mfw1o0n
jCqdjNbfKHSG7o9RvYJ8GTxI0JZQ+dTgzvEOODzRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrMMU3KwRSGtY/rzUKjCvE0LBvP0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhODdlNmRlLWFiZDgtNGJlMC1hNjEwLWVjMjNiNGM5ODE4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCCrzANBgkqhkiG9w0BAQsFAAOCAQEAfj3R2I4poZcq/XjgDTtBRv+0k7RZ
UHTJsJMlWgeYd4f6YtKQC6+fVD9pZJlzEyXdbPaDgA92Q3KqfMmiVI1NwNJ6Lq/a
3wB5xe9RgMj6vbp6wlEv1+EurYrox1shdQb1gEEXy2wBJpj/ab1orVtmalA+bugg
W9G7CXLy/k6y1VfvLx8bAK8KCqHzTKUwGrLpJG3DVIkRn0FCgpBuYzSWue1p6Mj6
B9VZUtLWoCJPXeHcjjuvDs0y2tDpj2PAcV2jQbVuoy8+bE6B6EEaeyu/j+s0y3wz
s2wTtm/jEWPyr8U5wr1yRwLEQFP4c7Lf/HcNEGC+sgg1mXcc9CSti5/k5w==
-----END CERTIFICATE-----