Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c1bc95a-5d0c-487e-bf1d-56809964528a.roa
File:                     4c1bc95a-5d0c-487e-bf1d-56809964528a.roa (raw, json)
Hash identifier:          uy5a3IAUyODOl8D7KKBbOmthfTLUnRyCYCxXnPFU8TE=
Subject key identifier:   1C:7C:61:8B:C2:B8:3D:B7:3A:EF:89:B9:2D:32:CB:93:F9:CC:0F:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       05C8FAC24AD2C0E9F674503E29BA234E18C477FA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c1bc95a-5d0c-487e-bf1d-56809964528a.roa
Signing time:             Tue 07 Oct 2025 00:22:28 +0000
ROA not before:           Tue 07 Oct 2025 00:22:28 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.73.144.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:c8:fa:c2:4a:d2:c0:e9:f6:74:50:3e:29:ba:23:4e:18:c4:77:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:22:28 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=f6a20e8e281622eeaf9f30d00e4e46e822c59e4f7dc6db90f06efc12035873ed, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ba:61:57:c0:c2:6b:39:93:82:5d:ef:24:ac:
                    a4:a0:99:3b:e4:5c:cb:a9:e7:95:31:7b:a3:5d:85:
                    d4:82:7c:43:ac:14:cd:1e:92:7b:bc:8f:9e:9a:8a:
                    28:75:27:04:a5:e9:8d:f3:3a:d0:c2:ae:99:9a:28:
                    ad:a0:2e:1a:01:51:ef:3e:bc:e3:75:ca:e4:b8:13:
                    b6:c0:fe:30:89:85:c6:df:14:6c:dd:30:8f:75:80:
                    44:eb:ff:30:f9:c1:00:bd:09:de:48:2b:f9:17:7f:
                    62:1c:9e:3a:2e:19:8f:ca:21:86:e3:44:ec:40:94:
                    84:b8:44:88:35:27:86:7e:8a:b5:ad:9a:08:9f:c1:
                    93:38:dc:f0:d5:54:eb:36:20:c7:75:41:7b:ad:a3:
                    5d:b9:bd:a9:21:d6:a8:6e:e0:43:d5:8b:5f:77:df:
                    fd:85:97:79:1c:76:b9:95:43:11:20:91:e3:da:c4:
                    b0:62:77:7b:80:9e:8f:d6:12:79:96:d2:5c:84:38:
                    ad:fe:4a:e1:6d:0f:b0:d6:02:e3:22:54:b3:a9:8b:
                    03:aa:83:fb:0a:ff:76:b9:61:10:9f:36:e7:8e:6c:
                    3d:d0:22:1b:87:d4:af:f5:8d:52:5d:a0:f2:f3:e7:
                    98:d6:28:9c:ef:bf:58:4b:9c:86:41:74:58:1e:5e:
                    13:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:7C:61:8B:C2:B8:3D:B7:3A:EF:89:B9:2D:32:CB:93:F9:CC:0F:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c1bc95a-5d0c-487e-bf1d-56809964528a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4a:88:8a:91:8c:2e:a7:ac:f9:33:3b:85:b3:1d:7b:c2:0c:fe:
         a6:cd:22:81:60:cc:bc:bd:7f:1f:f8:f0:c3:92:74:b6:4d:00:
         ac:10:1c:75:92:22:53:9e:7b:08:df:d3:99:02:0b:de:c6:ba:
         ff:ea:0f:f1:8c:c7:50:78:96:51:db:b4:fb:c6:56:2d:e2:b1:
         ee:1d:ce:50:1a:b2:69:2e:93:f0:b9:4a:44:c3:43:9b:ab:3c:
         c5:eb:5f:b4:61:ff:f3:87:ee:70:4c:1e:46:74:58:b1:57:96:
         ef:d7:0b:f6:ac:70:71:f9:39:b1:c7:11:0b:57:3d:8a:bf:2c:
         aa:fb:1c:07:92:29:27:76:a1:73:d3:d6:b1:1a:8a:e8:1c:9d:
         86:65:6a:0d:81:de:e4:9f:4b:d7:80:d7:9c:52:32:dd:75:49:
         a6:aa:74:87:aa:2b:fc:07:ca:8c:bb:78:18:18:31:ff:37:4f:
         6f:77:73:c3:0d:75:aa:6d:5a:c7:8d:8b:c5:c8:3b:f3:15:d2:
         2a:27:4f:7e:f9:0e:0c:19:65:65:3a:49:4d:31:75:0a:18:47:
         3b:eb:a4:cc:1b:54:cb:de:8a:c2:e9:bf:92:5e:d1:03:45:ce:
         43:04:46:18:7c:0e:8d:8c:89:6e:9d:17:c7:dd:4f:6f:7f:30:
         03:3c:e9:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBcj6wkrSwOn2dFA+KbojThjEd/owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMjI4WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmEyMGU4ZTI4MTYyMmVlYWY5ZjMwZDAwZTRlNDZlODIy
YzU5ZTRmN2RjNmRiOTBmMDZlZmMxMjAzNTg3M2VkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7umFXwMJrOZOCXe8krKSgmTvkXMup55Uxe6NdhdSCfEOs
FM0eknu8j56aiih1JwSl6Y3zOtDCrpmaKK2gLhoBUe8+vON1yuS4E7bA/jCJhcbf
FGzdMI91gETr/zD5wQC9Cd5IK/kXf2IcnjouGY/KIYbjROxAlIS4RIg1J4Z+irWt
mgifwZM43PDVVOs2IMd1QXuto125vakh1qhu4EPVi1933/2Fl3kcdrmVQxEgkePa
xLBid3uAno/WEnmW0lyEOK3+SuFtD7DWAuMiVLOpiwOqg/sK/3a5YRCfNueObD3Q
IhuH1K/1jVJdoPLz55jWKJzvv1hLnIZBdFgeXhNnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHHxhi8K4Pbc674m5LTLLk/nMD+4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjMWJjOTVhLTVkMGMtNDg3ZS1iZjFkLTU2ODA5OTY0NTI4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO4SZAwDQYJKoZIhvcNAQELBQADggEBAEqIipGMLqes+TM7hbMde8IM/qbN
IoFgzLy9fx/48MOSdLZNAKwQHHWSIlOeewjf05kCC97Guv/qD/GMx1B4llHbtPvG
Vi3ise4dzlAasmkuk/C5SkTDQ5urPMXrX7Rh//OH7nBMHkZ0WLFXlu/XC/ascHH5
ObHHEQtXPYq/LKr7HAeSKSd2oXPT1rEaiugcnYZlag2B3uSfS9eA15xSMt11Saaq
dIeqK/wHyoy7eBgYMf83T293c8MNdaptWseNi8XIO/MV0ionT375DgwZZWU6SU0x
dQoYRzvrpMwbVMveisLpv5Je0QNFzkMERhh8Do2MiW6dF8fdT29/MAM86YQ=
-----END CERTIFICATE-----