Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
File:                     4d4df828-87d0-400e-bee0-4cd343ba4776.roa (raw, json)
Hash identifier:          eUCbFVJDniJ3qN5aeM7MU9BolrfjEjpDEIG3NHBgNyY=
Subject key identifier:   EA:E9:2E:92:0C:0E:36:A0:A8:4B:E4:8C:44:64:D4:8C:41:E4:20:48
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       357EF08705FAAD1AB75E6B54EA68DDDE155A685D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
Signing time:             Mon 06 Oct 2025 16:42:24 +0000
ROA not before:           Mon 06 Oct 2025 16:42:24 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.64.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:7e:f0:87:05:fa:ad:1a:b7:5e:6b:54:ea:68:dd:de:15:5a:68:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:42:24 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=5b705fd14b280ad8e4e312b5f9f1eec9d4d848bbf04a996dd3e309dd67640f43, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ab:77:8d:18:33:f9:c8:1a:27:ea:b4:7c:f8:
                    5d:b2:c5:e5:d7:5f:13:30:d3:3f:2d:df:1f:a0:16:
                    98:52:62:ee:d0:39:fb:df:98:0f:c5:2a:24:a8:cb:
                    b5:d3:1d:20:73:99:9b:57:ae:f3:48:38:27:96:05:
                    34:83:a5:cf:de:a2:36:79:22:4c:b7:3c:68:80:de:
                    b7:da:83:27:70:6e:38:ef:4a:57:0d:46:3d:2d:36:
                    ea:73:fd:f2:7b:d6:d5:bb:02:67:bf:9e:07:fa:ec:
                    0e:3e:c3:2a:83:15:fd:68:47:48:d9:fd:aa:86:76:
                    e7:2e:8e:7f:fd:0c:96:ec:9e:93:3d:f7:44:1f:5b:
                    39:1a:99:ed:5c:a4:27:bd:f5:05:28:74:3c:d2:4c:
                    3b:f3:d5:a5:39:00:b0:e6:47:c8:a3:7d:15:5b:f7:
                    94:57:c2:12:9b:b0:03:6f:1c:3e:7c:e4:68:ca:c7:
                    4a:55:79:2c:bd:41:48:c3:b9:d9:7b:d9:0c:92:ad:
                    3b:e0:29:6b:69:d8:b1:99:2b:c7:ff:1e:9a:2b:b7:
                    32:4a:7e:7e:bb:5f:85:75:44:da:7e:92:48:99:69:
                    d7:c4:e8:e1:6d:79:0e:18:18:43:d9:10:88:5f:8b:
                    ba:b3:97:8f:82:43:8d:48:5a:aa:be:0a:14:71:b4:
                    4d:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:E9:2E:92:0C:0E:36:A0:A8:4B:E4:8C:44:64:D4:8C:41:E4:20:48
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3a:be:c6:d7:8f:0f:6c:5f:4d:b3:15:df:ef:55:0c:49:78:18:
         48:72:e2:01:60:eb:35:6f:f3:47:48:a4:72:de:79:07:5c:26:
         8e:4b:c8:43:3c:93:93:30:52:dd:f4:bc:32:ab:18:63:77:6c:
         01:ef:fe:cc:63:58:09:5e:54:08:e2:d3:57:32:3d:de:44:1b:
         bf:86:30:86:c1:07:95:94:bc:a2:27:d2:9d:ad:01:c4:d9:9f:
         c5:9f:92:03:c7:91:d9:89:85:cc:56:e2:90:0d:e9:a9:94:18:
         b2:e9:76:a5:b6:3e:f8:79:e2:34:44:57:81:97:f2:8b:85:ea:
         5b:86:7b:1e:05:d6:f3:21:f1:5c:89:e9:34:63:20:cd:09:d3:
         49:80:a2:00:c1:bc:cb:5d:c4:95:c8:ea:93:63:cc:96:48:ec:
         c5:9c:88:f5:5e:57:11:38:c1:58:56:cd:b7:d5:14:6f:5e:83:
         12:0c:2f:38:ac:55:63:6f:fd:22:16:6f:d2:1a:fb:c2:90:2a:
         56:d4:b3:a1:95:36:fb:ba:d3:3a:27:4c:0a:3c:71:48:77:e8:
         f1:3d:03:47:16:a2:7e:16:77:d2:c2:52:c7:1f:74:89:7a:2c:
         bd:47:e9:bc:07:87:5c:0d:0c:f1:6c:84:02:2d:14:f7:63:3e:
         c4:10:bb:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNX7whwX6rRq3XmtU6mjd3hVaaF0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTY0MjI0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjcwNWZkMTRiMjgwYWQ4ZTRlMzEyYjVmOWYxZWVjOWQ0
ZDg0OGJiZjA0YTk5NmRkM2UzMDlkZDY3NjQwZjQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfq3eNGDP5yBon6rR8+F2yxeXXXxMw0z8t3x+gFphSYu7Q
OfvfmA/FKiSoy7XTHSBzmZtXrvNIOCeWBTSDpc/eojZ5Iky3PGiA3rfagydwbjjv
SlcNRj0tNupz/fJ71tW7Ame/ngf67A4+wyqDFf1oR0jZ/aqGducujn/9DJbsnpM9
90QfWzkame1cpCe99QUodDzSTDvz1aU5ALDmR8ijfRVb95RXwhKbsANvHD585GjK
x0pVeSy9QUjDudl72QySrTvgKWtp2LGZK8f/HportzJKfn67X4V1RNp+kkiZadfE
6OFteQ4YGEPZEIhfi7qzl4+CQ41IWqq+ChRxtE15AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6ukukgwONqCoS+SMRGTUjEHkIEgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkNGRmODI4LTg3ZDAtNDAwZS1iZWUwLTRjZDM0M2JhNDc3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYyEkAwDQYJKoZIhvcNAQELBQADggEBADq+xtePD2xfTbMV3+9VDEl4GEhy
4gFg6zVv80dIpHLeeQdcJo5LyEM8k5MwUt30vDKrGGN3bAHv/sxjWAleVAji01cy
Pd5EG7+GMIbBB5WUvKIn0p2tAcTZn8WfkgPHkdmJhcxW4pAN6amUGLLpdqW2Pvh5
4jREV4GX8ouF6luGex4F1vMh8VyJ6TRjIM0J00mAogDBvMtdxJXI6pNjzJZI7MWc
iPVeVxE4wVhWzbfVFG9egxIMLzisVWNv/SIWb9Ia+8KQKlbUs6GVNvu60zonTAo8
cUh36PE9A0cWon4Wd9LCUscfdIl6LL1H6bwHh1wNDPFshAItFPdjPsQQu6k=
-----END CERTIFICATE-----