Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4eb53310-23af-4823-a445-b1af14a0f809.roa
File:                     4eb53310-23af-4823-a445-b1af14a0f809.roa (raw, json)
Hash identifier:          cI+Aw0h+iVJRQomQSCBFgM8/d4+PGHAPywAhLOHUgvo=
Subject key identifier:   6E:4B:10:D9:56:E2:B6:26:11:35:BE:90:92:F3:40:B9:38:70:7E:74
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2B1FBF8A1AD1589B1251A764BDE8444B4AB4826E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4eb53310-23af-4823-a445-b1af14a0f809.roa
Signing time:             Fri 10 Oct 2025 00:21:29 +0000
ROA not before:           Fri 10 Oct 2025 00:21:29 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.77.0.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:1f:bf:8a:1a:d1:58:9b:12:51:a7:64:bd:e8:44:4b:4a:b4:82:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 00:21:29 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=4ce98a40b06d4cdebf4b4105acaa7bfa251d9a27169f59a2b4a5bb6239746396, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:39:00:15:52:91:99:9b:cb:4d:02:73:24:b2:
                    73:45:1a:64:a6:d8:80:54:c3:9b:5e:9c:60:58:54:
                    d4:a8:2c:25:88:9b:5c:3a:6a:9c:31:f2:95:d9:0d:
                    b7:67:65:28:20:e1:c5:3e:89:f6:d8:fb:1f:6c:fb:
                    d3:be:cb:02:54:c2:02:da:b7:68:72:d8:b8:2b:05:
                    27:49:5a:9f:7d:3e:92:de:2c:79:dd:76:6f:25:a7:
                    7a:e2:5b:92:6e:38:4f:3d:39:9b:35:83:73:cb:4a:
                    f5:bc:cc:5d:d7:fb:50:f2:5c:43:66:63:3c:46:a7:
                    84:ae:01:26:08:43:89:2d:dc:34:c4:01:27:85:96:
                    0b:78:37:6a:6c:65:95:f8:99:f2:25:44:d6:70:fd:
                    26:32:dd:67:5f:71:4f:5f:44:eb:f9:35:e8:78:39:
                    a0:27:05:fd:c7:aa:78:f1:39:0f:9d:5e:e9:7d:27:
                    80:92:df:eb:fe:36:86:e6:26:10:c3:ee:ad:29:92:
                    ca:ba:d0:6d:63:d4:9d:ed:ec:61:e4:d3:59:71:45:
                    41:6a:3a:dc:12:c8:d9:53:bf:44:e3:5b:f8:a9:55:
                    8c:56:5c:f5:81:2f:fa:78:a6:be:3c:67:e6:46:bf:
                    ca:13:7f:73:d7:07:6c:d5:e7:1a:c7:14:da:9b:7a:
                    ef:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:4B:10:D9:56:E2:B6:26:11:35:BE:90:92:F3:40:B9:38:70:7E:74
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4eb53310-23af-4823-a445-b1af14a0f809.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.77.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         50:8f:56:00:b3:8b:d7:9a:1b:b5:60:ed:65:2d:f9:bc:a3:33:
         78:89:78:3d:3b:73:b6:92:4d:ab:4b:b6:ba:04:a2:24:6d:1f:
         13:5a:ff:6a:3f:f4:4a:85:bb:c7:51:d4:d8:65:e6:4a:d4:90:
         eb:db:cf:ec:c1:8f:a8:b3:25:09:2f:9b:c8:05:68:6d:d3:97:
         b5:6b:17:53:92:11:09:7b:0d:2f:36:5e:7b:8d:af:9c:60:12:
         af:fa:a2:53:df:4c:2d:42:d5:68:3a:5b:ce:c0:c5:f7:5f:58:
         8f:d3:f9:1c:9c:06:97:3b:53:af:42:a0:08:e7:84:c4:e7:aa:
         7e:b1:9e:8a:97:b9:73:6c:05:c2:65:b8:3f:0d:f7:62:b2:33:
         40:a9:43:ad:07:09:88:94:89:3c:22:b1:4d:f2:20:22:5a:b2:
         52:bb:19:56:54:3b:da:3b:03:e2:59:32:57:b9:3d:7b:e0:79:
         b1:60:ab:93:b7:4c:4f:fd:a6:26:54:e9:e1:c3:c4:a8:e6:09:
         85:17:4e:c7:72:c5:20:a5:73:8f:0b:df:d8:1e:5d:51:71:c2:
         ac:7e:7c:2e:0a:83:7b:ca:2a:4a:b1:28:cf:22:90:52:e5:d9:
         0b:07:ec:d7:0d:95:b4:3d:bd:a7:18:1d:6c:16:22:7f:2c:e1:
         2f:75:85:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKx+/ihrRWJsSUadkvehES0q0gm4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAyMTI5WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0Y2U5OGE0MGIwNmQ0Y2RlYmY0YjQxMDVhY2FhN2JmYTI1
MWQ5YTI3MTY5ZjU5YTJiNGE1YmI2MjM5NzQ2Mzk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUOQAVUpGZm8tNAnMksnNFGmSm2IBUw5tenGBYVNSoLCWI
m1w6apwx8pXZDbdnZSgg4cU+ifbY+x9s+9O+ywJUwgLat2hy2LgrBSdJWp99PpLe
LHnddm8lp3riW5JuOE89OZs1g3PLSvW8zF3X+1DyXENmYzxGp4SuASYIQ4kt3DTE
ASeFlgt4N2psZZX4mfIlRNZw/SYy3WdfcU9fROv5Neh4OaAnBf3HqnjxOQ+dXul9
J4CS3+v+NobmJhDD7q0pksq60G1j1J3t7GHk01lxRUFqOtwSyNlTv0TjW/ipVYxW
XPWBL/p4pr48Z+ZGv8oTf3PXB2zV5xrHFNqbeu+3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbksQ2VbitiYRNb6QkvNAuThwfnQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlYjUzMzEwLTIzYWYtNDgyMy1hNDQ1LWIxYWYxNGEwZjgwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAddTQAwDQYJKoZIhvcNAQELBQADggEBAFCPVgCzi9eaG7Vg7WUt+byjM3iJ
eD07c7aSTatLtroEoiRtHxNa/2o/9EqFu8dR1Nhl5krUkOvbz+zBj6izJQkvm8gF
aG3Tl7VrF1OSEQl7DS82XnuNr5xgEq/6olPfTC1C1Wg6W87AxfdfWI/T+RycBpc7
U69CoAjnhMTnqn6xnoqXuXNsBcJluD8N92KyM0CpQ60HCYiUiTwisU3yICJaslK7
GVZUO9o7A+JZMle5PXvgebFgq5O3TE/9piZU6eHDxKjmCYUXTsdyxSClc48L39ge
XVFxwqx+fC4Kg3vKKkqxKM8ikFLl2QsH7NcNlbQ9vacYHWwWIn8s4S91hXc=
-----END CERTIFICATE-----