Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa
File:                     4f0b048d-2305-43d3-a474-0e095ab7e09b.roa (raw, json)
Hash identifier:          5mQT9SgAFPiJQWjrfj5kwLbBmhve1ZCyzRXBrZW7Ln4=
Subject key identifier:   EF:72:09:5A:DA:02:B2:83:BA:20:9B:8D:E3:2C:F5:50:E3:4E:D6:97
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0ED6FD29538EAC99A3E70607C4431DBEDE2038B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa
Signing time:             Wed 08 Oct 2025 00:22:56 +0000
ROA not before:           Wed 08 Oct 2025 00:22:56 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.53.192.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:d6:fd:29:53:8e:ac:99:a3:e7:06:07:c4:43:1d:be:de:20:38:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:22:56 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=4fcd71e8c0a1edd0b9e7d0cbd54a7d95cb766bdad43c117ab346be499cda7f8f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:cd:ae:0a:6e:77:f8:8e:d4:97:fb:39:b0:63:
                    d8:91:0a:8e:d8:67:22:55:33:0b:1f:b5:e3:64:c0:
                    fa:bc:ca:86:4c:b1:f2:cb:70:08:02:63:5d:90:e7:
                    b8:03:12:23:9d:8d:51:e5:8a:09:1e:ff:61:17:83:
                    0e:6c:d1:7f:a9:43:37:92:9d:45:bc:ed:c7:34:b5:
                    1a:37:f7:8b:55:08:bc:5b:32:6b:43:f1:3e:d0:08:
                    63:3e:3a:cc:df:15:fc:bd:e1:34:fc:c1:cf:dd:07:
                    fb:37:cd:32:33:cd:68:be:47:c7:fd:46:33:e0:94:
                    aa:ee:d7:fa:b4:ef:44:7b:99:09:c4:09:3b:1a:d3:
                    73:e3:a1:3a:82:24:4f:c1:1b:da:08:e2:54:ab:fc:
                    3a:44:62:56:c7:f0:28:6a:87:8e:4e:7e:09:78:2b:
                    fd:e1:69:0f:0e:5e:45:31:8e:43:80:e2:e0:20:9d:
                    00:8e:c0:0d:db:58:3a:de:3d:67:9e:84:4e:2e:0a:
                    84:b0:4a:bf:89:a1:ce:2f:9d:51:39:cb:e6:23:a7:
                    c3:76:43:db:73:c8:85:2a:9e:e8:25:14:49:fd:62:
                    2a:d5:a0:35:ce:3f:28:85:8d:89:27:c0:e2:a1:b3:
                    a8:cc:c8:0a:56:93:8b:79:3b:16:18:e0:1e:96:c3:
                    76:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:72:09:5A:DA:02:B2:83:BA:20:9B:8D:E3:2C:F5:50:E3:4E:D6:97
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.53.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8a:56:b8:cb:42:dc:29:6c:29:db:d5:a7:50:9c:d5:02:e3:05:
         a9:f6:88:13:cf:ed:20:f2:d9:ca:36:bc:9a:70:79:cd:73:e7:
         bb:88:a0:6a:cc:16:d7:c9:49:ae:22:95:eb:5f:24:77:78:a9:
         18:5d:9d:ed:cd:45:2f:c4:40:41:41:76:b6:6a:9c:3e:cf:65:
         8d:e0:a6:66:d2:a0:9d:74:78:c0:fb:9b:95:14:af:0e:e7:5e:
         af:a3:3f:51:29:7a:28:1a:cb:dc:e0:aa:ca:ab:64:91:cd:ae:
         9f:0a:40:2c:2b:51:19:c7:78:c5:34:87:b0:07:fd:2d:6a:62:
         56:bf:99:f3:c4:65:44:b8:30:b8:29:4e:99:c5:b8:fe:f8:85:
         d2:83:21:af:58:77:f5:a6:47:b6:e0:a0:24:89:a4:22:19:7b:
         a1:b8:81:1c:e9:ea:d2:ba:32:9d:89:36:fb:34:9d:cf:82:e7:
         e8:99:97:9d:75:98:7b:78:81:f9:fc:64:21:b5:c3:e0:a1:f0:
         f7:9e:a7:bd:84:38:fd:0d:42:e1:2d:e2:d5:30:f0:87:26:b4:
         91:42:fc:09:f8:a8:d0:9c:c8:ff:ee:5e:c4:63:2c:8d:e5:e3:
         b4:c6:59:ec:8a:df:4f:24:cf:ea:f6:80:73:e0:06:d8:61:27:
         99:75:85:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDtb9KVOOrJmj5wYHxEMdvt4gOLQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAyMjU2WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZmNkNzFlOGMwYTFlZGQwYjllN2QwY2JkNTRhN2Q5NWNi
NzY2YmRhZDQzYzExN2FiMzQ2YmU0OTljZGE3ZjhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0za4Kbnf4jtSX+zmwY9iRCo7YZyJVMwsfteNkwPq8yoZM
sfLLcAgCY12Q57gDEiOdjVHligke/2EXgw5s0X+pQzeSnUW87cc0tRo394tVCLxb
MmtD8T7QCGM+OszfFfy94TT8wc/dB/s3zTIzzWi+R8f9RjPglKru1/q070R7mQnE
CTsa03PjoTqCJE/BG9oI4lSr/DpEYlbH8Chqh45Ofgl4K/3haQ8OXkUxjkOA4uAg
nQCOwA3bWDrePWeehE4uCoSwSr+Joc4vnVE5y+Yjp8N2Q9tzyIUqnuglFEn9YirV
oDXOPyiFjYknwOKhs6jMyApWk4t5OxYY4B6Ww3Y/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU73IJWtoCsoO6IJuN4yz1UONO1pcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmMGIwNDhkLTIzMDUtNDNkMy1hNDc0LTBlMDk1YWI3ZTA5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARFNcAwDQYJKoZIhvcNAQELBQADggEBAIpWuMtC3ClsKdvVp1Cc1QLjBan2
iBPP7SDy2co2vJpwec1z57uIoGrMFtfJSa4iletfJHd4qRhdne3NRS/EQEFBdrZq
nD7PZY3gpmbSoJ10eMD7m5UUrw7nXq+jP1Epeigay9zgqsqrZJHNrp8KQCwrURnH
eMU0h7AH/S1qYla/mfPEZUS4MLgpTpnFuP74hdKDIa9Yd/WmR7bgoCSJpCIZe6G4
gRzp6tK6Mp2JNvs0nc+C5+iZl511mHt4gfn8ZCG1w+Ch8Peep72EOP0NQuEt4tUw
8IcmtJFC/An4qNCcyP/uXsRjLI3l47TGWeyK308kz+r2gHPgBthhJ5l1hRo=
-----END CERTIFICATE-----