Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f566ba-b5cc-4528-8df7-1206338b802a.roa
File:                     51f566ba-b5cc-4528-8df7-1206338b802a.roa (raw, json)
Hash identifier:          z0PDy+Np3EkbfS0ssX6VqOXU7ebjZyr3UjJYf2QFMEM=
Subject key identifier:   14:3F:14:0A:87:A5:4A:B3:0E:6F:0F:71:38:92:36:E3:03:27:22:03
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0626D32E4781D89E9275269AD25299DDE63B3F7D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f566ba-b5cc-4528-8df7-1206338b802a.roa
Signing time:             Fri 03 Oct 2025 00:03:11 +0000
ROA not before:           Fri 03 Oct 2025 00:03:11 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        209.92.69.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:26:d3:2e:47:81:d8:9e:92:75:26:9a:d2:52:99:dd:e6:3b:3f:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:03:11 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=d15f349dfa17f6b46dfffa07ffc853d59b549eac30a09b1b010368228469f02d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d6:81:f5:1d:50:a6:4d:86:4d:be:ce:e2:6e:
                    e5:ef:84:cb:2f:20:c9:1d:dc:88:0d:0f:a0:10:50:
                    25:0c:76:2b:02:3b:aa:bf:7b:7a:1b:11:d2:d5:26:
                    1b:31:b7:7c:e6:72:19:8b:d5:a9:aa:83:98:7a:b5:
                    fb:b8:e3:09:f1:38:d5:cf:a5:f8:9b:fc:30:2e:9d:
                    d0:0f:82:39:55:a5:ae:13:86:4b:6c:bc:03:f1:b7:
                    a9:7c:73:47:44:80:d2:8b:83:5a:16:0a:72:92:b0:
                    b2:41:52:ff:8a:08:c2:42:56:3d:d0:bb:8b:67:ed:
                    88:cb:9b:18:56:c4:d0:13:3f:9d:8c:72:16:3f:c4:
                    46:73:a6:17:04:8e:70:e6:1b:87:d7:bd:2e:b2:43:
                    c5:ca:8b:0a:64:9a:bb:37:bf:e8:f4:c2:c0:cf:83:
                    8c:28:6e:cd:f8:ba:5c:d0:8e:3b:18:be:d8:f1:15:
                    0e:88:88:52:3a:ad:d4:59:d2:1b:f1:a5:e4:84:87:
                    e4:5d:13:2b:c6:fe:18:22:d5:b9:ab:30:ef:fa:d8:
                    13:d4:6b:b0:0d:34:15:83:38:3a:96:07:18:25:07:
                    a2:57:0a:4f:a2:d7:cb:eb:87:54:ae:8e:8c:ec:56:
                    cb:df:77:58:41:df:6b:1e:81:dd:2d:ad:8b:af:c0:
                    c7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:3F:14:0A:87:A5:4A:B3:0E:6F:0F:71:38:92:36:E3:03:27:22:03
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f566ba-b5cc-4528-8df7-1206338b802a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.92.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:10:f0:12:92:1c:8b:b1:62:d6:7a:bb:4e:6e:ce:51:0f:13:
         17:4f:41:3f:26:ca:ee:c8:9e:54:7d:b3:e5:40:92:8b:4d:04:
         37:e1:cf:93:1b:a6:1b:21:cb:a4:eb:96:5e:c2:30:34:84:ab:
         c9:6b:00:f7:7b:0c:09:10:bc:ac:92:be:54:e7:7c:9b:68:2c:
         a3:c6:28:00:7a:18:e1:c7:ae:38:eb:1e:fe:5a:08:73:bf:99:
         7e:d8:f5:9a:9c:f3:20:fd:57:63:f7:25:97:64:8c:c7:5e:b1:
         34:b5:10:98:64:93:39:2c:51:08:45:52:48:59:49:e9:ba:2b:
         7d:8d:bb:18:fe:0d:02:e9:ff:40:75:ed:de:c9:94:4b:a6:fd:
         fa:ff:d0:3c:5a:a1:9a:56:7d:6f:13:c6:29:d3:ad:ae:e2:c6:
         33:9e:29:28:24:23:64:05:80:12:20:0c:44:4f:70:9b:00:0b:
         d6:2b:7d:0a:ef:54:f6:6f:ef:d6:3b:81:12:ea:ae:95:49:a3:
         16:12:74:17:04:6f:9c:28:10:ee:14:26:d8:be:fa:50:73:9a:
         15:2b:90:70:e3:6d:66:d1:d3:1f:77:9d:63:56:96:10:b6:7e:
         b5:e0:19:bd:cf:89:82:7c:12:23:9b:2a:23:6c:66:6c:42:ee:
         7f:1b:bb:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBibTLkeB2J6SdSaa0lKZ3eY7P30wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAwMzExWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTVmMzQ5ZGZhMTdmNmI0NmRmZmZhMDdmZmM4NTNkNTli
NTQ5ZWFjMzBhMDliMWIwMTAzNjgyMjg0NjlmMDJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL1oH1HVCmTYZNvs7ibuXvhMsvIMkd3IgND6AQUCUMdisC
O6q/e3obEdLVJhsxt3zmchmL1amqg5h6tfu44wnxONXPpfib/DAundAPgjlVpa4T
hktsvAPxt6l8c0dEgNKLg1oWCnKSsLJBUv+KCMJCVj3Qu4tn7YjLmxhWxNATP52M
chY/xEZzphcEjnDmG4fXvS6yQ8XKiwpkmrs3v+j0wsDPg4wobs34ulzQjjsYvtjx
FQ6IiFI6rdRZ0hvxpeSEh+RdEyvG/hgi1bmrMO/62BPUa7ANNBWDODqWBxglB6JX
Ck+i18vrh1SujozsVsvfd1hB32segd0trYuvwMcjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFD8UCoelSrMObw9xOJI24wMnIgMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxZjU2NmJhLWI1Y2MtNDUyOC04ZGY3LTEyMDYzMzhiODAyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADRXEUwDQYJKoZIhvcNAQELBQADggEBALkQ8BKSHIuxYtZ6u05uzlEPExdP
QT8myu7InlR9s+VAkotNBDfhz5Mbphshy6Trll7CMDSEq8lrAPd7DAkQvKySvlTn
fJtoLKPGKAB6GOHHrjjrHv5aCHO/mX7Y9Zqc8yD9V2P3JZdkjMdesTS1EJhkkzks
UQhFUkhZSem6K32Nuxj+DQLp/0B17d7JlEum/fr/0DxaoZpWfW8TxinTra7ixjOe
KSgkI2QFgBIgDERPcJsAC9YrfQrvVPZv79Y7gRLqrpVJoxYSdBcEb5woEO4UJti+
+lBzmhUrkHDjbWbR0x93nWNWlhC2frXgGb3PiYJ8EiObKiNsZmxC7n8bu9w=
-----END CERTIFICATE-----