Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5307b426-3578-4099-8905-82473e6dd0a6.roa
File:                     5307b426-3578-4099-8905-82473e6dd0a6.roa (raw, json)
Hash identifier:          O34CfC8cGv8RISufkmJbncix29OvcpNozo6h0gHeraU=
Subject key identifier:   EA:1F:15:49:01:E2:1F:33:77:3F:A7:5B:73:16:DF:44:BA:04:6C:7A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       160BAC6733C573632BAED5FCD4B1ADA7B7CA91C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5307b426-3578-4099-8905-82473e6dd0a6.roa
Signing time:             Mon 06 Oct 2025 15:39:00 +0000
ROA not before:           Mon 06 Oct 2025 15:39:00 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.72.209.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:0b:ac:67:33:c5:73:63:2b:ae:d5:fc:d4:b1:ad:a7:b7:ca:91:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:39:00 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=0ba0384603364f36636df547dbbfb045522427558a3826e416d53c9a97d1a09d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ce:36:85:b1:b4:69:9e:ff:5f:08:80:c1:45:
                    d9:61:c6:b6:4a:d7:ae:fd:c0:2b:1d:3d:a7:6f:80:
                    18:cc:90:39:66:0a:62:75:4c:4f:44:93:7f:5b:e7:
                    74:51:bd:9c:42:bc:78:37:62:b6:d5:48:2e:3a:10:
                    7d:89:cd:68:74:02:8b:77:45:e7:77:cc:41:2b:17:
                    7b:6d:7b:50:7f:89:d1:f1:e8:67:e6:e8:aa:1f:e6:
                    a5:a4:ac:9a:dc:23:24:dd:56:fc:ce:ff:10:50:19:
                    c5:5c:ba:d7:8f:69:10:43:c0:bc:fc:74:ec:41:71:
                    d1:9b:ed:97:45:da:11:9b:9b:51:6c:30:62:ea:63:
                    78:99:c8:a9:6d:db:4b:67:0d:dd:05:04:84:3a:8a:
                    41:b5:52:99:e8:32:f4:af:f4:f5:a9:d8:9c:42:8a:
                    0b:bd:ff:94:1c:16:6d:52:cf:08:79:eb:79:61:11:
                    d7:6e:2f:9b:5d:45:8c:a1:78:26:ec:91:76:c8:9a:
                    8a:54:54:6f:7d:e1:92:67:d0:71:ad:d0:00:8e:04:
                    8f:6e:3f:a5:7f:31:fa:f4:24:66:61:19:6c:9e:6f:
                    6a:26:46:96:85:8b:69:ec:30:ca:a9:ff:20:7d:cc:
                    81:e6:74:88:bf:91:5e:1b:51:da:43:23:34:7e:43:
                    4c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:1F:15:49:01:E2:1F:33:77:3F:A7:5B:73:16:DF:44:BA:04:6C:7A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5307b426-3578-4099-8905-82473e6dd0a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.72.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:a9:e7:95:b4:0c:32:c0:4d:47:82:cd:57:b7:44:79:b4:81:
         23:0c:ca:36:e4:33:c3:e3:3c:7e:32:fa:63:bb:97:3d:98:d2:
         bc:52:ef:06:8d:8e:f0:b3:33:dc:c9:e1:b9:2b:be:71:fe:81:
         00:c0:c4:44:21:7d:f3:a0:61:14:8a:aa:0a:6d:6f:03:71:23:
         93:92:cd:b4:45:7b:3e:85:32:ce:ff:91:ee:1e:29:d5:33:07:
         96:6f:e2:db:fb:31:ec:f7:c5:35:b0:91:87:a2:81:40:ef:fd:
         35:c9:dc:3f:14:7d:86:e3:7b:cc:7e:1a:00:4a:01:4a:ea:19:
         96:d1:3c:ca:5f:7d:4d:c6:17:12:36:09:1a:a7:e5:8f:69:b7:
         e8:2a:bf:29:bc:a3:e1:38:c9:cb:39:e6:a9:f8:be:36:2a:de:
         99:b0:38:48:32:d7:4b:63:40:17:f3:99:d7:d1:3c:4e:d5:64:
         54:20:6d:f3:a5:c4:a2:39:6f:58:28:68:69:b4:6c:cc:bd:6c:
         4b:c3:57:bc:25:97:ac:cc:30:9f:0b:a1:9d:b2:e9:4f:4c:c9:
         ce:d8:0b:5b:8a:2f:ca:fe:34:0e:fe:02:f3:16:67:a9:cd:f5:
         83:1e:a7:2b:f2:0c:6a:c8:b4:de:7b:c8:70:a9:e5:d6:1a:fe:
         9c:ae:48:96
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFgusZzPFc2MrrtX81LGtp7fKkcUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUzOTAwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmEwMzg0NjAzMzY0ZjM2NjM2ZGY1NDdkYmJmYjA0NTUy
MjQyNzU1OGEzODI2ZTQxNmQ1M2M5YTk3ZDFhMDlkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnzjaFsbRpnv9fCIDBRdlhxrZK1679wCsdPadvgBjMkDlm
CmJ1TE9Ek39b53RRvZxCvHg3YrbVSC46EH2JzWh0Aot3Red3zEErF3tte1B/idHx
6Gfm6Kof5qWkrJrcIyTdVvzO/xBQGcVcutePaRBDwLz8dOxBcdGb7ZdF2hGbm1Fs
MGLqY3iZyKlt20tnDd0FBIQ6ikG1UpnoMvSv9PWp2JxCigu9/5QcFm1Szwh563lh
EdduL5tdRYyheCbskXbImopUVG994ZJn0HGt0ACOBI9uP6V/Mfr0JGZhGWyeb2om
RpaFi2nsMMqp/yB9zIHmdIi/kV4bUdpDIzR+Q0ybAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6h8VSQHiHzN3P6dbcxbfRLoEbHowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzMDdiNDI2LTM1NzgtNDA5OS04OTA1LTgyNDczZTZkZDBhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADOSNEwDQYJKoZIhvcNAQELBQADggEBAJWp55W0DDLATUeCzVe3RHm0gSMM
yjbkM8PjPH4y+mO7lz2Y0rxS7waNjvCzM9zJ4bkrvnH+gQDAxEQhffOgYRSKqgpt
bwNxI5OSzbRFez6FMs7/ke4eKdUzB5Zv4tv7Mez3xTWwkYeigUDv/TXJ3D8UfYbj
e8x+GgBKAUrqGZbRPMpffU3GFxI2CRqn5Y9pt+gqvym8o+E4ycs55qn4vjYq3pmw
OEgy10tjQBfzmdfRPE7VZFQgbfOlxKI5b1goaGm0bMy9bEvDV7wll6zMMJ8LoZ2y
6U9Myc7YC1uKL8r+NA7+AvMWZ6nN9YMepyvyDGrItN57yHCp5dYa/pyuSJY=
-----END CERTIFICATE-----