Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53b17fec-62d5-4132-9af4-c06b4ca233e5.roa
File:                     53b17fec-62d5-4132-9af4-c06b4ca233e5.roa (raw, json)
Hash identifier:          CBOX7Djetw+l3m5B5nVVxIC57lPnBMY4BpkbEWfyWo4=
Subject key identifier:   73:84:D7:97:D6:71:7C:41:8B:D8:6B:7A:43:F5:90:6B:99:41:E9:FA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       511D93F967405EDC13767AE3FD53E2CD2E5972EB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53b17fec-62d5-4132-9af4-c06b4ca233e5.roa
Signing time:             Mon 06 Oct 2025 16:22:14 +0000
ROA not before:           Mon 06 Oct 2025 16:22:14 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.144.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:1d:93:f9:67:40:5e:dc:13:76:7a:e3:fd:53:e2:cd:2e:59:72:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:22:14 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=d47643bb4627739349cbc5ba5d69f3f169ec394c6e3b4aa4edc74881bea88e03, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:83:b5:b7:34:a7:a4:44:fe:7f:a4:0d:b3:4b:
                    40:32:61:35:2b:42:4c:1b:93:1a:0b:52:20:cc:67:
                    ab:1b:f5:02:a6:c9:b9:16:72:85:4b:10:55:38:c4:
                    43:66:90:17:7e:d2:4d:36:78:17:33:8e:e3:ce:df:
                    53:c9:50:db:1e:61:45:f6:3c:17:c5:fc:61:76:76:
                    99:61:5c:a8:37:64:f4:d3:ca:1d:70:62:1b:4c:b8:
                    34:db:bb:36:89:7b:9e:b9:59:d0:0a:62:13:8c:60:
                    de:f3:ac:aa:22:65:69:84:f0:22:b2:3c:71:1a:97:
                    a4:78:d4:31:0f:d9:9e:eb:56:d3:4c:10:d6:f6:9d:
                    68:0f:58:75:c6:f4:b6:8d:c6:ab:c1:bc:57:43:73:
                    ea:53:e1:b0:27:f0:92:12:60:ee:a4:af:04:c7:af:
                    8c:f3:75:f2:d6:78:f9:98:be:bf:f9:4c:52:f4:1b:
                    6f:98:64:46:9e:c2:c0:51:80:04:8c:02:12:60:3c:
                    0b:d4:21:14:55:d4:bb:e1:8f:fc:21:62:42:8f:32:
                    d0:b5:be:79:b4:11:07:71:bd:52:22:9f:76:0c:e8:
                    db:14:58:ec:1b:b9:0a:df:7a:63:dd:cb:ab:47:95:
                    1b:b1:66:8e:71:2b:85:2a:b3:b5:e0:c0:f0:6d:5a:
                    bf:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:84:D7:97:D6:71:7C:41:8B:D8:6B:7A:43:F5:90:6B:99:41:E9:FA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/53b17fec-62d5-4132-9af4-c06b4ca233e5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:d2:b8:31:87:b9:25:6f:0e:a5:40:df:f3:eb:bb:b7:74:83:
         46:36:a3:8f:eb:72:1a:74:0d:b9:69:cc:b4:f4:49:a0:0a:68:
         48:ee:7b:ae:df:6c:d9:5b:8a:0e:30:98:6b:dc:7b:8b:9f:15:
         bf:f6:3b:8d:3e:93:36:de:0b:10:cb:37:57:22:76:55:2b:a0:
         d1:6c:e9:81:83:b0:97:a1:11:01:85:71:a8:09:40:7a:ce:fd:
         8b:c2:fd:5f:e1:ea:83:87:a4:51:c9:cc:08:08:44:b5:69:32:
         ec:d8:61:26:b4:d3:5b:c7:61:8c:9c:f3:00:d9:a4:35:53:ac:
         50:5f:5e:cd:16:68:55:19:59:20:05:bd:4a:30:37:f6:84:d5:
         43:a1:ea:a1:76:6c:65:df:d8:1c:17:1a:db:18:c7:da:c2:10:
         d2:78:c1:4b:a0:d8:8a:eb:94:98:3f:07:b1:ce:82:21:2c:6d:
         e0:54:61:6a:28:51:d1:ea:32:00:13:c4:b5:42:10:00:16:e9:
         95:2d:34:1b:89:bc:e4:5a:46:0e:d4:5d:27:fd:32:8c:53:bd:
         41:5b:e6:66:cf:7d:6c:91:a3:c2:8d:ee:8c:c5:9e:6c:19:ba:
         ae:e8:96:56:f6:ca:bc:40:6a:8b:dd:01:e3:ea:ec:03:3c:e9:
         68:36:10:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUR2T+WdAXtwTdnrj/VPizS5ZcuswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYyMjE0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNDc2NDNiYjQ2Mjc3MzkzNDljYmM1YmE1ZDY5ZjNmMTY5
ZWMzOTRjNmUzYjRhYTRlZGM3NDg4MWJlYTg4ZTAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/g7W3NKekRP5/pA2zS0AyYTUrQkwbkxoLUiDMZ6sb9QKm
ybkWcoVLEFU4xENmkBd+0k02eBczjuPO31PJUNseYUX2PBfF/GF2dplhXKg3ZPTT
yh1wYhtMuDTbuzaJe565WdAKYhOMYN7zrKoiZWmE8CKyPHEal6R41DEP2Z7rVtNM
ENb2nWgPWHXG9LaNxqvBvFdDc+pT4bAn8JISYO6krwTHr4zzdfLWePmYvr/5TFL0
G2+YZEaewsBRgASMAhJgPAvUIRRV1Lvhj/whYkKPMtC1vnm0EQdxvVIin3YM6NsU
WOwbuQrfemPdy6tHlRuxZo5xK4Uqs7XgwPBtWr/vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUc4TXl9ZxfEGL2Gt6Q/WQa5lB6fowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzYjE3ZmVjLTYyZDUtNDEzMi05YWY0LWMwNmI0Y2EyMzNlNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIyEpAwDQYJKoZIhvcNAQELBQADggEBAHrSuDGHuSVvDqVA3/Pru7d0g0Y2
o4/rchp0DblpzLT0SaAKaEjue67fbNlbig4wmGvce4ufFb/2O40+kzbeCxDLN1ci
dlUroNFs6YGDsJehEQGFcagJQHrO/YvC/V/h6oOHpFHJzAgIRLVpMuzYYSa001vH
YYyc8wDZpDVTrFBfXs0WaFUZWSAFvUowN/aE1UOh6qF2bGXf2BwXGtsYx9rCENJ4
wUug2IrrlJg/B7HOgiEsbeBUYWooUdHqMgATxLVCEAAW6ZUtNBuJvORaRg7UXSf9
MoxTvUFb5mbPfWyRo8KN7ozFnmwZuq7ollb2yrxAaovdAePq7AM86Wg2EHA=
-----END CERTIFICATE-----