Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5af66b92-7c00-4307-9785-0c5ccb72cbb6.roa
File:                     5af66b92-7c00-4307-9785-0c5ccb72cbb6.roa (raw, json)
Hash identifier:          FohvgQfMUf8WCuhq3YgYbsFt0Td8qgUa7x2ktmLEtjk=
Subject key identifier:   43:C5:44:ED:90:5B:8C:96:76:26:70:37:EB:09:8F:C9:34:BE:CE:EC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       54848759B5BDCDC43DEBDFB98E5603FB5EA2D06E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5af66b92-7c00-4307-9785-0c5ccb72cbb6.roa
Signing time:             Mon 06 Oct 2025 16:11:11 +0000
ROA not before:           Mon 06 Oct 2025 16:11:11 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.213.98.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:84:87:59:b5:bd:cd:c4:3d:eb:df:b9:8e:56:03:fb:5e:a2:d0:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:11:11 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=ae45029e021cedf8e7cdcb03d401927dfa80aca1988f3ee8de475f00e394cf9c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4d:e6:c1:58:2e:9c:df:82:df:5a:5c:70:b1:
                    f4:a8:b9:d4:7e:ea:22:27:df:84:a6:a8:27:16:a2:
                    7d:d2:cf:3a:24:6c:3c:57:12:ad:ad:91:e8:76:df:
                    84:e2:eb:f9:97:c8:d4:f7:a3:c0:97:8b:61:99:ac:
                    f0:6d:aa:72:89:72:bc:2d:b6:6b:8d:c0:42:03:6b:
                    75:cb:88:4a:de:7e:dd:10:a1:d4:d9:ee:11:9f:08:
                    0c:1c:e6:e2:5d:8c:d2:e1:36:23:4c:d5:f3:08:c4:
                    ec:42:fc:a4:2e:0a:83:e3:3a:49:7c:3e:1d:a4:e5:
                    ff:b0:c6:2b:98:37:95:ff:7b:cf:c3:52:1c:ef:9e:
                    91:f7:f2:c7:01:c9:f3:c6:79:ab:53:55:b1:2b:5b:
                    b2:21:bc:c6:c0:48:d8:d7:05:a3:72:e2:71:bc:47:
                    84:14:43:a7:c0:3b:8c:eb:3b:dc:7f:08:ac:b4:93:
                    82:a5:d9:18:30:13:b0:e9:e4:09:6d:bb:7b:c8:f8:
                    91:47:1d:00:a8:68:2a:9e:81:9f:d3:76:15:f3:0a:
                    d3:3b:b4:43:22:c5:1a:e6:73:fb:66:b1:7f:c5:d0:
                    d9:e0:a9:b9:8e:2b:c2:9f:e2:92:c1:30:7f:6d:a1:
                    c1:bc:d8:35:39:df:84:63:15:c1:f9:5f:bd:43:2a:
                    67:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:C5:44:ED:90:5B:8C:96:76:26:70:37:EB:09:8F:C9:34:BE:CE:EC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5af66b92-7c00-4307-9785-0c5ccb72cbb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.213.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:50:ac:62:ab:c3:c9:82:cd:12:90:39:4b:4e:d8:57:51:2e:
         de:7e:98:c1:37:16:a2:9d:c7:e3:dd:2b:5f:75:b2:aa:1a:bb:
         b3:5e:bd:af:17:85:8f:63:cb:8f:f5:4e:2c:ee:b5:61:30:03:
         53:15:8e:5c:71:df:1e:36:97:7c:e6:a4:52:57:57:93:f0:ab:
         76:71:f8:b2:db:44:73:e6:bf:ff:5e:23:62:32:09:f0:97:f7:
         e7:bf:3b:b5:e6:1d:77:e3:c1:06:f6:87:82:41:50:f7:31:53:
         12:9f:dd:9f:67:03:15:47:d1:90:21:f9:cd:77:f6:2b:ef:7e:
         75:e1:00:b2:94:e8:b4:cd:8c:c8:ea:d6:4d:96:e6:1c:74:0c:
         aa:c4:c5:4f:9a:6b:1c:81:ad:2d:65:f4:89:55:5d:ef:96:a8:
         b2:78:7e:4d:5b:9b:b7:93:96:96:1d:6a:ab:4a:07:bb:f7:03:
         8b:15:ce:f6:91:90:99:d9:9b:20:48:df:18:da:d7:fc:1e:42:
         aa:a9:6f:3f:38:66:84:18:f5:f9:ed:7e:5f:d2:a3:c6:f2:50:
         09:29:7e:33:61:66:dd:e0:9e:98:28:f6:e6:8b:93:96:eb:5b:
         a8:57:72:a9:57:3f:53:22:49:32:96:ae:8e:bd:8c:48:03:8d:
         33:f8:f5:78
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVISHWbW9zcQ969+5jlYD+16i0G4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYxMTExWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTQ1MDI5ZTAyMWNlZGY4ZTdjZGNiMDNkNDAxOTI3ZGZh
ODBhY2ExOTg4ZjNlZThkZTQ3NWYwMGUzOTRjZjljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuTebBWC6c34LfWlxwsfSoudR+6iIn34SmqCcWon3Szzok
bDxXEq2tkeh234Ti6/mXyNT3o8CXi2GZrPBtqnKJcrwttmuNwEIDa3XLiEreft0Q
odTZ7hGfCAwc5uJdjNLhNiNM1fMIxOxC/KQuCoPjOkl8Ph2k5f+wxiuYN5X/e8/D
UhzvnpH38scByfPGeatTVbErW7IhvMbASNjXBaNy4nG8R4QUQ6fAO4zrO9x/CKy0
k4Kl2RgwE7Dp5Altu3vI+JFHHQCoaCqegZ/TdhXzCtM7tEMixRrmc/tmsX/F0Nng
qbmOK8Kf4pLBMH9tocG82DU534RjFcH5X71DKmdRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ8VE7ZBbjJZ2JnA36wmPyTS+zuwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhZjY2YjkyLTdjMDAtNDMwNy05Nzg1LTBjNWNjYjcyY2JiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs1WIwDQYJKoZIhvcNAQELBQADggEBAE5QrGKrw8mCzRKQOUtO2FdRLt5+
mME3FqKdx+PdK191sqoau7Neva8XhY9jy4/1TizutWEwA1MVjlxx3x42l3zmpFJX
V5Pwq3Zx+LLbRHPmv/9eI2IyCfCX9+e/O7XmHXfjwQb2h4JBUPcxUxKf3Z9nAxVH
0ZAh+c139ivvfnXhALKU6LTNjMjq1k2W5hx0DKrExU+aaxyBrS1l9IlVXe+WqLJ4
fk1bm7eTlpYdaqtKB7v3A4sVzvaRkJnZmyBI3xja1/weQqqpbz84ZoQY9fntfl/S
o8byUAkpfjNhZt3gnpgo9uaLk5brW6hXcqlXP1MiSTKWro69jEgDjTP49Xg=
-----END CERTIFICATE-----