Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6180caee-ed00-4870-a7a1-8606e433e128.roa
File:                     6180caee-ed00-4870-a7a1-8606e433e128.roa (raw, json)
Hash identifier:          cIC2NSxEh7cuHIdzqtxaha0piRupuftCoWleTcxXDaA=
Subject key identifier:   3F:2B:AE:6D:99:14:61:87:FA:F9:1C:52:BD:46:E0:BC:99:00:D1:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D08BD09CFE23736DFFF0B11848764378FED8DBE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6180caee-ed00-4870-a7a1-8606e433e128.roa
Signing time:             Fri 10 Oct 2025 00:21:26 +0000
ROA not before:           Fri 10 Oct 2025 00:21:26 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.62.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:08:bd:09:cf:e2:37:36:df:ff:0b:11:84:87:64:37:8f:ed:8d:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 00:21:26 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=abb67ef052cfeae6f95d5e43ce39294b59f8e3fa8c0ae8e388b5035427075a4f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:bb:d7:cb:6f:35:0e:2c:95:77:ef:54:5b:95:
                    21:90:2e:2d:f0:9d:47:2c:1a:97:4f:04:4c:b6:fc:
                    b6:a8:c3:fc:bd:df:eb:85:aa:08:4e:c9:28:69:b1:
                    e0:ee:37:71:1e:9d:e7:47:d3:87:f1:76:d9:b2:3a:
                    3d:aa:8f:f3:5a:af:ed:b1:62:11:ee:48:1e:81:0d:
                    82:e8:fb:5e:75:da:85:88:b1:1e:e6:ed:ab:e4:38:
                    70:e8:4a:db:b4:1a:83:10:1a:1c:7b:1a:ec:bd:55:
                    8f:fd:b5:48:d9:10:4f:a9:a0:a8:28:c7:29:24:05:
                    8f:34:b4:e7:39:f4:ab:bf:f3:3f:29:dd:2b:fe:93:
                    37:c1:af:51:dd:80:ad:88:e4:e8:ad:a5:4f:c4:26:
                    74:76:b8:a0:6f:97:10:2e:1e:61:3c:c4:47:68:8f:
                    3b:01:ff:b2:80:43:d3:27:77:3b:09:66:51:5a:52:
                    af:38:5b:fe:27:99:a7:54:9a:59:99:a6:ae:ee:3c:
                    d9:af:97:34:71:5e:0f:66:68:51:f1:1a:79:43:a5:
                    ad:c7:27:b5:7b:bd:91:88:f2:a3:5a:f1:b8:a3:b3:
                    39:1a:27:91:db:64:3d:68:b6:fb:05:53:d7:ba:12:
                    4b:b0:e7:25:71:84:cd:1d:d8:7b:97:0d:19:90:90:
                    eb:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:2B:AE:6D:99:14:61:87:FA:F9:1C:52:BD:46:E0:BC:99:00:D1:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6180caee-ed00-4870-a7a1-8606e433e128.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:05:84:44:6c:d1:41:e1:b2:37:f5:c5:c3:53:0c:b1:c1:48:
         8c:00:0e:ff:8f:37:13:60:f0:1d:97:23:db:29:c2:46:14:37:
         74:e8:49:bf:d2:60:8d:6f:67:a9:c1:3c:9f:35:8b:75:bf:61:
         6b:de:38:04:ef:d4:24:40:64:ae:07:70:eb:d9:9b:09:7c:fa:
         84:1c:31:b7:de:7b:6c:1e:4f:0a:cd:71:d5:50:c4:88:4d:10:
         94:0f:09:3d:03:d7:65:e5:15:20:20:d7:d3:ae:50:fc:fd:14:
         7e:59:d2:32:db:2e:d6:c5:ac:b7:e8:f3:29:84:37:32:13:07:
         70:c2:f7:51:bc:7e:4f:d6:57:36:96:4a:96:ee:f6:da:53:24:
         cc:f2:75:01:86:55:33:26:6f:2c:d4:99:0e:42:5c:c6:7b:5e:
         88:f9:0b:b3:64:f7:11:33:f9:40:4b:c1:21:6b:36:1c:c8:86:
         dc:92:f3:61:84:0c:cf:9c:2e:f6:e1:72:af:3c:1b:66:c1:6c:
         89:f6:d9:bd:6b:07:b3:86:4d:2b:ff:f1:3e:02:8d:75:e2:14:
         01:22:f2:d6:48:5c:91:7a:02:5e:85:5d:25:3d:02:3f:dc:1b:
         34:14:f6:ca:e6:b6:aa:42:83:ed:57:3b:b2:ec:fc:06:29:5e:
         6c:81:88:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbQi9Cc/iNzbf/wsRhIdkN4/tjb4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAyMTI2WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYmI2N2VmMDUyY2ZlYWU2Zjk1ZDVlNDNjZTM5Mjk0YjU5
ZjhlM2ZhOGMwYWU4ZTM4OGI1MDM1NDI3MDc1YTRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0u9fLbzUOLJV371RblSGQLi3wnUcsGpdPBEy2/Laow/y9
3+uFqghOyShpseDuN3EenedH04fxdtmyOj2qj/Nar+2xYhHuSB6BDYLo+1512oWI
sR7m7avkOHDoStu0GoMQGhx7Guy9VY/9tUjZEE+poKgoxykkBY80tOc59Ku/8z8p
3Sv+kzfBr1HdgK2I5OitpU/EJnR2uKBvlxAuHmE8xEdojzsB/7KAQ9MndzsJZlFa
Uq84W/4nmadUmlmZpq7uPNmvlzRxXg9maFHxGnlDpa3HJ7V7vZGI8qNa8bijszka
J5HbZD1otvsFU9e6Ekuw5yVxhM0d2HuXDRmQkOsJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPyuubZkUYYf6+RxSvUbgvJkA0d0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYxODBjYWVlLWVkMDAtNDg3MC1hN2ExLTg2MDZlNDMzZTEyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABODD4wDQYJKoZIhvcNAQELBQADggEBAKMFhERs0UHhsjf1xcNTDLHBSIwA
Dv+PNxNg8B2XI9spwkYUN3ToSb/SYI1vZ6nBPJ81i3W/YWveOATv1CRAZK4HcOvZ
mwl8+oQcMbfee2weTwrNcdVQxIhNEJQPCT0D12XlFSAg19OuUPz9FH5Z0jLbLtbF
rLfo8ymENzITB3DC91G8fk/WVzaWSpbu9tpTJMzydQGGVTMmbyzUmQ5CXMZ7Xoj5
C7Nk9xEz+UBLwSFrNhzIhtyS82GEDM+cLvbhcq88G2bBbIn22b1rB7OGTSv/8T4C
jXXiFAEi8tZIXJF6Al6FXSU9Aj/cGzQU9srmtqpCg+1XO7Ls/AYpXmyBiIE=
-----END CERTIFICATE-----