Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa
File:                     65b2ca30-4204-45d1-b5e7-a65a4f605125.roa (raw, json)
Hash identifier:          Sw5x2gKTu79GmHimjmxFagmAuJl8inLo3auzj5uA2Dk=
Subject key identifier:   D9:13:05:7D:6A:24:AD:0E:96:E4:BD:6B:B9:51:20:85:AC:99:27:45
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68D5F2482C077E7433522408C598D35B72F071E1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa
Signing time:             Mon 06 Oct 2025 15:39:59 +0000
ROA not before:           Mon 06 Oct 2025 15:39:59 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     22394
IP address blocks:        139.56.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:d5:f2:48:2c:07:7e:74:33:52:24:08:c5:98:d3:5b:72:f0:71:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:39:59 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=04047eafb4dd81875da37e57d008b07303583eee5c12161c4ffc23323f9f7c29, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:12:e4:5d:ce:74:7f:6f:47:89:b4:00:02:52:
                    1e:3d:3a:9c:f5:fa:3d:e7:33:16:f3:78:c7:23:16:
                    c2:b0:15:af:3b:4c:70:7c:a6:7e:b0:29:f4:78:fa:
                    95:ea:45:05:55:af:7f:98:fa:d4:5e:f4:25:ef:aa:
                    7e:d6:3c:3a:7c:7c:c4:8c:67:99:c4:d1:58:ea:2a:
                    47:1e:09:ba:1c:6b:43:29:23:fe:53:0d:48:98:ef:
                    ba:05:d6:8a:98:5b:e6:d6:5a:77:7a:c6:ce:3f:f2:
                    c1:e0:3b:d8:94:2f:e2:6e:02:7b:b0:bc:6d:ae:3b:
                    71:5c:fb:4e:1b:76:94:d4:33:9b:ee:db:ff:37:1c:
                    7e:18:ba:ce:41:fc:06:57:0e:49:36:ab:8b:fb:70:
                    a0:21:cc:11:4f:f2:12:5a:cd:b8:30:c3:42:1d:8b:
                    68:48:14:1a:07:6f:a1:4d:62:ea:c5:b7:be:59:fb:
                    9b:7c:f2:a2:9e:91:16:59:f1:e7:9c:57:5c:7b:39:
                    f6:e7:a8:60:2b:56:67:2d:f4:50:b8:5e:50:52:45:
                    b9:b3:b4:d7:d8:a5:51:ef:1e:81:21:82:d3:aa:61:
                    9f:81:18:2c:cc:82:af:80:68:58:bb:cc:80:5f:ef:
                    86:82:a8:92:89:88:fe:4c:12:21:88:70:63:65:0b:
                    1d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:13:05:7D:6A:24:AD:0E:96:E4:BD:6B:B9:51:20:85:AC:99:27:45
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.56.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         51:70:2c:4f:58:31:9d:4b:7a:3e:03:7c:37:d9:06:b0:60:e0:
         75:86:79:f8:6f:14:48:13:a1:24:b5:52:69:d3:6b:0a:23:65:
         05:94:a8:e0:a9:94:8b:44:07:5d:7b:8b:26:0b:ab:0f:cf:09:
         d1:98:c5:ad:c9:3b:a6:42:e5:24:ff:ce:8b:ed:4c:8b:6d:82:
         0f:db:50:42:78:a2:56:27:76:72:a4:9e:4b:7d:f3:22:08:b5:
         c9:7d:c0:fb:7d:68:d4:41:07:2d:e5:bd:bd:4c:73:f3:40:ec:
         eb:8c:bc:a5:fc:ed:c5:f2:89:95:0b:d0:b6:fd:fc:67:79:4b:
         8f:33:7c:34:27:5d:07:8a:5c:a7:b3:ec:91:63:e3:d5:88:81:
         f0:1c:11:b7:6d:49:d8:6a:c4:08:44:25:70:c7:3e:4b:76:da:
         fe:ff:bc:6b:a9:64:0c:b0:30:17:83:f6:f6:cc:fd:cc:c6:f7:
         e9:49:a3:f5:ed:fa:6d:2f:b9:01:3b:f5:df:80:10:03:19:20:
         b1:98:d9:31:78:3a:49:56:b0:fc:ed:8d:99:47:dc:7b:6f:7b:
         e6:6a:c8:9d:c2:b0:61:0f:dc:80:9a:a8:46:57:ae:69:11:71:
         4e:3e:bd:ce:60:df:b5:d7:90:b9:47:4a:26:76:4a:c1:b3:d3:
         a9:8a:de:e3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaNXySCwHfnQzUiQIxZjTW3LwceEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUzOTU5WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDA0N2VhZmI0ZGQ4MTg3NWRhMzdlNTdkMDA4YjA3MzAz
NTgzZWVlNWMxMjE2MWM0ZmZjMjMzMjNmOWY3YzI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOEuRdznR/b0eJtAACUh49Opz1+j3nMxbzeMcjFsKwFa87
THB8pn6wKfR4+pXqRQVVr3+Y+tRe9CXvqn7WPDp8fMSMZ5nE0VjqKkceCboca0Mp
I/5TDUiY77oF1oqYW+bWWnd6xs4/8sHgO9iUL+JuAnuwvG2uO3Fc+04bdpTUM5vu
2/83HH4Yus5B/AZXDkk2q4v7cKAhzBFP8hJazbgww0Idi2hIFBoHb6FNYurFt75Z
+5t88qKekRZZ8eecV1x7OfbnqGArVmct9FC4XlBSRbmztNfYpVHvHoEhgtOqYZ+B
GCzMgq+AaFi7zIBf74aCqJKJiP5MEiGIcGNlCx17AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2RMFfWokrQ6W5L1ruVEghayZJ0UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1YjJjYTMwLTQyMDQtNDVkMS1iNWU3LWE2NWE0ZjYwNTEyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCLODANBgkqhkiG9w0BAQsFAAOCAQEAUXAsT1gxnUt6PgN8N9kGsGDgdYZ5
+G8USBOhJLVSadNrCiNlBZSo4KmUi0QHXXuLJgurD88J0ZjFrck7pkLlJP/Oi+1M
i22CD9tQQniiVid2cqSeS33zIgi1yX3A+31o1EEHLeW9vUxz80Ds64y8pfztxfKJ
lQvQtv38Z3lLjzN8NCddB4pcp7PskWPj1YiB8BwRt21J2GrECEQlcMc+S3ba/v+8
a6lkDLAwF4P29sz9zMb36Umj9e36bS+5ATv134AQAxkgsZjZMXg6SVaw/O2NmUfc
e2975mrIncKwYQ/cgJqoRleuaRFxTj69zmDftdeQuUdKJnZKwbPTqYre4w==
-----END CERTIFICATE-----