Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b264a8c-788f-4473-b1b8-67e1173f8a94.roa
File:                     6b264a8c-788f-4473-b1b8-67e1173f8a94.roa (raw, json)
Hash identifier:          PwiXoMpoKr8ItKXGHa2KgafgVaudAyJvDlBKS+Xm/dU=
Subject key identifier:   B5:6C:57:9C:29:AF:36:6A:9E:58:7D:AB:29:D8:3E:0F:6D:87:3C:BF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       76C16ABF53106B3BFA62096DEEFBD19C1BF5FCD5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b264a8c-788f-4473-b1b8-67e1173f8a94.roa
Signing time:             Fri 03 Oct 2025 00:11:57 +0000
ROA not before:           Fri 03 Oct 2025 00:11:57 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f01:4850::/47 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:c1:6a:bf:53:10:6b:3b:fa:62:09:6d:ee:fb:d1:9c:1b:f5:fc:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:11:57 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=dd72df9460941a09ec4d26ba95eed4ef2fd6b5c821fc081f13affad9fec9f723, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:56:ca:ea:74:4d:01:14:95:c8:5c:73:be:df:
                    d6:e8:45:76:46:5b:53:f4:63:71:01:7a:c0:d2:ca:
                    66:96:82:79:2a:0e:13:31:42:4d:48:be:30:47:9b:
                    db:4f:c7:d1:ce:fc:a3:32:55:5f:a7:09:28:39:4d:
                    19:ce:36:b1:0c:2b:fb:f5:6e:ea:82:01:97:4e:bf:
                    08:98:33:57:04:36:d1:c7:64:41:4f:9f:17:2c:bc:
                    01:c2:37:2d:6a:7b:ed:2b:cf:79:cc:b5:bd:52:8c:
                    c8:cd:d2:c6:0d:a0:29:29:46:e4:a7:17:32:cd:44:
                    ec:6e:b1:fb:e9:99:7a:d0:c8:ab:c7:f5:16:1d:db:
                    d9:ee:38:dd:71:16:a8:ba:a0:41:7d:11:61:56:80:
                    d8:8d:5a:44:90:82:f3:46:61:6c:07:5e:89:9f:83:
                    f3:c8:34:b0:6b:03:ae:f8:4a:73:83:8c:8a:f9:6f:
                    08:a1:c7:b5:4b:b0:e1:9d:fc:5e:74:76:d6:56:df:
                    bb:ea:17:48:c6:0b:02:fc:91:b0:77:cc:36:18:4f:
                    cd:ab:5a:f8:cd:76:9d:52:2c:34:ee:13:88:3f:a2:
                    55:12:83:bd:11:cb:bf:57:77:ca:7f:ac:0e:ef:e8:
                    f0:5b:08:01:ec:5c:48:d9:3e:65:ef:04:1e:66:51:
                    8d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:6C:57:9C:29:AF:36:6A:9E:58:7D:AB:29:D8:3E:0F:6D:87:3C:BF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b264a8c-788f-4473-b1b8-67e1173f8a94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f01:4850::/47

    Signature Algorithm: sha256WithRSAEncryption
         c9:2f:cc:34:37:2e:e7:ac:8e:82:dc:7d:9c:b7:84:a5:95:04:
         4e:6f:e0:56:23:51:92:51:46:9e:a9:48:2f:7b:e9:3f:a5:4c:
         9f:09:1f:3d:6f:9a:89:76:29:9e:84:15:ab:9c:46:4b:79:ae:
         5e:1b:5c:70:15:fa:7b:98:a2:ac:bd:e9:e7:b9:0a:54:8c:3e:
         c6:0d:38:52:95:dd:df:13:6e:90:cf:a8:23:fe:c4:90:d7:90:
         1c:db:e8:e9:9a:4f:f2:1f:4b:79:9e:77:dd:13:5c:12:0a:a1:
         ac:13:16:0f:d1:4a:c3:0c:21:af:e7:45:bc:17:6a:e5:56:71:
         52:31:38:07:de:2f:81:b8:c9:a6:ec:72:2d:86:e7:c1:24:9c:
         44:e7:d1:15:21:b3:e7:b2:af:fe:fe:ef:a1:8d:39:6c:ed:e7:
         78:3b:b2:10:bf:b6:1f:d8:1c:51:f9:c6:c0:e5:9c:87:41:33:
         be:63:1f:d5:84:22:d1:76:6c:ad:9a:e9:68:24:30:c3:58:03:
         c2:14:cd:f1:94:8f:11:a7:f9:30:aa:4a:1d:67:78:fb:a2:83:
         7c:c4:d3:10:a4:48:83:39:6c:34:43:b9:a2:64:dc:d9:c6:5a:
         2c:17:8c:8b:26:3e:37:b9:35:be:70:03:2f:51:8f:3a:9c:d0:
         dc:d6:53:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdsFqv1MQazv6Yglt7vvRnBv1/NUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAxMTU3WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDcyZGY5NDYwOTQxYTA5ZWM0ZDI2YmE5NWVlZDRlZjJm
ZDZiNWM4MjFmYzA4MWYxM2FmZmFkOWZlYzlmNzIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfVsrqdE0BFJXIXHO+39boRXZGW1P0Y3EBesDSymaWgnkq
DhMxQk1IvjBHm9tPx9HO/KMyVV+nCSg5TRnONrEMK/v1buqCAZdOvwiYM1cENtHH
ZEFPnxcsvAHCNy1qe+0rz3nMtb1SjMjN0sYNoCkpRuSnFzLNROxusfvpmXrQyKvH
9RYd29nuON1xFqi6oEF9EWFWgNiNWkSQgvNGYWwHXomfg/PINLBrA674SnODjIr5
bwihx7VLsOGd/F50dtZW37vqF0jGCwL8kbB3zDYYT82rWvjNdp1SLDTuE4g/olUS
g70Ry79Xd8p/rA7v6PBbCAHsXEjZPmXvBB5mUY1RAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUtWxXnCmvNmqeWH2rKdg+D22HPL8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiMjY0YThjLTc4OGYtNDQ3My1iMWI4LTY3ZTExNzNmOGE5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAB8BSFAwDQYJKoZIhvcNAQELBQADggEBAMkvzDQ3LuesjoLcfZy3hKWV
BE5v4FYjUZJRRp6pSC976T+lTJ8JHz1vmol2KZ6EFaucRkt5rl4bXHAV+nuYoqy9
6ee5ClSMPsYNOFKV3d8TbpDPqCP+xJDXkBzb6OmaT/IfS3med90TXBIKoawTFg/R
SsMMIa/nRbwXauVWcVIxOAfeL4G4yabsci2G58EknETn0RUhs+eyr/7+76GNOWzt
53g7shC/th/YHFH5xsDlnIdBM75jH9WEItF2bK2a6WgkMMNYA8IUzfGUjxGn+TCq
Sh1nePuig3zE0xCkSIM5bDRDuaJk3NnGWiwXjIsmPje5Nb5wAy9Rjzqc0NzWU1A=
-----END CERTIFICATE-----