Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e7b3944-7311-4337-8436-836528b45a90.roa
File:                     6e7b3944-7311-4337-8436-836528b45a90.roa (raw, json)
Hash identifier:          8FXHS07EGbAKZJ6qbzfwIsbjirA5OyWbYoRMnYdl8MI=
Subject key identifier:   50:17:45:2B:95:A2:CE:B1:E3:4F:F0:A3:A0:C8:84:5B:C2:C0:09:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3AFB2A03EF82F66D912E4D676921A2BC885BBDDB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e7b3944-7311-4337-8436-836528b45a90.roa
Signing time:             Mon 13 Oct 2025 15:51:16 +0000
ROA not before:           Mon 13 Oct 2025 15:51:16 +0000
ROA not after:            Mon 17 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.91.6.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:fb:2a:03:ef:82:f6:6d:91:2e:4d:67:69:21:a2:bc:88:5b:bd:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 13 15:51:16 2025 GMT
            Not After : Nov 17 23:59:59 2025 GMT
        Subject: serialNumber=0da8a15ab627b1a6bda6ae0285097ea8195c76a43adacd9ac03e83737e079359, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a1:20:7e:fa:21:0e:68:eb:25:b8:66:2d:36:
                    00:9d:c6:8e:9b:dc:96:e5:2e:7c:08:71:73:b7:03:
                    a6:bb:b8:28:1a:0d:a4:ce:64:dc:3e:42:19:cf:2b:
                    37:9f:f7:97:96:05:b8:da:8e:33:bf:1d:14:81:f1:
                    0b:62:88:e8:dc:ad:22:b5:c6:53:f1:a7:77:45:99:
                    b0:25:40:29:82:a9:e8:42:a0:6b:2d:f5:18:fe:8b:
                    cd:98:d5:da:8e:7a:c2:27:b3:f1:c0:f4:7e:ad:d1:
                    4b:e3:bb:e6:19:43:32:d1:e2:03:9c:73:3d:d2:47:
                    88:e9:63:b6:1b:0d:f9:75:3a:d1:b4:d6:f5:0c:bd:
                    71:3e:08:66:34:c3:9d:76:6e:ba:ad:97:be:47:7b:
                    67:6d:ca:44:50:c1:07:b9:da:ad:d9:99:1e:50:6d:
                    30:49:6d:aa:1d:67:1c:1b:99:d2:95:cf:86:9a:8c:
                    ec:5c:cd:b7:5d:7d:79:c9:56:30:66:ad:51:8e:12:
                    03:47:fb:aa:d2:15:71:a8:89:44:fd:20:e8:63:b3:
                    81:63:4f:58:36:cb:cb:35:e6:d7:3d:d9:17:cb:0b:
                    6b:bb:c9:51:bb:63:6d:ab:c4:fb:f5:79:43:94:cc:
                    66:25:39:66:d9:82:ab:c9:fb:aa:a2:f9:20:9c:31:
                    d1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:17:45:2B:95:A2:CE:B1:E3:4F:F0:A3:A0:C8:84:5B:C2:C0:09:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e7b3944-7311-4337-8436-836528b45a90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.91.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:ab:ba:3a:14:80:ff:4e:17:8f:73:68:7d:24:aa:5e:0a:be:
         23:00:ef:8f:3b:77:34:96:a0:26:b3:52:7c:a7:dd:9b:44:ef:
         d9:f0:75:24:56:a2:38:47:36:82:32:57:24:37:31:ab:8e:9d:
         45:c6:e5:c1:8f:3b:87:1d:88:40:05:a1:a5:61:fd:80:cf:91:
         0e:56:0b:3e:68:c0:4b:b8:89:70:31:08:db:b0:04:58:d7:67:
         d4:62:13:0c:c4:77:40:ad:05:b5:08:2d:53:04:25:f6:c8:d2:
         d7:4c:41:3a:ca:fc:65:76:dd:4d:cb:e8:7a:48:c9:77:a0:89:
         51:93:8a:fb:a3:44:b8:42:3d:ce:99:c6:ba:62:b2:67:49:93:
         b9:db:44:ea:ad:71:c2:57:31:00:84:87:cb:35:57:eb:b7:41:
         e0:1c:e1:f6:ef:51:e3:f0:c6:b1:a4:32:af:31:ec:ca:6f:3b:
         e2:0b:c0:ad:ca:df:a4:85:40:9f:4f:65:f8:48:5b:61:da:ef:
         5c:d5:cd:e4:8d:2e:94:6c:23:89:e7:37:c9:14:9e:42:56:7a:
         e3:ac:8f:3a:05:a8:76:c8:22:0f:1c:e9:fa:49:89:de:be:19:
         79:70:8d:4e:06:92:82:65:f4:88:97:12:6b:8c:15:f0:b9:43:
         a4:5a:31:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOvsqA++C9m2RLk1naSGivIhbvdswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEzMTU1MTE2WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZGE4YTE1YWI2MjdiMWE2YmRhNmFlMDI4NTA5N2VhODE5
NWM3NmE0M2FkYWNkOWFjMDNlODM3MzdlMDc5MzU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsoSB++iEOaOsluGYtNgCdxo6b3JblLnwIcXO3A6a7uCga
DaTOZNw+QhnPKzef95eWBbjajjO/HRSB8QtiiOjcrSK1xlPxp3dFmbAlQCmCqehC
oGst9Rj+i82Y1dqOesIns/HA9H6t0Uvju+YZQzLR4gOccz3SR4jpY7YbDfl1OtG0
1vUMvXE+CGY0w512brqtl75He2dtykRQwQe52q3ZmR5QbTBJbaodZxwbmdKVz4aa
jOxczbddfXnJVjBmrVGOEgNH+6rSFXGoiUT9IOhjs4FjT1g2y8s15tc92RfLC2u7
yVG7Y22rxPv1eUOUzGYlOWbZgqvJ+6qi+SCcMdHHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUBdFK5WizrHjT/CjoMiEW8LACSowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlN2IzOTQ0LTczMTEtNDMzNy04NDM2LTgzNjUyOGI0NWE5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAXWwYwDQYJKoZIhvcNAQELBQADggEBAAGrujoUgP9OF49zaH0kql4KviMA
7487dzSWoCazUnyn3ZtE79nwdSRWojhHNoIyVyQ3MauOnUXG5cGPO4cdiEAFoaVh
/YDPkQ5WCz5owEu4iXAxCNuwBFjXZ9RiEwzEd0CtBbUILVMEJfbI0tdMQTrK/GV2
3U3L6HpIyXegiVGTivujRLhCPc6ZxrpismdJk7nbROqtccJXMQCEh8s1V+u3QeAc
4fbvUePwxrGkMq8x7MpvO+ILwK3K36SFQJ9PZfhIW2Ha71zVzeSNLpRsI4nnN8kU
nkJWeuOsjzoFqHbIIg8c6fpJid6+GXlwjU4GkoJl9IiXEmuMFfC5Q6RaMeM=
-----END CERTIFICATE-----