Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa
File:                     82624c93-a718-4b6c-b8d0-1502172fc711.roa (raw, json)
Hash identifier:          XYxbn9tuHQvqfKxsw23ZAYay2aMW6C7Iks7gcwxakLA=
Subject key identifier:   4D:1A:3F:38:A2:05:1D:07:07:75:50:89:27:5B:D2:2E:AC:A0:D0:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       027D8A79D887385CB365556EBFC9D100E262FFE4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa
Signing time:             Fri 17 Oct 2025 21:10:09 +0000
ROA not before:           Fri 17 Oct 2025 21:10:09 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f61:8060::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:7d:8a:79:d8:87:38:5c:b3:65:55:6e:bf:c9:d1:00:e2:62:ff:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 21:10:09 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=e596133fe9afe5692e12ecc03383f59508e621bd08b07edaccd184206448de28, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2e:b1:69:98:33:37:b5:73:5d:7e:ff:cf:82:
                    e2:f1:1e:22:7f:1b:d6:d8:7b:23:1e:1c:3e:17:b1:
                    88:5e:c6:db:cc:dd:47:73:d5:15:f8:0e:c4:df:c8:
                    d3:a3:56:48:a6:54:a7:c9:ef:8f:fd:1e:48:28:7e:
                    3e:53:41:5e:61:ce:bd:74:b9:14:de:73:a4:d6:09:
                    88:a6:11:7c:d1:c4:22:66:1f:25:44:05:c0:a4:b9:
                    38:f2:36:0d:16:39:dc:70:82:f3:63:fa:50:f6:9c:
                    df:3f:24:92:4a:77:f8:6c:14:4d:1c:ca:67:00:8f:
                    74:aa:c0:8c:2f:75:08:d3:91:2e:cb:a2:66:dd:37:
                    1d:bc:a5:77:a8:26:54:3a:da:de:1d:23:7f:ee:9f:
                    c9:c7:27:f1:7b:7c:1c:b5:5d:92:91:9c:75:aa:1d:
                    90:cc:f9:8b:57:fe:31:2b:d2:0d:59:36:5d:ea:22:
                    17:b3:9c:c7:34:54:fa:04:cf:d2:62:76:5d:23:a7:
                    90:dc:00:2f:ab:2b:cc:bc:e1:b9:83:c1:fc:c0:4a:
                    f1:d6:fc:8c:2a:f3:f7:f3:30:66:15:91:aa:61:d9:
                    22:b4:8f:cd:52:41:87:64:19:4a:46:78:99:3b:90:
                    31:72:07:f3:7b:25:81:d1:97:06:27:78:60:ed:ae:
                    c2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:1A:3F:38:A2:05:1D:07:07:75:50:89:27:5B:D2:2E:AC:A0:D0:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:8060::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:48:43:1f:2e:70:a3:6b:7d:51:a0:90:ec:40:f9:e4:c8:da:
         b8:98:f6:81:88:0d:01:b4:a6:fc:d6:1b:47:e9:78:1e:a7:d5:
         e3:a3:90:fa:b3:24:3a:5e:a8:fa:29:d8:d6:1f:f9:ce:b4:a0:
         df:05:ab:ae:20:35:e9:8f:67:2b:05:24:9d:c5:b7:85:04:d9:
         f5:5f:60:06:be:6f:e0:79:eb:29:23:09:e1:40:c1:ff:ff:20:
         0e:9d:1a:63:e1:50:4d:a4:35:b9:07:bc:fb:28:99:53:f8:2b:
         80:dc:79:74:ca:7e:ca:91:94:e6:42:14:45:a9:ee:00:41:48:
         ce:02:77:f0:2c:77:e7:a9:d8:f1:38:d1:e2:24:c9:ea:95:63:
         30:0e:c0:cd:bc:09:87:ac:1a:90:f0:4b:d6:4a:7c:80:1e:bd:
         fa:4a:38:34:52:5c:b3:1f:b7:c2:96:bf:b5:61:ae:9d:02:9e:
         7c:04:a6:e7:b3:a1:a5:48:63:a9:b5:ee:86:e1:e2:cd:f0:18:
         ea:3d:97:06:b7:0d:d7:e0:af:cb:0c:59:af:d7:32:a9:3a:b7:
         1e:61:5f:a8:2c:79:de:bf:98:d2:ec:ee:c8:cb:02:db:be:eb:
         c7:db:9c:fd:2a:c3:bd:af:b2:05:8d:69:21:fd:c7:c8:64:e9:
         33:52:76:35
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAn2KediHOFyzZVVuv8nRAOJi/+QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjExMDA5WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTk2MTMzZmU5YWZlNTY5MmUxMmVjYzAzMzgzZjU5NTA4
ZTYyMWJkMDhiMDdlZGFjY2QxODQyMDY0NDhkZTI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2LrFpmDM3tXNdfv/PguLxHiJ/G9bYeyMeHD4XsYhextvM
3Udz1RX4DsTfyNOjVkimVKfJ74/9Hkgofj5TQV5hzr10uRTec6TWCYimEXzRxCJm
HyVEBcCkuTjyNg0WOdxwgvNj+lD2nN8/JJJKd/hsFE0cymcAj3SqwIwvdQjTkS7L
ombdNx28pXeoJlQ62t4dI3/un8nHJ/F7fBy1XZKRnHWqHZDM+YtX/jEr0g1ZNl3q
IheznMc0VPoEz9Jidl0jp5DcAC+rK8y84bmDwfzASvHW/Iwq8/fzMGYVkaph2SK0
j81SQYdkGUpGeJk7kDFyB/N7JYHRlwYneGDtrsJVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTRo/OKIFHQcHdVCJJ1vSLqyg0C0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyNjI0YzkzLWE3MTgtNGI2Yy1iOGQwLTE1MDIxNzJmYzcxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hgGAwDQYJKoZIhvcNAQELBQADggEBAGFIQx8ucKNrfVGgkOxA+eTI
2riY9oGIDQG0pvzWG0fpeB6n1eOjkPqzJDpeqPop2NYf+c60oN8Fq64gNemPZysF
JJ3Ft4UE2fVfYAa+b+B56ykjCeFAwf//IA6dGmPhUE2kNbkHvPsomVP4K4DceXTK
fsqRlOZCFEWp7gBBSM4Cd/Asd+ep2PE40eIkyeqVYzAOwM28CYesGpDwS9ZKfIAe
vfpKODRSXLMft8KWv7Vhrp0CnnwEpuezoaVIY6m17obh4s3wGOo9lwa3Ddfgr8sM
Wa/XMqk6tx5hX6gsed6/mNLs7sjLAtu+68fbnP0qw72vsgWNaSH9x8hk6TNSdjU=
-----END CERTIFICATE-----