Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84098119-db6f-400e-8b50-d3b7152181be.roa
File:                     84098119-db6f-400e-8b50-d3b7152181be.roa (raw, json)
Hash identifier:          /SDn8P7IJgLtK6OI2aa7D0UjmcEX9wTSj5A6VZ+KfR0=
Subject key identifier:   05:63:D9:01:CE:9E:3D:87:1B:17:4D:51:5C:64:11:90:BF:B0:1B:74
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       047F8CA4EF2803B93E3FC6C7E164365566020578
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84098119-db6f-400e-8b50-d3b7152181be.roa
Signing time:             Fri 03 Oct 2025 00:02:18 +0000
ROA not before:           Fri 03 Oct 2025 00:02:18 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        166.108.0.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:7f:8c:a4:ef:28:03:b9:3e:3f:c6:c7:e1:64:36:55:66:02:05:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:02:18 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=4d5c6f5633f209071d747bfc64da96846ac5de9da83ba9b031826615eb8ffd0f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:dd:96:5f:d7:bf:1d:93:ee:49:f1:9f:bd:0a:
                    41:d3:84:aa:2d:17:0e:71:e2:84:e7:8d:62:ed:66:
                    6f:70:50:10:97:85:e9:be:fb:c3:69:9a:f3:63:91:
                    f0:d6:c2:65:4a:b9:5f:36:40:ae:a9:09:e0:63:6d:
                    c7:46:45:c3:a1:bf:db:0a:12:1f:0b:9b:13:38:b1:
                    67:c3:b1:47:ae:48:da:aa:81:70:88:0d:8a:d5:75:
                    bf:10:c7:86:39:e6:87:ee:d8:01:ba:82:0d:51:da:
                    ce:1d:b9:b7:bd:c3:ad:b0:f5:de:6e:6f:7e:29:21:
                    be:9f:27:dd:e7:49:2e:8a:1d:36:08:3c:8f:8c:c7:
                    27:18:e9:29:ed:53:54:bb:7e:59:a8:c7:3e:5f:0f:
                    00:bc:5a:9f:ce:4a:d5:49:b8:ee:1f:ac:e0:fe:8f:
                    e4:8c:fe:11:84:31:80:05:e8:92:39:1c:41:e4:a7:
                    22:8f:ea:11:ee:da:b6:6f:0e:39:6c:29:eb:10:e6:
                    ee:a8:20:b8:51:0d:e6:6d:13:af:07:b8:6e:62:50:
                    e6:40:ba:68:96:1d:d8:c2:9f:3f:a9:7d:0b:59:4f:
                    0a:93:0d:13:e1:e7:22:fc:0f:22:86:da:6b:7d:0d:
                    4d:9a:1a:58:9a:17:83:d6:17:77:8e:32:b6:c0:a3:
                    1c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:63:D9:01:CE:9E:3D:87:1B:17:4D:51:5C:64:11:90:BF:B0:1B:74
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84098119-db6f-400e-8b50-d3b7152181be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.108.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a1:e3:ed:49:65:e8:45:b2:26:d1:69:86:8e:82:05:4d:7a:01:
         0d:4e:5c:c9:11:cd:ba:2d:20:91:02:ea:1b:3d:33:0b:8a:43:
         68:4d:03:d8:8e:6e:f1:c7:d4:1f:1f:f3:25:00:ad:a5:7f:ca:
         c3:c5:62:d1:81:f7:66:bd:8f:bb:d8:77:03:9b:61:db:09:20:
         97:d3:1d:cb:88:ec:87:a0:7f:6b:82:f1:24:00:11:2f:4f:b2:
         e1:7c:25:4f:a3:d1:ce:ec:16:f8:d0:b6:e7:e3:7c:08:5a:67:
         3a:b6:85:c4:42:18:c6:e2:f6:2d:c2:38:93:65:4b:79:2c:b6:
         f4:a7:dd:a7:f3:54:8b:25:78:68:1b:79:96:d2:ef:10:d6:ae:
         f2:a3:2a:9a:5e:ee:23:ce:90:c1:85:65:9e:8a:5e:37:85:44:
         41:e2:45:20:fa:b1:86:be:e1:bc:7d:22:f2:42:8e:23:59:15:
         3a:21:27:a7:f2:ee:08:ec:81:39:22:d0:0b:50:db:44:e6:39:
         cd:3f:0d:40:85:42:32:2e:ed:0c:36:8a:ed:8d:35:75:59:8f:
         7b:5c:73:c8:df:52:cf:72:52:60:31:5e:94:2a:51:0d:8d:c6:
         8b:7e:60:00:d0:29:a4:e2:fb:5d:42:c3:96:4a:36:e5:a0:11:
         00:d3:b1:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBH+MpO8oA7k+P8bH4WQ2VWYCBXgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAwMjE4WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDVjNmY1NjMzZjIwOTA3MWQ3NDdiZmM2NGRhOTY4NDZh
YzVkZTlkYTgzYmE5YjAzMTgyNjYxNWViOGZmZDBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDB3ZZf178dk+5J8Z+9CkHThKotFw5x4oTnjWLtZm9wUBCX
hem++8NpmvNjkfDWwmVKuV82QK6pCeBjbcdGRcOhv9sKEh8LmxM4sWfDsUeuSNqq
gXCIDYrVdb8Qx4Y55ofu2AG6gg1R2s4dube9w62w9d5ub34pIb6fJ93nSS6KHTYI
PI+MxycY6SntU1S7flmoxz5fDwC8Wp/OStVJuO4frOD+j+SM/hGEMYAF6JI5HEHk
pyKP6hHu2rZvDjlsKesQ5u6oILhRDeZtE68HuG5iUOZAumiWHdjCnz+pfQtZTwqT
DRPh5yL8DyKG2mt9DU2aGliaF4PWF3eOMrbAoxy1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBWPZAc6ePYcbF01RXGQRkL+wG3QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0MDk4MTE5LWRiNmYtNDAwZS04YjUwLWQzYjcxNTIxODFiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWmbAAwDQYJKoZIhvcNAQELBQADggEBAKHj7Ull6EWyJtFpho6CBU16AQ1O
XMkRzbotIJEC6hs9MwuKQ2hNA9iObvHH1B8f8yUAraV/ysPFYtGB92a9j7vYdwOb
YdsJIJfTHcuI7Iegf2uC8SQAES9PsuF8JU+j0c7sFvjQtufjfAhaZzq2hcRCGMbi
9i3COJNlS3kstvSn3afzVIsleGgbeZbS7xDWrvKjKppe7iPOkMGFZZ6KXjeFREHi
RSD6sYa+4bx9IvJCjiNZFTohJ6fy7gjsgTki0AtQ20TmOc0/DUCFQjIu7Qw2iu2N
NXVZj3tcc8jfUs9yUmAxXpQqUQ2Nxot+YADQKaTi+11Cw5ZKNuWgEQDTsQc=
-----END CERTIFICATE-----