Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88dc3654-b447-4223-9cc9-77d87983f5ba.roa
File:                     88dc3654-b447-4223-9cc9-77d87983f5ba.roa (raw, json)
Hash identifier:          UMvhdZcpMcGJMKno4f5Yaogo1lNpFw/0q0xALZ5mHBo=
Subject key identifier:   F9:92:AD:20:45:A8:00:31:71:E5:7C:9B:50:E9:60:F6:DB:89:6B:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4E23B86CDA2F9E9BCCD24B65AEE2F49FCA499C24
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88dc3654-b447-4223-9cc9-77d87983f5ba.roa
Signing time:             Sat 18 Oct 2025 00:31:02 +0000
ROA not before:           Sat 18 Oct 2025 00:31:02 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        65.8.176.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:23:b8:6c:da:2f:9e:9b:cc:d2:4b:65:ae:e2:f4:9f:ca:49:9c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 00:31:02 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=7ddf96a0386039837079176f4d64f7e175d481939fc23365561052e6f27d1b0d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6f:67:89:fb:7c:3f:e9:ec:69:7f:f3:96:1a:
                    d3:7f:f1:70:e6:bb:d4:e1:1d:47:39:cb:2e:d7:f2:
                    07:6b:89:b0:b4:82:61:06:ab:83:75:26:d8:5d:33:
                    89:e1:a6:95:d7:1b:57:ba:10:cc:48:66:d1:de:88:
                    17:a2:9f:96:4f:66:32:64:b5:89:55:a3:1c:ed:db:
                    4b:a6:e1:00:9e:1a:df:3b:3e:12:a8:6e:c6:da:8a:
                    dd:8d:b6:7b:63:64:c9:fb:d7:d0:b2:9c:41:23:31:
                    e8:ec:7a:31:1c:d4:28:15:06:26:45:4a:fa:a0:45:
                    40:f8:54:34:77:4a:4c:87:b1:82:ca:02:65:5e:9b:
                    1b:21:6f:21:a7:7d:e2:47:43:95:6c:3a:0f:7a:85:
                    a8:d6:f2:59:78:4b:e9:6d:e6:fe:9c:d8:9a:13:80:
                    02:26:35:84:8a:fd:24:39:88:ba:06:82:9a:a9:dd:
                    be:4b:25:c5:87:2c:8c:32:ad:b5:85:73:10:21:65:
                    11:06:19:aa:73:df:b8:47:34:7f:fa:80:60:6f:3c:
                    d7:2e:44:2c:6e:4f:5f:6e:df:83:4f:d3:b2:32:d0:
                    aa:d4:a8:34:e4:75:24:5a:26:a5:25:99:5e:a8:04:
                    3a:14:60:b4:8a:b1:1a:60:7d:79:3e:0a:16:7c:35:
                    66:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:92:AD:20:45:A8:00:31:71:E5:7C:9B:50:E9:60:F6:DB:89:6B:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88dc3654-b447-4223-9cc9-77d87983f5ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  65.8.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:b4:b5:15:a1:74:86:91:4b:45:06:d2:42:01:0c:6a:f3:8c:
         e2:aa:b7:c5:e3:21:f6:01:30:49:28:97:9a:3f:30:cd:58:71:
         86:be:2e:76:76:82:12:72:95:60:95:42:52:9f:5f:e4:b9:96:
         72:86:3a:74:3a:2a:18:30:10:95:92:f6:17:0c:90:91:f6:a3:
         82:e7:ee:3e:4d:db:92:53:fe:44:9f:89:79:1a:4a:d7:d2:35:
         df:78:a7:f7:a1:86:7d:2a:c2:c9:9c:f8:f1:e3:9b:67:aa:3a:
         c2:3c:a5:c1:c3:0f:af:51:0f:c8:a0:93:1e:3d:d0:02:c7:e5:
         76:40:93:36:56:52:19:25:63:80:6e:11:dc:e9:43:e7:8d:d1:
         b7:da:05:ac:59:e7:e0:dd:a5:58:c8:d3:a7:b8:00:90:c9:68:
         20:34:a2:29:b6:8e:b6:22:6b:ce:7e:e7:b2:3d:01:f4:c2:88:
         8d:c2:aa:cf:b3:dd:3b:60:c8:2d:a1:bc:c3:b9:b9:21:b8:7c:
         2c:9e:e5:92:69:c8:b2:6c:8f:3d:5a:0b:a6:f9:d8:de:68:0c:
         42:a2:41:57:83:5a:78:bb:dc:8e:b5:49:38:f2:c4:51:5d:52:
         7f:f7:6c:7f:29:23:f7:0a:68:51:72:1d:41:e0:0f:c6:b6:bf:
         07:71:60:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTiO4bNovnpvM0ktlruL0n8pJnCQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDAzMTAyWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGRmOTZhMDM4NjAzOTgzNzA3OTE3NmY0ZDY0ZjdlMTc1
ZDQ4MTkzOWZjMjMzNjU1NjEwNTJlNmYyN2QxYjBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCob2eJ+3w/6expf/OWGtN/8XDmu9ThHUc5yy7X8gdribC0
gmEGq4N1JthdM4nhppXXG1e6EMxIZtHeiBein5ZPZjJktYlVoxzt20um4QCeGt87
PhKobsbait2NtntjZMn719CynEEjMejsejEc1CgVBiZFSvqgRUD4VDR3SkyHsYLK
AmVemxshbyGnfeJHQ5VsOg96hajW8ll4S+lt5v6c2JoTgAImNYSK/SQ5iLoGgpqp
3b5LJcWHLIwyrbWFcxAhZREGGapz37hHNH/6gGBvPNcuRCxuT19u34NP07Iy0KrU
qDTkdSRaJqUlmV6oBDoUYLSKsRpgfXk+ChZ8NWZ1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+ZKtIEWoADFx5XybUOlg9tuJazgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4ZGMzNjU0LWI0NDctNDIyMy05Y2M5LTc3ZDg3OTgzZjViYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABBCLAwDQYJKoZIhvcNAQELBQADggEBABu0tRWhdIaRS0UG0kIBDGrzjOKq
t8XjIfYBMEkol5o/MM1YcYa+LnZ2ghJylWCVQlKfX+S5lnKGOnQ6KhgwEJWS9hcM
kJH2o4Ln7j5N25JT/kSfiXkaStfSNd94p/ehhn0qwsmc+PHjm2eqOsI8pcHDD69R
D8igkx490ALH5XZAkzZWUhklY4BuEdzpQ+eN0bfaBaxZ5+DdpVjI06e4AJDJaCA0
oim2jrYia85+57I9AfTCiI3Cqs+z3TtgyC2hvMO5uSG4fCye5ZJpyLJsjz1aC6b5
2N5oDEKiQVeDWni73I61STjyxFFdUn/3bH8pI/cKaFFyHUHgD8a2vwdxYB0=
-----END CERTIFICATE-----