Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b498707-3ebd-45a5-b072-5696977433b4.roa
File:                     8b498707-3ebd-45a5-b072-5696977433b4.roa (raw, json)
Hash identifier:          QZJ+mwvqvLSLWspkJprowX1YsFYgGrXbWnMMv+1f46A=
Subject key identifier:   CE:F1:FF:4A:38:F2:1C:E8:89:AA:96:F9:DB:51:CC:59:72:04:F7:55
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       462456CF80C25A6AC0D0E05F94BC982AAC2E7F51
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b498707-3ebd-45a5-b072-5696977433b4.roa
Signing time:             Tue 07 Oct 2025 00:21:39 +0000
ROA not before:           Tue 07 Oct 2025 00:21:39 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        157.243.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:24:56:cf:80:c2:5a:6a:c0:d0:e0:5f:94:bc:98:2a:ac:2e:7f:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:21:39 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=094f464474ef59b64406629a0f8b80050236c2336d44819350c59e356d368399, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:96:ae:fb:60:d8:e3:e6:50:a9:52:40:59:44:
                    5e:97:91:88:08:d7:6d:22:03:43:10:78:dd:16:c5:
                    14:10:cd:da:19:d5:8b:08:60:3c:ab:1e:c5:59:6f:
                    ef:ab:1d:66:15:2f:c0:d5:ad:5c:19:9b:9f:7a:a0:
                    a1:8c:17:d4:d6:73:55:14:8e:c8:92:95:05:8e:ca:
                    c5:9d:43:c6:7c:83:68:3b:0e:16:bb:c3:ee:46:ab:
                    f5:6b:5c:7a:77:94:c3:b3:e4:d2:c7:e2:0d:c8:30:
                    1a:83:e0:e4:b3:95:f0:23:fa:19:2b:e9:f7:b8:29:
                    6c:20:2c:7a:7e:21:b4:90:5a:af:24:4d:cc:1d:57:
                    57:98:c6:35:d2:7b:d7:33:83:b8:a1:c2:cb:4c:84:
                    f4:c5:0c:50:14:8e:15:aa:32:5a:8d:ea:2e:eb:e0:
                    b1:54:16:b7:25:f6:69:c4:07:da:90:42:f5:5b:18:
                    61:87:19:02:11:57:d6:0c:e9:79:37:c2:46:2b:c1:
                    9e:41:41:fc:15:57:29:8f:cc:00:05:55:92:f2:b7:
                    08:e7:d4:97:79:e0:83:3a:35:87:a5:1b:ba:a3:6d:
                    5d:ad:89:cd:09:2e:74:d9:c5:4c:08:e6:69:06:11:
                    dd:d3:b7:c9:70:1c:50:49:ea:3d:eb:14:46:c9:dd:
                    08:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F1:FF:4A:38:F2:1C:E8:89:AA:96:F9:DB:51:CC:59:72:04:F7:55
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b498707-3ebd-45a5-b072-5696977433b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.243.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ce:f9:56:2f:a0:5d:ad:27:80:7a:0a:f8:71:76:6a:42:65:f8:
         43:29:a3:ea:bd:19:b3:36:ae:00:36:67:b4:05:c4:56:dc:61:
         ee:56:7e:29:9b:8b:b9:58:86:ea:24:88:10:03:9f:7f:d6:78:
         e6:f6:28:b1:df:de:6b:a5:50:73:88:04:6c:8f:44:76:b2:34:
         e3:85:d6:fd:4e:04:87:08:00:ba:72:ae:91:58:0c:cc:6a:85:
         b2:5c:0e:9c:08:5e:83:27:8f:ad:ef:ad:dc:cb:ea:31:6d:b1:
         61:ea:1c:36:5b:d2:9c:51:87:e2:aa:c3:8f:d2:1c:a5:2e:ca:
         fa:b3:30:13:04:44:25:a3:b4:58:34:65:d3:cf:2b:ea:5c:84:
         83:82:ef:44:26:d4:7b:67:5a:22:1c:45:1b:de:bc:9e:fb:27:
         c7:be:cc:72:94:11:07:ac:6c:2a:77:b7:44:d5:6b:9b:81:0f:
         2f:2d:58:0c:6b:88:33:d7:17:48:cf:f9:69:43:fa:ae:97:94:
         22:66:18:28:37:91:86:8c:ec:1f:7f:0c:f4:3e:d7:7e:ca:21:
         a9:d5:fe:25:f0:09:d7:49:64:dd:5f:06:4a:fd:f5:f9:27:5c:
         eb:10:32:45:12:d8:6d:ae:c8:62:c9:f1:13:fa:d8:e8:e0:4f:
         83:b3:bb:83
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURiRWz4DCWmrA0OBflLyYKqwuf1EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMTM5WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AwOTRmNDY0NDc0ZWY1OWI2NDQwNjYyOWEwZjhiODAwNTAy
MzZjMjMzNmQ0NDgxOTM1MGM1OWUzNTZkMzY4Mzk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPlq77YNjj5lCpUkBZRF6XkYgI120iA0MQeN0WxRQQzdoZ
1YsIYDyrHsVZb++rHWYVL8DVrVwZm596oKGMF9TWc1UUjsiSlQWOysWdQ8Z8g2g7
Dha7w+5Gq/VrXHp3lMOz5NLH4g3IMBqD4OSzlfAj+hkr6fe4KWwgLHp+IbSQWq8k
TcwdV1eYxjXSe9czg7ihwstMhPTFDFAUjhWqMlqN6i7r4LFUFrcl9mnEB9qQQvVb
GGGHGQIRV9YM6Xk3wkYrwZ5BQfwVVymPzAAFVZLytwjn1Jd54IM6NYelG7qjbV2t
ic0JLnTZxUwI5mkGEd3Tt8lwHFBJ6j3rFEbJ3QgZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzvH/SjjyHOiJqpb521HMWXIE91UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiNDk4NzA3LTNlYmQtNDVhNS1iMDcyLTU2OTY5Nzc0MzNiNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCd8zANBgkqhkiG9w0BAQsFAAOCAQEAzvlWL6BdrSeAegr4cXZqQmX4Qymj
6r0ZszauADZntAXEVtxh7lZ+KZuLuViG6iSIEAOff9Z45vYosd/ea6VQc4gEbI9E
drI044XW/U4EhwgAunKukVgMzGqFslwOnAhegyePre+t3MvqMW2xYeocNlvSnFGH
4qrDj9IcpS7K+rMwEwREJaO0WDRl088r6lyEg4LvRCbUe2daIhxFG968nvsnx77M
cpQRB6xsKne3RNVrm4EPLy1YDGuIM9cXSM/5aUP6rpeUImYYKDeRhozsH38M9D7X
fsohqdX+JfAJ10lk3V8GSv31+Sdc6xAyRRLYba7IYsnxE/rY6OBPg7O7gw==
-----END CERTIFICATE-----