Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bb2d3dd-174b-4c48-a1c8-3463c0c054be.roa
File:                     8bb2d3dd-174b-4c48-a1c8-3463c0c054be.roa (raw, json)
Hash identifier:          UFod0TF4oXHP2o921UCXO66enw2uj8nlvIYSYApFuBY=
Subject key identifier:   60:8D:1F:97:0C:1B:36:A8:7E:25:92:99:87:0E:B9:95:EC:E8:E8:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       483546385EDF2B2587D9330E25A321A0D6180F63
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bb2d3dd-174b-4c48-a1c8-3463c0c054be.roa
Signing time:             Wed 01 Oct 2025 00:02:20 +0000
ROA not before:           Wed 01 Oct 2025 00:02:20 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        137.16.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:35:46:38:5e:df:2b:25:87:d9:33:0e:25:a3:21:a0:d6:18:0f:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:02:20 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=57c6a526f8a2d8baf1126f3a90acac62b8ba5b272d33bbf0c34f0f7719deb8b2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:94:71:31:9c:e4:20:24:b0:58:ee:50:8e:c4:
                    c5:6d:d2:4c:09:ca:ea:ca:3d:f8:84:02:0e:c3:2e:
                    f5:0a:d3:c3:53:4e:d9:c4:f0:8d:1e:f2:fb:2d:7f:
                    d4:ad:05:0a:80:60:75:68:8d:eb:0e:fa:24:e1:f2:
                    17:01:42:d1:d3:f6:06:b1:d0:07:1c:46:70:d5:c8:
                    07:94:c6:4b:40:e9:0b:27:6a:28:c9:d0:ff:58:45:
                    2c:21:d3:e4:18:74:53:56:6d:cd:5b:1d:a3:57:a1:
                    69:7a:75:fd:af:36:dd:df:ec:78:69:c7:00:09:ee:
                    85:01:74:e7:3a:55:d6:70:cc:a4:3c:71:eb:12:ef:
                    8e:3c:d2:9f:17:57:ac:9a:b8:08:e2:04:e8:6f:05:
                    d0:80:92:0c:21:d9:27:29:1a:91:c1:6c:0c:41:ed:
                    49:42:06:20:a5:70:1f:46:17:42:2c:c7:e9:27:81:
                    24:93:67:da:21:b8:0e:11:24:80:41:0a:16:f0:eb:
                    d8:00:b1:10:0f:a1:cd:7a:e3:9b:92:c9:6c:63:a1:
                    a5:69:00:3f:2d:70:1e:a8:bb:32:aa:f2:47:4c:93:
                    82:35:78:2d:a2:db:97:cd:e2:c2:e6:3e:fd:6f:84:
                    dd:83:68:c3:f1:eb:f2:71:68:48:bb:fe:a0:33:19:
                    05:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:8D:1F:97:0C:1B:36:A8:7E:25:92:99:87:0E:B9:95:EC:E8:E8:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bb2d3dd-174b-4c48-a1c8-3463c0c054be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.16.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         73:0a:38:58:33:9f:d9:df:d0:01:07:f2:6c:5b:f7:a5:af:dd:
         94:65:d2:49:54:69:60:b5:bf:52:de:ac:8e:e4:79:d3:19:cf:
         89:e9:4c:63:13:0e:82:a3:3f:23:96:09:dd:fb:63:ec:0c:3b:
         b6:2a:28:6a:1f:03:6c:a7:5f:61:67:a1:52:47:93:bb:e5:a0:
         27:3e:e4:d0:d7:cf:4d:3e:c5:2a:23:5a:02:19:0c:d5:f4:66:
         fa:f0:42:57:ae:16:cf:18:a3:50:61:15:2e:51:aa:27:79:d3:
         5d:71:8b:d8:9e:71:37:db:09:8d:1a:7f:c4:e9:1e:49:65:d4:
         89:93:8f:5c:88:bb:95:48:94:4b:ee:c4:a5:a8:76:bd:8e:7c:
         87:9b:80:85:20:da:dc:b8:48:3c:75:b5:86:f2:7c:d4:1a:99:
         39:38:2a:6e:3d:d5:f8:52:6f:38:a0:fd:c0:1d:a2:19:35:f7:
         ab:e4:25:3d:ae:9e:1f:b3:4c:0a:59:4e:85:30:17:a9:11:ad:
         de:40:18:8b:f6:a3:64:df:29:bf:b2:58:63:f9:b3:ef:15:7c:
         d5:cd:c9:45:c0:61:4d:f7:c0:e0:bd:3a:3f:57:9e:51:9e:74:
         d5:0f:98:bf:e0:98:d4:63:af:3f:fa:71:60:d5:9a:46:51:f7:
         71:b0:6a:13
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSDVGOF7fKyWH2TMOJaMhoNYYD2MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAwMjIwWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1N2M2YTUyNmY4YTJkOGJhZjExMjZmM2E5MGFjYWM2MmI4
YmE1YjI3MmQzM2JiZjBjMzRmMGY3NzE5ZGViOGIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOlHExnOQgJLBY7lCOxMVt0kwJyurKPfiEAg7DLvUK08NT
TtnE8I0e8vstf9StBQqAYHVojesO+iTh8hcBQtHT9gax0AccRnDVyAeUxktA6Qsn
aijJ0P9YRSwh0+QYdFNWbc1bHaNXoWl6df2vNt3f7HhpxwAJ7oUBdOc6VdZwzKQ8
cesS74480p8XV6yauAjiBOhvBdCAkgwh2ScpGpHBbAxB7UlCBiClcB9GF0Isx+kn
gSSTZ9ohuA4RJIBBChbw69gAsRAPoc1645uSyWxjoaVpAD8tcB6ouzKq8kdMk4I1
eC2i25fN4sLmPv1vhN2DaMPx6/JxaEi7/qAzGQXFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYI0flwwbNqh+JZKZhw65lezo6LMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiYjJkM2RkLTE3NGItNGM0OC1hMWM4LTM0NjNjMGMwNTRiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCJEDANBgkqhkiG9w0BAQsFAAOCAQEAcwo4WDOf2d/QAQfybFv3pa/dlGXS
SVRpYLW/Ut6sjuR50xnPielMYxMOgqM/I5YJ3ftj7Aw7tiooah8DbKdfYWehUkeT
u+WgJz7k0NfPTT7FKiNaAhkM1fRm+vBCV64WzxijUGEVLlGqJ3nTXXGL2J5xN9sJ
jRp/xOkeSWXUiZOPXIi7lUiUS+7Epah2vY58h5uAhSDa3LhIPHW1hvJ81BqZOTgq
bj3V+FJvOKD9wB2iGTX3q+QlPa6eH7NMCllOhTAXqRGt3kAYi/ajZN8pv7JYY/mz
7xV81c3JRcBhTffA4L06P1eeUZ501Q+Yv+CY1GOvP/pxYNWaRlH3cbBqEw==
-----END CERTIFICATE-----