Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d01273a-91bf-43dd-88d7-eda61e7b75f0.roa
File:                     8d01273a-91bf-43dd-88d7-eda61e7b75f0.roa (raw, json)
Hash identifier:          RewkORqPw9GymB5vO9zDOtBH6XuhFIefn58xUXUxJxY=
Subject key identifier:   A4:C0:72:0D:0B:53:9C:00:AB:FF:5B:06:F7:C9:59:7D:34:84:A6:54
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       059AB49AAD1953F9C5AC1A406A6870B4D971649A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d01273a-91bf-43dd-88d7-eda61e7b75f0.roa
Signing time:             Sat 27 Sep 2025 00:22:43 +0000
ROA not before:           Sat 27 Sep 2025 00:22:43 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.60.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:9a:b4:9a:ad:19:53:f9:c5:ac:1a:40:6a:68:70:b4:d9:71:64:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:22:43 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=f23e594646e3b81226c189a3478326870eb1dd54622a634a6253ee67480be211, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2d:63:77:8d:43:52:c1:fb:f2:c4:0f:67:87:
                    5d:53:58:5f:c0:8b:15:38:c9:48:59:33:e8:df:10:
                    8c:62:c4:a6:41:db:90:7f:76:8a:13:1e:69:5a:27:
                    62:e9:9e:ca:e3:52:22:50:00:5b:b4:44:78:2e:9f:
                    c5:62:c6:af:50:de:fd:cd:3f:9b:dd:a9:8f:94:31:
                    f2:9d:56:61:1f:94:5c:3f:1a:08:8d:e2:2c:75:50:
                    47:6a:e3:99:ff:9f:6e:64:d0:63:ca:31:30:b9:6b:
                    1b:13:bc:f9:d4:2a:c0:61:12:40:d8:5e:11:61:71:
                    44:d3:9f:36:62:ae:56:3b:b1:59:58:d4:65:f3:fc:
                    91:8e:7b:03:1a:17:07:f6:7b:23:b4:c3:47:e9:75:
                    2c:6f:0f:d1:70:cc:53:8e:1e:89:1e:9a:d3:dd:5c:
                    fc:39:33:c5:8f:8f:92:ba:3e:bc:46:04:79:58:fa:
                    44:18:64:92:74:74:26:ff:a4:57:87:ea:1b:98:c9:
                    8a:ab:f8:0b:39:67:d7:3a:9d:34:f3:18:b5:01:c3:
                    fc:b1:16:3a:d8:d5:e8:02:fd:7c:21:c7:7a:0d:43:
                    e2:3d:f5:4f:02:f4:dd:bf:89:c9:e9:a5:9d:f6:bf:
                    6e:08:8e:19:7c:1e:f5:c1:3b:1c:fa:e5:9d:62:c0:
                    04:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C0:72:0D:0B:53:9C:00:AB:FF:5B:06:F7:C9:59:7D:34:84:A6:54
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d01273a-91bf-43dd-88d7-eda61e7b75f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.60.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         89:eb:19:1f:2c:fc:4f:a2:07:58:a0:99:10:c2:ba:f2:b4:81:
         0b:39:6a:b0:ab:fa:c1:43:90:7e:ca:1b:83:4d:d9:94:fe:89:
         58:41:99:f5:77:f2:da:53:ba:1b:c4:79:ce:7e:bb:30:b6:5d:
         66:8e:8a:05:d5:20:18:dc:81:85:94:aa:38:30:0d:71:4e:44:
         35:1f:5c:69:2e:d9:01:c9:f4:f2:a8:87:d7:ea:dd:c5:c0:e8:
         44:5f:81:a3:94:9a:59:b7:e5:97:33:be:3a:63:c2:5d:b9:95:
         34:66:c2:51:ec:b8:ba:19:85:d2:98:57:7d:f0:c7:59:3d:6c:
         26:f4:13:be:38:a4:e0:0e:3e:c5:9d:7d:06:a4:61:98:70:22:
         ad:76:c8:5a:10:44:5c:a2:11:f3:55:04:4a:e6:ec:3a:5a:fe:
         81:c2:30:ab:ba:08:a3:d6:59:f8:4d:34:ca:b0:f6:41:f3:76:
         0d:c6:47:71:aa:97:d2:81:59:fe:c1:88:2a:a7:8c:96:5f:91:
         c6:8e:f2:b1:7e:9c:01:8c:80:fa:c4:3d:c4:29:b1:6e:0a:5e:
         6f:f2:b4:50:ae:7a:f0:9e:a6:14:6b:2d:f1:7c:39:c2:d3:46:
         e2:8a:10:b9:32:f0:1a:95:84:f0:49:86:d6:f5:10:cd:c0:fb:
         db:33:ac:42
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBZq0mq0ZU/nFrBpAamhwtNlxZJowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAyMjQzWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjNlNTk0NjQ2ZTNiODEyMjZjMTg5YTM0NzgzMjY4NzBl
YjFkZDU0NjIyYTYzNGE2MjUzZWU2NzQ4MGJlMjExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgLWN3jUNSwfvyxA9nh11TWF/AixU4yUhZM+jfEIxixKZB
25B/dooTHmlaJ2LpnsrjUiJQAFu0RHgun8Vixq9Q3v3NP5vdqY+UMfKdVmEflFw/
GgiN4ix1UEdq45n/n25k0GPKMTC5axsTvPnUKsBhEkDYXhFhcUTTnzZirlY7sVlY
1GXz/JGOewMaFwf2eyO0w0fpdSxvD9FwzFOOHokemtPdXPw5M8WPj5K6PrxGBHlY
+kQYZJJ0dCb/pFeH6huYyYqr+As5Z9c6nTTzGLUBw/yxFjrY1egC/Xwhx3oNQ+I9
9U8C9N2/icnppZ32v24Ijhl8HvXBOxz65Z1iwARlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpMByDQtTnACr/1sG98lZfTSEplQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkMDEyNzNhLTkxYmYtNDNkZC04OGQ3LWVkYTYxZTdiNzVmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjPDANBgkqhkiG9w0BAQsFAAOCAQEAiesZHyz8T6IHWKCZEMK68rSBCzlq
sKv6wUOQfsobg03ZlP6JWEGZ9Xfy2lO6G8R5zn67MLZdZo6KBdUgGNyBhZSqODAN
cU5ENR9caS7ZAcn08qiH1+rdxcDoRF+Bo5SaWbfllzO+OmPCXbmVNGbCUey4uhmF
0phXffDHWT1sJvQTvjik4A4+xZ19BqRhmHAirXbIWhBEXKIR81UESubsOlr+gcIw
q7oIo9ZZ+E00yrD2QfN2DcZHcaqX0oFZ/sGIKqeMll+Rxo7ysX6cAYyA+sQ9xCmx
bgpeb/K0UK568J6mFGst8Xw5wtNG4ooQuTLwGpWE8EmG1vUQzcD72zOsQg==
-----END CERTIFICATE-----