Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93a0c741-7418-4bec-b756-5e9c9c71d787.roa
File:                     93a0c741-7418-4bec-b756-5e9c9c71d787.roa (raw, json)
Hash identifier:          ZWBOXH5j9zQ8X1OPDT4Y6pGZULCRFuj8T0QuDlMhliM=
Subject key identifier:   7D:3C:89:3C:E2:75:BB:42:9B:63:AA:56:50:AF:DA:5C:B2:A5:04:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       57B5C1110BBCB5B45CEC65BC0CF3343D709F7A03
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93a0c741-7418-4bec-b756-5e9c9c71d787.roa
Signing time:             Tue 07 Oct 2025 00:51:18 +0000
ROA not before:           Tue 07 Oct 2025 00:51:18 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        50.19.128.0/17 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b5:c1:11:0b:bc:b5:b4:5c:ec:65:bc:0c:f3:34:3d:70:9f:7a:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:51:18 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=69bda45ff29885a9477ffc0c75b7c0056d41435d999fbc6ea6b7d404a0e31e29, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:33:03:6d:84:f3:23:a1:75:76:a1:d1:cf:b5:
                    b4:12:c9:7e:fa:67:2f:6c:b2:4d:28:1f:53:41:b2:
                    cc:7a:48:da:3f:42:ee:c6:0f:5f:c8:9e:0e:df:9a:
                    cc:79:b1:a8:02:57:48:d2:46:20:b0:49:d3:34:46:
                    6e:46:e9:a5:89:8e:a4:cb:a1:df:84:02:d9:a7:c5:
                    92:9d:c3:88:05:8b:75:7f:76:99:e7:de:9f:f1:1b:
                    59:2c:cb:c0:72:7a:1e:82:19:e0:08:ca:d2:8c:d8:
                    e1:fd:e6:08:af:cc:00:39:e6:b4:33:3e:9a:f0:9a:
                    18:b0:8b:42:83:1a:f9:5b:e4:26:1d:b7:43:e5:9d:
                    e8:cc:1f:3d:1e:a1:1e:2b:84:13:ed:7e:c4:c7:6e:
                    f3:40:32:12:4b:95:6d:0c:5d:27:e4:3e:67:e9:e9:
                    62:e8:78:8a:e5:5b:45:99:76:c5:df:8b:d8:60:e4:
                    3b:54:a0:db:9a:1c:a1:f7:57:4e:98:5a:9e:b7:ea:
                    ed:26:fc:40:89:3a:19:a2:90:16:db:68:d3:f4:1b:
                    43:b0:27:32:94:cb:48:32:63:6e:dc:ee:4a:2f:14:
                    16:bc:22:71:fe:fb:ce:16:76:60:97:35:4c:5b:83:
                    10:58:42:df:67:74:12:cb:61:96:37:c9:69:ee:ff:
                    7c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:3C:89:3C:E2:75:BB:42:9B:63:AA:56:50:AF:DA:5C:B2:A5:04:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93a0c741-7418-4bec-b756-5e9c9c71d787.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.19.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7f:bc:af:16:cf:7a:9f:40:02:10:96:fb:5a:75:df:c6:8c:bd:
         eb:51:ea:ca:b0:92:f4:c4:57:05:c5:23:a3:26:48:42:c2:cc:
         5b:b8:0d:75:49:c5:de:bb:63:14:0a:7b:63:2a:39:9e:b5:a2:
         92:d1:1c:3f:66:f9:c6:cc:17:36:5a:ac:a3:ba:e3:a2:bb:f9:
         1b:fc:04:b2:15:35:41:48:f4:83:7b:35:df:e6:b8:f4:55:6b:
         99:91:7a:d6:ff:b1:c9:d8:8a:e1:70:f1:cd:eb:b5:73:de:a1:
         e0:ee:df:fd:02:55:78:37:ab:12:6b:b4:6a:16:5a:c0:7b:26:
         83:b0:65:03:dd:9a:64:d7:3d:11:03:0c:15:35:b7:43:a7:ee:
         c4:a1:48:cc:87:5c:14:3f:71:00:04:7c:dd:83:1d:2f:cd:a5:
         8b:46:6c:1d:64:c0:dc:18:e9:a2:32:da:25:16:7c:6d:84:4d:
         60:3e:52:01:37:3d:9b:8f:91:15:3b:84:fd:a8:1f:63:bf:23:
         8f:6a:ef:d7:4b:f7:8a:1e:99:1e:9b:a3:94:38:f6:69:21:43:
         f8:14:9f:47:6c:fd:28:7a:50:72:21:b4:1f:4d:cf:9c:a3:98:
         40:59:06:90:0a:28:e3:7d:1b:27:64:01:41:63:91:42:5a:4a:
         5f:c0:7b:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV7XBEQu8tbRc7GW8DPM0PXCfegMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA1MTE4WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2OWJkYTQ1ZmYyOTg4NWE5NDc3ZmZjMGM3NWI3YzAwNTZk
NDE0MzVkOTk5ZmJjNmVhNmI3ZDQwNGEwZTMxZTI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXMwNthPMjoXV2odHPtbQSyX76Zy9ssk0oH1NBssx6SNo/
Qu7GD1/Ing7fmsx5sagCV0jSRiCwSdM0Rm5G6aWJjqTLod+EAtmnxZKdw4gFi3V/
dpnn3p/xG1ksy8Byeh6CGeAIytKM2OH95givzAA55rQzPprwmhiwi0KDGvlb5CYd
t0PlnejMHz0eoR4rhBPtfsTHbvNAMhJLlW0MXSfkPmfp6WLoeIrlW0WZdsXfi9hg
5DtUoNuaHKH3V06YWp636u0m/ECJOhmikBbbaNP0G0OwJzKUy0gyY27c7kovFBa8
InH++84WdmCXNUxbgxBYQt9ndBLLYZY3yWnu/3xjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfTyJPOJ1u0KbY6pWUK/aXLKlBNEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzYTBjNzQxLTc0MTgtNGJlYy1iNzU2LTVlOWM5YzcxZDc4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcyE4AwDQYJKoZIhvcNAQELBQADggEBAH+8rxbPep9AAhCW+1p138aMvetR
6sqwkvTEVwXFI6MmSELCzFu4DXVJxd67YxQKe2MqOZ61opLRHD9m+cbMFzZarKO6
46K7+Rv8BLIVNUFI9IN7Nd/muPRVa5mRetb/scnYiuFw8c3rtXPeoeDu3/0CVXg3
qxJrtGoWWsB7JoOwZQPdmmTXPREDDBU1t0On7sShSMyHXBQ/cQAEfN2DHS/NpYtG
bB1kwNwY6aIy2iUWfG2ETWA+UgE3PZuPkRU7hP2oH2O/I49q79dL94oemR6bo5Q4
9mkhQ/gUn0ds/Sh6UHIhtB9Nz5yjmEBZBpAKKON9GydkAUFjkUJaSl/Ae6I=
-----END CERTIFICATE-----