Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96775b6e-d2c7-45b1-b153-6189276f8a53.roa
File:                     96775b6e-d2c7-45b1-b153-6189276f8a53.roa (raw, json)
Hash identifier:          u63pkt9GubJbXG6ouFUYeOsHutoYl4I6vZOT+EBxr9Q=
Subject key identifier:   AE:8F:8A:59:3C:66:1F:73:57:59:0C:75:F2:21:A9:55:88:E6:89:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0AA71F50D3C5F4E80FD657FA5558A139D791F1DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96775b6e-d2c7-45b1-b153-6189276f8a53.roa
Signing time:             Tue 07 Oct 2025 00:22:23 +0000
ROA not before:           Tue 07 Oct 2025 00:22:23 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.152.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:a7:1f:50:d3:c5:f4:e8:0f:d6:57:fa:55:58:a1:39:d7:91:f1:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:22:23 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=85c0aebb6a497f0339a7760b43c3f8b50c26087adaeeb3bbadce94b4add1d691, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:52:75:e6:1d:e8:b5:af:d6:51:30:90:7c:3a:
                    6e:5a:ee:5b:72:74:eb:60:52:f6:16:f5:fc:44:a9:
                    a7:b9:4a:08:c7:90:ed:7b:ee:47:f1:57:ee:23:57:
                    14:e6:71:04:68:ef:84:1a:50:da:38:19:d6:65:d0:
                    87:0d:89:f9:cd:a6:1c:f1:ad:64:f3:8c:f4:84:dd:
                    fb:c4:7c:05:6b:8e:2f:65:d5:37:67:58:7b:6c:ba:
                    1d:1a:68:a0:c8:bf:8b:ee:8b:4e:13:d7:73:1b:df:
                    f3:ea:7a:56:bb:0c:39:32:bb:31:45:32:41:fc:37:
                    0d:29:91:cf:03:a5:4c:1b:59:59:43:6c:88:df:eb:
                    ab:f3:7a:4f:54:c9:5a:59:c7:50:64:e8:93:80:4d:
                    b4:b7:d3:ac:55:02:0c:9b:25:b1:ce:97:c2:86:32:
                    09:12:37:9d:78:87:78:89:c1:ff:fb:b3:a4:7c:9d:
                    3d:8e:26:89:8a:77:96:12:52:ea:d8:d5:2e:05:17:
                    f6:93:3f:9e:75:0c:2e:12:54:c2:6c:ab:d5:ad:72:
                    bf:54:33:b6:a3:b3:e3:b0:74:1e:65:c5:8e:53:67:
                    08:54:b2:7c:1e:a5:3e:7d:93:13:55:1e:6a:32:73:
                    26:79:64:cd:32:15:5e:27:a7:80:88:b6:4b:18:62:
                    00:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:8F:8A:59:3C:66:1F:73:57:59:0C:75:F2:21:A9:55:88:E6:89:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96775b6e-d2c7-45b1-b153-6189276f8a53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a9:c9:4e:d5:81:01:c5:df:47:9e:67:41:0d:7d:24:54:5b:ef:
         76:6c:f8:d7:37:44:7b:19:d1:43:5b:99:b8:61:fd:26:45:a5:
         06:02:50:36:45:bd:01:e4:88:05:c8:c1:5f:58:ef:05:c6:cd:
         95:ec:4a:46:79:91:75:69:9e:e5:d1:51:20:bb:4c:5a:57:ae:
         15:b0:67:f2:8a:ab:e5:ae:39:be:b4:b6:e8:de:aa:de:21:3e:
         fd:66:f7:03:36:52:6d:7d:67:ca:08:67:82:2a:36:8d:6f:73:
         b5:32:a7:26:4a:ac:0b:12:5f:af:4b:cb:fe:49:7a:9e:f1:9e:
         d6:af:1b:cf:76:ea:a4:a0:54:9c:a6:6c:2d:4c:a7:51:c7:f5:
         b8:d9:00:b0:bf:b7:42:6b:55:9d:2c:35:95:3a:07:60:40:6e:
         2d:1c:dd:4a:e9:97:40:a6:2b:1b:f4:cd:0c:2e:cc:56:1c:d6:
         f3:59:00:f4:aa:ee:b0:a0:72:02:f5:04:d9:44:ee:4a:b1:e8:
         b5:42:be:15:54:63:cf:18:2f:ce:ee:71:e9:a9:bc:e4:77:c6:
         dd:0a:e8:af:97:f9:80:94:d3:6c:51:4f:a1:a5:dc:0c:18:ed:
         29:bc:eb:57:ac:a6:3c:42:7e:de:a4:a7:ca:21:0b:32:7b:5d:
         44:df:ff:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCqcfUNPF9OgP1lf6VVihOdeR8dswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMjIzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWMwYWViYjZhNDk3ZjAzMzlhNzc2MGI0M2MzZjhiNTBj
MjYwODdhZGFlZWIzYmJhZGNlOTRiNGFkZDFkNjkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTUnXmHei1r9ZRMJB8Om5a7ltydOtgUvYW9fxEqae5SgjH
kO177kfxV+4jVxTmcQRo74QaUNo4GdZl0IcNifnNphzxrWTzjPSE3fvEfAVrji9l
1TdnWHtsuh0aaKDIv4vui04T13Mb3/Pqela7DDkyuzFFMkH8Nw0pkc8DpUwbWVlD
bIjf66vzek9UyVpZx1Bk6JOATbS306xVAgybJbHOl8KGMgkSN514h3iJwf/7s6R8
nT2OJomKd5YSUurY1S4FF/aTP551DC4SVMJsq9Wtcr9UM7ajs+OwdB5lxY5TZwhU
snwepT59kxNVHmoycyZ5ZM0yFV4np4CItksYYgCHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUro+KWTxmH3NXWQx18iGpVYjmiVIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk2Nzc1YjZlLWQyYzctNDViMS1iMTUzLTYxODkyNzZmOGE1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO4SZgwDQYJKoZIhvcNAQELBQADggEBAKnJTtWBAcXfR55nQQ19JFRb73Zs
+Nc3RHsZ0UNbmbhh/SZFpQYCUDZFvQHkiAXIwV9Y7wXGzZXsSkZ5kXVpnuXRUSC7
TFpXrhWwZ/KKq+WuOb60tujeqt4hPv1m9wM2Um19Z8oIZ4IqNo1vc7UypyZKrAsS
X69Ly/5Jep7xntavG8926qSgVJymbC1Mp1HH9bjZALC/t0JrVZ0sNZU6B2BAbi0c
3Urpl0CmKxv0zQwuzFYc1vNZAPSq7rCgcgL1BNlE7kqx6LVCvhVUY88YL87ucemp
vOR3xt0K6K+X+YCU02xRT6Gl3AwY7Sm861espjxCft6kp8ohCzJ7XUTf/xY=
-----END CERTIFICATE-----