Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97873d74-2b1b-42d6-9c41-b2870237ac5b.roa
File:                     97873d74-2b1b-42d6-9c41-b2870237ac5b.roa (raw, json)
Hash identifier:          5oQcU/zURtA1qwFR6NU/luRIsIXSykgt5P2fUIAp4Q0=
Subject key identifier:   D7:9A:62:8E:33:AB:B6:44:C0:CD:9D:61:12:10:48:1B:7D:60:98:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       073782B5A85FD23E8D5B928C8AFB4A99FCA3A148
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97873d74-2b1b-42d6-9c41-b2870237ac5b.roa
Signing time:             Tue 07 Oct 2025 00:21:32 +0000
ROA not before:           Tue 07 Oct 2025 00:21:32 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.144.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:37:82:b5:a8:5f:d2:3e:8d:5b:92:8c:8a:fb:4a:99:fc:a3:a1:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:21:32 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=aee49d9ea0238d31159660460c14d111e9cc965d6672b7c20bcb2cd0ea40a387, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:92:d0:f5:88:7f:35:25:e5:9e:d3:ef:77:14:
                    ef:23:00:a9:af:7b:29:78:cb:59:98:05:17:9f:36:
                    67:a9:f1:5e:af:c5:c4:a2:27:15:35:5b:e3:78:94:
                    c0:af:87:de:50:9e:0b:ca:72:93:0e:fe:ad:0a:d6:
                    a0:f5:a7:73:01:48:11:ee:a8:6a:49:e7:59:c8:f5:
                    d6:a4:8c:6b:93:46:2f:81:35:02:6a:85:ac:95:05:
                    e1:f2:7a:90:73:61:99:08:21:84:31:86:9a:f6:9f:
                    3f:bb:25:51:38:59:71:0e:1f:55:24:3c:a5:9e:9d:
                    49:00:98:9e:f1:d0:9e:eb:c6:60:a1:82:0c:30:c3:
                    83:4e:7a:c1:44:89:38:5c:c7:02:f8:a2:74:07:c0:
                    c0:80:34:5a:ea:1f:0b:42:f9:9a:d6:ef:ec:e3:b2:
                    fd:61:5a:10:01:d4:b1:7b:3f:73:6c:d5:0a:cb:5d:
                    f5:f0:9c:5f:c1:67:ea:e7:08:52:08:bd:aa:10:8c:
                    c3:5d:f8:ea:03:09:2c:91:b7:f6:3f:34:11:22:b6:
                    2f:d3:38:81:70:23:fe:52:5e:2b:01:bb:18:1e:06:
                    08:2a:b9:8b:8a:c1:43:28:0b:a0:84:91:f9:b5:d3:
                    3d:b8:9f:e4:ec:11:37:67:6d:bd:f9:35:04:57:cd:
                    84:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9A:62:8E:33:AB:B6:44:C0:CD:9D:61:12:10:48:1B:7D:60:98:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/97873d74-2b1b-42d6-9c41-b2870237ac5b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:ca:dc:0e:10:8d:4c:22:4c:ad:57:8d:03:c2:b4:92:65:6f:
         26:88:e1:d5:e4:25:99:ab:e2:aa:e0:57:16:40:4e:71:00:9f:
         4c:0a:56:de:0b:36:31:a1:40:00:74:5f:48:a7:34:93:35:89:
         65:f9:c7:5b:19:af:ad:fa:09:64:c8:f3:bd:57:0b:45:37:24:
         ec:19:f0:7d:00:51:a8:69:61:7b:25:69:0a:42:27:2b:13:45:
         47:e9:73:97:42:65:b6:66:a2:d6:1e:fc:71:9a:30:aa:84:e8:
         85:15:90:05:18:c2:91:f5:31:3a:9b:2a:02:8b:08:69:3e:9a:
         7f:fb:04:d8:3f:a7:a9:ab:ca:1e:ce:2b:4a:d6:10:b1:f1:0d:
         de:ee:ae:38:ca:91:13:ce:15:46:04:88:aa:55:22:00:3b:a7:
         fc:46:51:26:d3:5e:fa:5a:d7:5a:21:2b:45:16:fe:af:96:28:
         b2:bf:db:df:6c:7c:7d:54:9c:31:84:16:27:71:ba:80:db:0e:
         69:19:51:14:13:b1:44:6e:ae:bb:08:b0:3c:11:43:b1:f2:92:
         a8:4b:a7:91:10:7e:e7:de:74:b9:cd:7b:09:ed:6e:62:12:cb:
         07:56:1f:76:0a:5e:47:ba:69:71:49:46:27:f5:95:55:f1:70:
         aa:9b:fe:19
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBzeCtahf0j6NW5KMivtKmfyjoUgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMTMyWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZWU0OWQ5ZWEwMjM4ZDMxMTU5NjYwNDYwYzE0ZDExMWU5
Y2M5NjVkNjY3MmI3YzIwYmNiMmNkMGVhNDBhMzg3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMktD1iH81JeWe0+93FO8jAKmveyl4y1mYBRefNmep8V6v
xcSiJxU1W+N4lMCvh95QngvKcpMO/q0K1qD1p3MBSBHuqGpJ51nI9dakjGuTRi+B
NQJqhayVBeHyepBzYZkIIYQxhpr2nz+7JVE4WXEOH1UkPKWenUkAmJ7x0J7rxmCh
ggwww4NOesFEiThcxwL4onQHwMCANFrqHwtC+ZrW7+zjsv1hWhAB1LF7P3Ns1QrL
XfXwnF/BZ+rnCFIIvaoQjMNd+OoDCSyRt/Y/NBEiti/TOIFwI/5SXisBuxgeBggq
uYuKwUMoC6CEkfm10z24n+TsETdnbb35NQRXzYSTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU15pijjOrtkTAzZ1hEhBIG31gmPQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk3ODczZDc0LTJiMWItNDJkNi05YzQxLWIyODcwMjM3YWM1Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOIEpAwDQYJKoZIhvcNAQELBQADggEBADTK3A4QjUwiTK1XjQPCtJJlbyaI
4dXkJZmr4qrgVxZATnEAn0wKVt4LNjGhQAB0X0inNJM1iWX5x1sZr636CWTI871X
C0U3JOwZ8H0AUahpYXslaQpCJysTRUfpc5dCZbZmotYe/HGaMKqE6IUVkAUYwpH1
MTqbKgKLCGk+mn/7BNg/p6mryh7OK0rWELHxDd7urjjKkRPOFUYEiKpVIgA7p/xG
USbTXvpa11ohK0UW/q+WKLK/299sfH1UnDGEFidxuoDbDmkZURQTsURurrsIsDwR
Q7HykqhLp5EQfufedLnNewntbmISywdWH3YKXke6aXFJRif1lVXxcKqb/hk=
-----END CERTIFICATE-----