Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a07397dc-3051-482a-957d-ed3a4c2859b6.roa
File:                     a07397dc-3051-482a-957d-ed3a4c2859b6.roa (raw, json)
Hash identifier:          TGrnfbovGY94MIaV6Oj3jAnChBJBXaZVkhouAfL8ajU=
Subject key identifier:   CA:4F:7F:01:4A:EC:B3:3D:33:C5:3E:E1:F9:22:42:17:81:8B:A1:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6BC2EC9B35C25A92D5706EA1927819B02BBFBF91
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a07397dc-3051-482a-957d-ed3a4c2859b6.roa
Signing time:             Fri 10 Oct 2025 00:21:35 +0000
ROA not before:           Fri 10 Oct 2025 00:21:35 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        98.80.0.0/13 maxlen: 13
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:c2:ec:9b:35:c2:5a:92:d5:70:6e:a1:92:78:19:b0:2b:bf:bf:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 00:21:35 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=720ec350f6faea7a7725aae071b2bd54e7b0a7822c013cd0ff0fcc4ab89a7355, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2b:86:fe:5a:41:cf:f6:99:cf:c6:7c:87:3f:
                    4f:00:a2:c4:51:25:a2:fa:81:b1:36:a8:ca:2c:4c:
                    0b:3a:fa:1d:90:83:46:4e:45:ea:bd:ea:4f:0c:f6:
                    2f:02:07:f4:63:28:0f:11:6b:6c:8a:f8:a6:2d:1d:
                    cf:4a:fb:2d:5b:55:e1:da:32:5a:e9:f5:1b:3b:2a:
                    6f:7d:dc:1b:9b:53:26:a5:8f:5a:5d:d9:38:8f:af:
                    42:58:34:71:5d:59:77:87:69:88:62:56:d6:27:c8:
                    16:81:f1:7a:e7:13:98:38:8e:88:9b:0e:f5:76:fd:
                    da:a5:f9:66:32:40:85:03:50:53:79:8c:08:f1:5d:
                    59:61:60:ec:45:0b:1e:b2:10:c0:09:06:11:03:64:
                    6e:4e:6d:11:40:0d:1a:b2:0a:58:ec:4e:51:33:d3:
                    88:0e:2e:b2:c9:d5:7e:54:17:ac:14:88:4e:96:2d:
                    00:24:da:7c:08:f1:67:5c:f2:3f:72:12:47:55:1c:
                    92:23:55:40:86:9f:e3:f2:d6:19:e9:4f:52:4a:18:
                    dd:9b:0f:20:07:cc:3e:1e:7d:46:fe:ea:88:16:b4:
                    f6:99:9c:32:8e:13:78:6f:28:c6:67:7d:8c:71:55:
                    1a:95:f0:3f:d0:1f:b4:3e:4a:00:f3:65:e3:7e:45:
                    18:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:4F:7F:01:4A:EC:B3:3D:33:C5:3E:E1:F9:22:42:17:81:8B:A1:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a07397dc-3051-482a-957d-ed3a4c2859b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.80.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         68:64:b2:bd:7d:4e:36:b6:83:d6:e9:c4:53:24:7b:43:fa:17:
         83:d6:45:05:da:4a:33:2e:de:25:aa:59:4c:89:86:f7:f1:d6:
         36:da:d3:e6:f0:ac:27:f0:5e:70:e5:2d:18:f6:d0:26:71:68:
         2a:cc:0a:d8:b0:ab:3f:d2:2d:01:14:ea:b4:a9:f8:ce:3c:1e:
         2d:70:cf:07:f5:57:80:17:6c:11:61:26:a0:bd:fd:93:22:aa:
         ef:86:57:bf:82:8f:87:9d:03:f0:2c:30:54:20:63:66:50:7e:
         99:f4:2b:da:7a:44:bc:15:84:70:4a:50:bb:44:75:1c:b5:af:
         23:b2:28:78:90:3b:75:e2:c1:a9:1a:91:fd:d2:ae:be:ea:f7:
         fb:2a:bd:5a:80:5a:a7:30:e7:16:e5:66:d1:6d:2f:c3:b9:92:
         4f:c6:02:9d:a3:bb:83:fa:92:42:a2:4f:90:29:b3:68:2d:c9:
         ae:ee:f8:04:65:fe:ba:b5:0c:f3:03:22:ef:4b:77:f4:ce:97:
         aa:a4:83:c8:91:67:4d:de:7a:5f:8b:2b:ec:c6:b4:1d:2c:4c:
         ab:25:5d:9b:8c:18:51:cc:62:30:f4:b2:af:92:e5:45:ee:f3:
         19:91:85:5e:d4:cd:9b:fc:27:20:91:f3:09:3a:c2:8f:ab:e2:
         03:2c:6e:f4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa8LsmzXCWpLVcG6hkngZsCu/v5EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAyMTM1WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjBlYzM1MGY2ZmFlYTdhNzcyNWFhZTA3MWIyYmQ1NGU3
YjBhNzgyMmMwMTNjZDBmZjBmY2M0YWI4OWE3MzU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiK4b+WkHP9pnPxnyHP08AosRRJaL6gbE2qMosTAs6+h2Q
g0ZOReq96k8M9i8CB/RjKA8Ra2yK+KYtHc9K+y1bVeHaMlrp9Rs7Km993BubUyal
j1pd2TiPr0JYNHFdWXeHaYhiVtYnyBaB8XrnE5g4joibDvV2/dql+WYyQIUDUFN5
jAjxXVlhYOxFCx6yEMAJBhEDZG5ObRFADRqyCljsTlEz04gOLrLJ1X5UF6wUiE6W
LQAk2nwI8Wdc8j9yEkdVHJIjVUCGn+Py1hnpT1JKGN2bDyAHzD4efUb+6ogWtPaZ
nDKOE3hvKMZnfYxxVRqV8D/QH7Q+SgDzZeN+RRjJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyk9/AUrssz0zxT7h+SJCF4GLoe0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EwNzM5N2RjLTMwNTEtNDgyYS05NTdkLWVkM2E0YzI4NTliNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwNiUDANBgkqhkiG9w0BAQsFAAOCAQEAaGSyvX1ONraD1unEUyR7Q/oXg9ZF
BdpKMy7eJapZTImG9/HWNtrT5vCsJ/BecOUtGPbQJnFoKswK2LCrP9ItARTqtKn4
zjweLXDPB/VXgBdsEWEmoL39kyKq74ZXv4KPh50D8CwwVCBjZlB+mfQr2npEvBWE
cEpQu0R1HLWvI7IoeJA7deLBqRqR/dKuvur3+yq9WoBapzDnFuVm0W0vw7mST8YC
naO7g/qSQqJPkCmzaC3Jru74BGX+urUM8wMi70t39M6XqqSDyJFnTd56X4sr7Ma0
HSxMqyVdm4wYUcxiMPSyr5LlRe7zGZGFXtTNm/wnIJHzCTrCj6viAyxu9A==
-----END CERTIFICATE-----