Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a51fc2d5-b6be-44c2-b057-5e3ca44894a5.roa
File:                     a51fc2d5-b6be-44c2-b057-5e3ca44894a5.roa (raw, json)
Hash identifier:          7rzjiaYn4OmnRGYVAR3ftBQsvVZ3hd85PQw3+4dSU0A=
Subject key identifier:   31:8A:44:93:20:3F:DF:DA:3C:3C:29:5C:17:50:7C:0E:78:99:04:A4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5617AE68F704A73E941ACED5046AC47BACA915F3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a51fc2d5-b6be-44c2-b057-5e3ca44894a5.roa
Signing time:             Mon 06 Oct 2025 16:21:08 +0000
ROA not before:           Mon 06 Oct 2025 16:21:08 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.215.132.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:17:ae:68:f7:04:a7:3e:94:1a:ce:d5:04:6a:c4:7b:ac:a9:15:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:21:08 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=722211ef055ef68ae3af7473b8d22ebead282346409535cca6d3fc06e3c25088, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3c:74:24:f2:c2:ed:39:f7:cc:ac:d2:c0:6e:
                    3e:df:c8:f8:5f:82:4e:7f:50:a5:39:44:f1:22:01:
                    95:7f:21:1c:31:fd:a3:dd:a2:9a:78:2d:d3:4e:51:
                    8c:4a:6b:11:79:34:66:a6:f9:f0:cc:cd:db:2b:7f:
                    99:97:41:fa:9e:ca:35:b7:41:97:4f:06:21:02:7c:
                    40:9d:2f:56:84:28:77:c5:3c:98:b4:5d:60:b7:df:
                    19:e6:b1:88:7e:55:9c:18:f0:4d:c4:29:92:11:1b:
                    ad:82:1c:58:4b:0c:c8:c0:6f:2d:63:d7:ac:a7:dc:
                    ea:d7:d1:2a:79:0a:cb:c6:3c:27:dc:d4:d7:34:eb:
                    94:55:34:5f:b8:79:b8:40:26:ba:53:cc:41:0e:f3:
                    83:a6:7f:b8:7a:70:1f:e4:89:a5:41:63:47:01:2a:
                    bb:25:e1:5f:e1:da:d0:99:c1:e9:08:35:00:3a:e6:
                    c5:1d:7b:cf:5f:43:d9:06:e4:81:63:82:39:7b:2c:
                    d6:a6:1c:9c:59:7e:d0:e4:a6:e1:44:4c:58:62:30:
                    0b:73:a9:af:27:f0:b4:0a:1b:fb:8f:7f:a5:59:71:
                    1a:3f:e2:dd:73:b5:e7:3c:e0:dc:bb:56:bc:98:0e:
                    85:b7:db:d6:1c:b2:9f:0d:df:dd:03:cd:77:2f:d5:
                    9c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:8A:44:93:20:3F:DF:DA:3C:3C:29:5C:17:50:7C:0E:78:99:04:A4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a51fc2d5-b6be-44c2-b057-5e3ca44894a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:7f:c9:f2:68:6d:7e:14:71:00:eb:b3:d4:4e:56:50:65:4d:
         f0:03:98:84:65:eb:f5:e6:ad:16:f9:f6:ab:03:a1:01:1b:56:
         04:43:f3:ab:ef:c9:3b:8c:53:64:2b:69:0a:1b:cd:b5:85:61:
         5f:6f:4a:bd:36:0b:8b:e7:4a:a9:12:39:cb:08:b7:6b:67:0f:
         03:a6:29:90:ea:a1:f8:e0:61:d3:ac:13:85:1d:20:a4:d8:71:
         b7:7b:2c:c5:fb:c1:88:62:4d:59:f1:da:2c:c4:0a:fd:e3:1c:
         90:e1:84:78:9d:1d:23:9c:36:b6:26:3c:48:e7:73:a0:56:57:
         49:14:2b:7a:47:31:c7:de:6d:f1:a4:db:8c:34:b5:4c:5e:ef:
         04:25:77:8e:bc:6a:10:d0:6c:53:de:63:7b:b5:b5:b9:1e:fa:
         b6:d6:4c:de:a6:0c:1d:fd:c0:e3:5c:8a:b5:67:6d:84:79:0a:
         5e:c1:a2:22:4e:05:62:ef:48:6c:a4:79:dd:93:33:fb:f3:81:
         8a:91:66:2d:f5:1a:41:fb:fc:aa:49:ef:27:28:c5:66:17:6f:
         b9:84:0e:76:11:98:81:ca:7d:59:56:7a:cb:c5:6b:fe:c2:82:
         17:52:32:34:e3:96:ad:f1:f8:cd:8c:ff:c2:06:e2:3f:8f:c7:
         cc:2e:f4:3a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVheuaPcEpz6UGs7VBGrEe6ypFfMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYyMTA4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjIyMTFlZjA1NWVmNjhhZTNhZjc0NzNiOGQyMmViZWFk
MjgyMzQ2NDA5NTM1Y2NhNmQzZmMwNmUzYzI1MDg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrPHQk8sLtOffMrNLAbj7fyPhfgk5/UKU5RPEiAZV/IRwx
/aPdopp4LdNOUYxKaxF5NGam+fDMzdsrf5mXQfqeyjW3QZdPBiECfECdL1aEKHfF
PJi0XWC33xnmsYh+VZwY8E3EKZIRG62CHFhLDMjAby1j16yn3OrX0Sp5CsvGPCfc
1Nc065RVNF+4ebhAJrpTzEEO84Omf7h6cB/kiaVBY0cBKrsl4V/h2tCZwekINQA6
5sUde89fQ9kG5IFjgjl7LNamHJxZftDkpuFETFhiMAtzqa8n8LQKG/uPf6VZcRo/
4t1ztec84Ny7VryYDoW329Ycsp8N390DzXcv1Zw7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMYpEkyA/39o8PClcF1B8DniZBKQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1MWZjMmQ1LWI2YmUtNDRjMi1iMDU3LTVlM2NhNDQ4OTRhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs14QwDQYJKoZIhvcNAQELBQADggEBAFR/yfJobX4UcQDrs9ROVlBlTfAD
mIRl6/XmrRb59qsDoQEbVgRD86vvyTuMU2QraQobzbWFYV9vSr02C4vnSqkSOcsI
t2tnDwOmKZDqofjgYdOsE4UdIKTYcbd7LMX7wYhiTVnx2izECv3jHJDhhHidHSOc
NrYmPEjnc6BWV0kUK3pHMcfebfGk24w0tUxe7wQld468ahDQbFPeY3u1tbke+rbW
TN6mDB39wONcirVnbYR5Cl7BoiJOBWLvSGyked2TM/vzgYqRZi31GkH7/KpJ7yco
xWYXb7mEDnYRmIHKfVlWesvFa/7CghdSMjTjlq3x+M2M/8IG4j+Px8wu9Do=
-----END CERTIFICATE-----