Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba2a4a20-1ad8-49ab-96c4-ec41278a0393.roa
File:                     ba2a4a20-1ad8-49ab-96c4-ec41278a0393.roa (raw, json)
Hash identifier:          Qe1R9xXF3GCHuml5rS+lmcqkLpTfHJMoW2w7JI+mxYA=
Subject key identifier:   61:F6:87:55:67:4C:09:AA:47:64:D5:F0:4C:E1:E0:F9:90:AD:31:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49B4BCB09B76760AE301854AA8D5D89788676C4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba2a4a20-1ad8-49ab-96c4-ec41278a0393.roa
Signing time:             Tue 30 Sep 2025 00:02:08 +0000
ROA not before:           Tue 30 Sep 2025 00:02:08 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.186.32.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:b4:bc:b0:9b:76:76:0a:e3:01:85:4a:a8:d5:d8:97:88:67:6c:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:02:08 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=b0a35e37e0ffd1a7013d3b4b9f98720aee3ec14d2f1f6427932f4a61aad34ad1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b4:ab:90:57:e6:39:dc:06:a1:95:11:e6:a1:
                    03:fb:a3:c8:81:24:48:6b:a3:10:4f:50:69:95:1e:
                    7c:79:a5:25:df:2b:40:4b:08:df:05:83:00:5c:1a:
                    55:37:dd:43:13:57:4c:c2:b4:c7:99:81:f9:14:f7:
                    61:7a:9e:c8:40:f5:1c:03:05:9d:bd:fb:e2:a7:9f:
                    e0:2c:2c:fa:60:5a:f6:f3:d0:6b:fe:eb:47:41:4d:
                    1c:af:6f:4c:18:35:38:12:88:a7:b3:a2:ff:9a:9f:
                    6f:60:38:18:12:3b:ce:dd:62:2c:50:c2:d1:b8:26:
                    27:51:65:37:c3:38:bc:c6:13:96:d5:3b:a3:09:7d:
                    45:f4:df:cc:8b:d8:1e:a4:16:c2:40:16:e5:c9:4d:
                    9f:e3:8e:b9:cd:c2:d3:84:3f:81:33:77:38:97:75:
                    72:af:bf:93:3c:57:a4:3e:03:1d:c6:ae:a8:31:35:
                    e5:cf:5d:6d:06:cd:76:98:79:f8:1f:7c:5a:4d:cc:
                    b5:e5:d8:2a:f0:65:5e:bc:23:74:4a:fa:44:d3:dd:
                    04:7a:c4:0e:2f:b4:ad:ff:76:6a:b6:a1:93:80:55:
                    5a:10:54:16:c9:58:42:6b:07:c2:4b:b2:33:f6:2a:
                    94:06:a7:62:26:b4:0e:5d:ee:24:c3:71:ec:53:c3:
                    2b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:F6:87:55:67:4C:09:AA:47:64:D5:F0:4C:E1:E0:F9:90:AD:31:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba2a4a20-1ad8-49ab-96c4-ec41278a0393.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.186.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         95:2b:ab:f4:bf:d1:82:5c:b2:c4:cc:b8:ac:29:e5:30:0b:0b:
         9b:d7:48:39:83:c7:32:e5:90:46:5e:d1:33:d5:4f:9b:22:fe:
         84:4c:93:f5:21:66:cd:89:b8:d8:c7:92:59:3e:73:c4:b0:8d:
         50:2a:f0:5f:1a:d1:3a:da:c1:34:5e:7c:d9:d3:ef:ad:df:a7:
         ff:32:2d:46:fd:d5:d2:47:30:e4:00:d7:0d:34:bc:b3:7f:17:
         37:56:61:47:06:3a:8b:6f:9e:38:88:fd:5a:7f:1a:4a:40:10:
         2f:fb:54:a7:88:f4:15:3a:ef:bc:e6:46:f2:22:0d:79:92:33:
         8b:69:4e:3a:34:4c:f2:e9:7e:6f:4f:a4:08:61:b1:9e:02:65:
         3a:a3:2a:0a:93:14:02:1d:68:5c:a4:de:db:7c:c7:76:03:56:
         02:f2:06:10:04:eb:60:7d:b1:15:f0:6e:8e:46:1b:f0:8c:87:
         27:b5:46:e5:ff:10:34:69:9f:e6:5a:4f:13:a6:51:14:e1:da:
         dc:f2:63:e4:79:a4:e1:a8:36:08:81:83:53:0d:0a:30:00:66:
         4b:17:c9:e1:2f:e3:2c:38:d6:b7:79:04:cd:7f:f0:53:d6:a8:
         fd:8e:84:2b:d6:be:3d:5c:33:6c:7f:c1:eb:b6:83:bd:80:8e:
         13:84:c8:2e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSbS8sJt2dgrjAYVKqNXYl4hnbEswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjA4WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMGEzNWUzN2UwZmZkMWE3MDEzZDNiNGI5Zjk4NzIwYWVl
M2VjMTRkMmYxZjY0Mjc5MzJmNGE2MWFhZDM0YWQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDatKuQV+Y53AahlRHmoQP7o8iBJEhroxBPUGmVHnx5pSXf
K0BLCN8FgwBcGlU33UMTV0zCtMeZgfkU92F6nshA9RwDBZ29++Knn+AsLPpgWvbz
0Gv+60dBTRyvb0wYNTgSiKezov+an29gOBgSO87dYixQwtG4JidRZTfDOLzGE5bV
O6MJfUX038yL2B6kFsJAFuXJTZ/jjrnNwtOEP4EzdziXdXKvv5M8V6Q+Ax3Grqgx
NeXPXW0GzXaYefgffFpNzLXl2CrwZV68I3RK+kTT3QR6xA4vtK3/dmq2oZOAVVoQ
VBbJWEJrB8JLsjP2KpQGp2ImtA5d7iTDcexTwyvbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYfaHVWdMCapHZNXwTOHg+ZCtMSQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhMmE0YTIwLTFhZDgtNDlhYi05NmM0LWVjNDEyNzhhMDM5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWCuiAwDQYJKoZIhvcNAQELBQADggEBAJUrq/S/0YJcssTMuKwp5TALC5vX
SDmDxzLlkEZe0TPVT5si/oRMk/UhZs2JuNjHklk+c8SwjVAq8F8a0TrawTRefNnT
763fp/8yLUb91dJHMOQA1w00vLN/FzdWYUcGOotvnjiI/Vp/GkpAEC/7VKeI9BU6
77zmRvIiDXmSM4tpTjo0TPLpfm9PpAhhsZ4CZTqjKgqTFAIdaFyk3tt8x3YDVgLy
BhAE62B9sRXwbo5GG/CMhye1RuX/EDRpn+ZaTxOmURTh2tzyY+R5pOGoNgiBg1MN
CjAAZksXyeEv4yw41rd5BM1/8FPWqP2OhCvWvj1cM2x/weu2g72AjhOEyC4=
-----END CERTIFICATE-----