Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb61ed5e-39be-4263-9415-ebd102b321b7.roa
File:                     bb61ed5e-39be-4263-9415-ebd102b321b7.roa (raw, json)
Hash identifier:          0C9IWWiXOHMvjFAzne1HbYauoQ0RgidnBrtc0qRYdh0=
Subject key identifier:   82:C0:53:A1:09:54:C6:1A:F3:78:AD:5F:C8:22:4E:88:44:34:DD:8C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1A29F1BB6E9EF42EF792B84F9F91F86E01523F65
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb61ed5e-39be-4263-9415-ebd102b321b7.roa
Signing time:             Mon 06 Oct 2025 16:42:23 +0000
ROA not before:           Mon 06 Oct 2025 16:42:23 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.64.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:29:f1:bb:6e:9e:f4:2e:f7:92:b8:4f:9f:91:f8:6e:01:52:3f:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:42:23 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=cf07af81310fac0a8e0685d0c3a1c8446bb020a6f6bb2a83dc1b8d4a3e2cd5e1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c3:a3:d8:94:ac:12:8f:67:d7:01:d0:67:45:
                    b0:39:82:fc:d4:cd:30:dd:01:b7:65:fc:db:48:74:
                    1d:94:84:dd:c0:aa:b4:91:9b:9f:12:c5:e7:07:88:
                    d9:5c:ce:7d:b7:0e:0d:ae:e0:2c:c3:13:d3:5a:04:
                    75:06:4f:3f:92:d3:53:a1:65:f9:cc:70:b2:db:0e:
                    b8:61:c5:da:6c:65:00:d8:8c:2c:7b:88:af:83:5d:
                    9c:1a:06:1d:68:11:7f:5e:9f:12:a5:7a:b0:1a:07:
                    fe:3d:eb:37:60:e5:36:43:92:d8:79:64:5a:fe:2a:
                    58:6e:9e:dc:dd:17:45:a9:57:53:fc:37:94:d0:f5:
                    28:89:22:34:ae:3c:05:ff:06:17:7d:14:56:fa:e4:
                    4a:00:3f:0d:11:e6:15:5a:69:c2:83:bb:a9:c8:ee:
                    24:81:3b:df:a9:66:74:d7:5e:dc:0f:08:56:94:d3:
                    52:c2:58:27:96:83:73:17:96:36:ba:10:ea:5e:5a:
                    88:7c:0b:e4:58:21:c8:88:be:5a:35:46:9f:54:b3:
                    5d:1f:b0:0a:64:c4:30:2a:c1:d5:9f:b9:e1:6f:ab:
                    83:37:dc:2b:79:e5:41:67:91:de:a6:66:f6:38:aa:
                    b6:eb:d9:57:46:61:42:26:d6:0b:a1:96:5b:29:2e:
                    5e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C0:53:A1:09:54:C6:1A:F3:78:AD:5F:C8:22:4E:88:44:34:DD:8C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb61ed5e-39be-4263-9415-ebd102b321b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2d:b1:7e:26:7f:b0:80:b8:eb:00:d3:8c:d4:6c:99:16:4b:0e:
         02:97:cb:6b:76:c0:46:25:1f:ff:1f:41:5a:27:75:30:3e:57:
         b3:ff:52:05:4f:5a:70:00:50:32:fd:d6:d8:aa:52:db:ec:f7:
         7e:ed:d9:24:f4:f3:2d:ee:9f:a5:bc:b8:f7:d1:40:85:b8:44:
         2a:f1:37:a3:e6:67:89:91:dd:92:02:7f:e7:e5:ec:b0:c1:35:
         f2:54:e3:53:3a:37:41:d4:94:4e:60:fb:94:97:97:40:f9:11:
         15:04:52:1a:a7:7f:1c:34:e1:07:77:d1:8a:40:3a:cd:38:2f:
         b0:a4:ff:a4:b7:a1:b5:f7:f3:ab:ff:6d:08:b5:87:42:47:1a:
         86:a3:39:4f:9c:e7:94:b2:ce:b1:7b:a0:7a:54:37:19:45:34:
         d5:9c:27:78:5d:29:09:eb:15:ec:a3:20:8a:6f:bf:4a:89:74:
         f7:8b:e5:35:49:fc:f6:f9:39:3b:cb:9a:d8:fd:1e:2e:a2:f7:
         8c:86:e2:f2:4b:a2:7f:d6:89:bf:6a:f1:3d:e7:4a:d5:00:97:
         78:8c:6a:b0:7c:be:bb:2c:36:9a:0b:b8:ff:6a:66:f9:11:f2:
         58:7c:72:08:5a:d5:a3:9e:0b:43:62:26:1b:27:f2:57:66:c8:
         8d:e8:b1:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGinxu26e9C73krhPn5H4bgFSP2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTY0MjIzWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjA3YWY4MTMxMGZhYzBhOGUwNjg1ZDBjM2ExYzg0NDZi
YjAyMGE2ZjZiYjJhODNkYzFiOGQ0YTNlMmNkNWUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtw6PYlKwSj2fXAdBnRbA5gvzUzTDdAbdl/NtIdB2UhN3A
qrSRm58SxecHiNlczn23Dg2u4CzDE9NaBHUGTz+S01OhZfnMcLLbDrhhxdpsZQDY
jCx7iK+DXZwaBh1oEX9enxKlerAaB/496zdg5TZDkth5ZFr+KlhuntzdF0WpV1P8
N5TQ9SiJIjSuPAX/Bhd9FFb65EoAPw0R5hVaacKDu6nI7iSBO9+pZnTXXtwPCFaU
01LCWCeWg3MXlja6EOpeWoh8C+RYIciIvlo1Rp9Us10fsApkxDAqwdWfueFvq4M3
3Ct55UFnkd6mZvY4qrbr2VdGYUIm1guhllspLl41AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgsBToQlUxhrzeK1fyCJOiEQ03YwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JiNjFlZDVlLTM5YmUtNDI2My05NDE1LWViZDEwMmIzMjFiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUyEkAwDQYJKoZIhvcNAQELBQADggEBAC2xfiZ/sIC46wDTjNRsmRZLDgKX
y2t2wEYlH/8fQVondTA+V7P/UgVPWnAAUDL91tiqUtvs937t2ST08y3un6W8uPfR
QIW4RCrxN6PmZ4mR3ZICf+fl7LDBNfJU41M6N0HUlE5g+5SXl0D5ERUEUhqnfxw0
4Qd30YpAOs04L7Ck/6S3obX386v/bQi1h0JHGoajOU+c55SyzrF7oHpUNxlFNNWc
J3hdKQnrFeyjIIpvv0qJdPeL5TVJ/Pb5OTvLmtj9Hi6i94yG4vJLon/Wib9q8T3n
StUAl3iMarB8vrssNpoLuP9qZvkR8lh8cgha1aOeC0NiJhsn8ldmyI3osec=
-----END CERTIFICATE-----