Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa
File:                     c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa (raw, json)
Hash identifier:          FyUkI7FD56rY8uW1dfNBo8UfuSHtZYCQNjhcGEuF2i8=
Subject key identifier:   70:6E:23:38:01:3C:43:54:D2:9E:CC:8D:5E:BF:D0:84:91:1D:35:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       35A67800D98A8463DD7471C7A8ED262D3E356AD8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa
Signing time:             Mon 06 Oct 2025 16:41:16 +0000
ROA not before:           Mon 06 Oct 2025 16:41:16 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.16.128.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:a6:78:00:d9:8a:84:63:dd:74:71:c7:a8:ed:26:2d:3e:35:6a:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:41:16 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=6f8841a3333c5ac6cfa3773bc9288b4dde971d8cf9916d02301cf35fc28cca24, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4e:87:17:37:a9:99:39:29:c2:9c:3d:59:e0:
                    78:00:56:eb:d1:4c:f3:cc:d8:cc:93:8b:c4:6c:8b:
                    a2:f6:cd:8b:d3:8e:c2:4e:f0:3e:32:ac:44:0e:c9:
                    b1:58:0f:fc:0f:a7:05:d0:9d:76:17:2b:60:fe:bf:
                    1e:61:de:e1:e9:a4:45:93:e5:b8:b9:40:fd:86:88:
                    3f:11:8f:32:18:81:7e:08:da:5c:0b:83:34:0c:c0:
                    7a:33:2d:ad:f7:9b:7c:c8:47:9f:7a:b3:10:b8:a0:
                    74:e2:79:09:4c:23:65:71:b7:07:a4:0b:7f:71:46:
                    14:d7:b4:48:ff:04:22:fd:ad:a3:33:8c:8f:25:7f:
                    c3:13:12:4b:da:79:b0:f0:4a:95:1e:49:40:bc:c0:
                    2d:bc:9b:77:a5:71:10:9c:af:ba:9e:9c:71:55:50:
                    52:ea:3c:e6:d0:94:d8:74:69:06:79:b5:f5:cd:a8:
                    e8:e3:a9:19:10:38:03:0d:be:a9:57:2b:d5:bb:bd:
                    fd:26:10:43:86:88:7d:d8:40:31:18:48:0c:1f:c7:
                    ad:d1:81:3d:3a:98:bb:33:05:0f:df:86:5c:e0:52:
                    db:a1:86:9b:4f:8b:e8:ab:53:c7:14:3e:e8:47:7b:
                    79:c4:b6:da:73:70:b0:1a:ac:c8:4b:c1:46:22:1b:
                    ec:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:6E:23:38:01:3C:43:54:D2:9E:CC:8D:5E:BF:D0:84:91:1D:35:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.16.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         62:7b:e9:67:fd:d2:46:8c:87:4d:1a:9a:5d:40:80:dd:a8:86:
         c0:7e:18:4f:3a:39:23:9f:01:42:e5:a9:c8:97:cc:db:67:b9:
         b4:6e:a5:03:30:0e:d4:43:19:37:45:df:47:ad:0b:90:73:76:
         3f:06:c1:50:7d:f3:e9:d1:2d:b8:73:cc:c4:89:e1:e9:bf:35:
         5e:a2:99:bc:5d:f3:bf:0e:33:c0:15:ef:90:66:89:bf:15:27:
         65:0d:16:e5:47:73:f0:da:9b:6d:1e:de:8c:32:38:79:26:96:
         73:6b:17:dd:f0:ad:da:f3:60:bc:85:3a:bb:2c:04:2b:d3:39:
         96:e4:50:6a:2b:cb:5e:64:58:b9:ee:cd:f1:67:67:32:e7:97:
         17:15:0a:44:a0:5d:0d:c5:13:70:4d:c6:59:08:7e:d6:8b:9f:
         0a:0a:e7:37:5b:27:65:a4:96:a7:0b:ef:1a:0d:84:51:62:34:
         7e:cc:5a:4e:7d:b0:0f:70:04:98:b3:dd:35:f4:9f:b4:34:e8:
         13:7c:d8:16:cb:7f:6a:2a:3d:19:39:27:55:bd:f1:58:ac:6e:
         c5:5b:86:8d:53:7c:d6:c8:be:26:e0:bb:b0:9b:25:cd:e3:73:
         50:87:e8:7a:b2:ba:b7:75:8e:59:00:a2:4d:9e:81:bf:f8:69:
         ff:91:67:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNaZ4ANmKhGPddHHHqO0mLT41atgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTY0MTE2WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2Zjg4NDFhMzMzM2M1YWM2Y2ZhMzc3M2JjOTI4OGI0ZGRl
OTcxZDhjZjk5MTZkMDIzMDFjZjM1ZmMyOGNjYTI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrTocXN6mZOSnCnD1Z4HgAVuvRTPPM2MyTi8Rsi6L2zYvT
jsJO8D4yrEQOybFYD/wPpwXQnXYXK2D+vx5h3uHppEWT5bi5QP2GiD8RjzIYgX4I
2lwLgzQMwHozLa33m3zIR596sxC4oHTieQlMI2VxtwekC39xRhTXtEj/BCL9raMz
jI8lf8MTEkvaebDwSpUeSUC8wC28m3elcRCcr7qenHFVUFLqPObQlNh0aQZ5tfXN
qOjjqRkQOAMNvqlXK9W7vf0mEEOGiH3YQDEYSAwfx63RgT06mLszBQ/fhlzgUtuh
hptPi+irU8cUPuhHe3nEttpzcLAarMhLwUYiG+w/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcG4jOAE8Q1TSnsyNXr/QhJEdNT4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxZTI0MTBiLTQzNjMtNGMwYi1hYjQ2LWI2Y2MzNWM1MGJlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUyEIAwDQYJKoZIhvcNAQELBQADggEBAGJ76Wf90kaMh00aml1AgN2ohsB+
GE86OSOfAULlqciXzNtnubRupQMwDtRDGTdF30etC5Bzdj8GwVB98+nRLbhzzMSJ
4em/NV6imbxd878OM8AV75Bmib8VJ2UNFuVHc/Dam20e3owyOHkmlnNrF93wrdrz
YLyFOrssBCvTOZbkUGory15kWLnuzfFnZzLnlxcVCkSgXQ3FE3BNxlkIftaLnwoK
5zdbJ2WklqcL7xoNhFFiNH7MWk59sA9wBJiz3TX0n7Q06BN82BbLf2oqPRk5J1W9
8VisbsVbho1TfNbIvibgu7CbJc3jc1CH6Hqyurd1jlkAok2egb/4af+RZwM=
-----END CERTIFICATE-----