Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa
File:                     c39d5c58-914d-4d17-9204-d6652dbcef48.roa (raw, json)
Hash identifier:          GSQaabBaOWy/5VjgsgdufXt/bFYVO0RTHEJ/qopJxoE=
Subject key identifier:   B4:9D:30:37:ED:AE:2F:02:68:86:05:EF:44:38:10:D2:B8:66:33:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0CBD8877BB6F62C738DA6EA08035A59F26445411
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa
Signing time:             Fri 10 Oct 2025 00:12:05 +0000
ROA not before:           Fri 10 Oct 2025 00:12:05 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.59.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:bd:88:77:bb:6f:62:c7:38:da:6e:a0:80:35:a5:9f:26:44:54:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 00:12:05 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=12af8f13f9632c98c960c8a28255a7dba5d12a80086d70befd552db4e58f17c8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:23:0c:1f:02:d2:cb:d3:08:ca:76:22:87:34:
                    ef:62:4b:bd:85:23:09:47:19:81:5a:0c:bd:98:61:
                    a2:3d:43:f3:c0:03:63:68:90:db:b6:fe:a8:e8:b6:
                    21:d1:50:c3:3f:25:1e:0e:09:26:59:91:1d:59:9a:
                    67:a3:d3:2b:52:17:13:2f:a3:b6:f8:ab:a9:75:e7:
                    21:1c:f2:e1:4d:a5:7e:16:fe:18:43:88:73:0b:88:
                    74:e6:ca:ac:43:85:82:96:e7:93:e9:47:13:6d:a3:
                    f5:31:1c:1d:3b:7e:f1:0c:1b:40:f1:c1:c9:b6:23:
                    8c:14:8a:c9:cd:a4:bd:0a:e4:2b:a6:0b:d1:53:95:
                    7a:82:86:88:82:a8:88:0c:b1:ac:c1:1b:d8:69:81:
                    ca:cf:30:32:4e:28:1d:36:53:8b:1c:ac:a1:af:ff:
                    a1:46:32:56:6c:7e:34:bb:e8:06:7a:14:83:f4:1c:
                    6e:c1:12:a4:2d:ba:25:ed:84:42:cc:73:8e:5b:6a:
                    57:a0:07:06:97:5c:36:ad:a4:03:8a:ae:48:09:25:
                    10:ae:5b:08:99:03:6b:65:0f:c7:ef:73:81:d7:5d:
                    35:68:21:f1:93:55:9f:27:37:07:eb:c4:72:da:34:
                    cb:64:e2:4b:99:24:b1:21:86:ec:f5:c5:5c:76:28:
                    9a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:9D:30:37:ED:AE:2F:02:68:86:05:EF:44:38:10:D2:B8:66:33:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c39d5c58-914d-4d17-9204-d6652dbcef48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:35:20:7e:93:92:c1:2f:55:1d:db:6c:07:9c:82:f4:12:53:
         94:60:56:46:e6:e3:b2:08:ab:02:5d:2f:a2:50:4c:a8:d9:19:
         c4:da:26:9d:30:48:7b:3d:cc:04:0e:d4:b7:c5:9e:b0:60:d5:
         33:9d:dc:f7:b7:ec:3c:66:b9:6a:44:1e:81:18:9c:2e:1e:cc:
         9a:ed:87:00:dc:0b:6d:f5:95:d5:6e:dd:b6:5e:f5:e1:55:13:
         6f:db:dc:91:44:e7:b0:26:93:3f:92:ec:38:69:79:6a:0c:fe:
         65:d7:53:30:20:27:c6:3a:19:5f:84:60:11:cd:1f:bd:c1:13:
         86:39:76:ea:94:70:56:b7:41:f2:af:59:a7:d6:2f:e4:88:12:
         66:ca:00:07:ef:33:37:cb:19:d4:26:0b:09:d2:60:bc:3c:a4:
         96:76:51:68:bb:c3:e3:e8:6f:8a:42:64:51:6f:a3:d6:2a:b1:
         87:09:19:ed:34:a7:22:b5:3e:c3:17:ed:7b:4d:93:96:a2:07:
         2d:6d:ae:4a:38:12:54:40:99:73:90:57:cd:2e:2f:c1:52:0b:
         cc:19:3e:a1:14:4a:a0:69:44:28:0e:a1:f6:08:49:60:9b:f8:
         41:73:fa:c6:04:c7:33:dd:ac:41:a2:ad:46:59:c3:82:24:c4:
         bf:6b:cb:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDL2Id7tvYsc42m6ggDWlnyZEVBEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAxMjA1WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMmFmOGYxM2Y5NjMyYzk4Yzk2MGM4YTI4MjU1YTdkYmE1
ZDEyYTgwMDg2ZDcwYmVmZDU1MmRiNGU1OGYxN2M4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3IwwfAtLL0wjKdiKHNO9iS72FIwlHGYFaDL2YYaI9Q/PA
A2NokNu2/qjotiHRUMM/JR4OCSZZkR1Zmmej0ytSFxMvo7b4q6l15yEc8uFNpX4W
/hhDiHMLiHTmyqxDhYKW55PpRxNto/UxHB07fvEMG0Dxwcm2I4wUisnNpL0K5Cum
C9FTlXqChoiCqIgMsazBG9hpgcrPMDJOKB02U4scrKGv/6FGMlZsfjS76AZ6FIP0
HG7BEqQtuiXthELMc45balegBwaXXDatpAOKrkgJJRCuWwiZA2tlD8fvc4HXXTVo
IfGTVZ8nNwfrxHLaNMtk4kuZJLEhhuz1xVx2KJrfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtJ0wN+2uLwJohgXvRDgQ0rhmM7swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MzOWQ1YzU4LTkxNGQtNGQxNy05MjA0LWQ2NjUyZGJjZWY0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABODDswDQYJKoZIhvcNAQELBQADggEBALA1IH6TksEvVR3bbAecgvQSU5Rg
Vkbm47IIqwJdL6JQTKjZGcTaJp0wSHs9zAQO1LfFnrBg1TOd3Pe37DxmuWpEHoEY
nC4ezJrthwDcC231ldVu3bZe9eFVE2/b3JFE57Amkz+S7DhpeWoM/mXXUzAgJ8Y6
GV+EYBHNH73BE4Y5duqUcFa3QfKvWafWL+SIEmbKAAfvMzfLGdQmCwnSYLw8pJZ2
UWi7w+Pob4pCZFFvo9YqsYcJGe00pyK1PsMX7XtNk5aiBy1trko4ElRAmXOQV80u
L8FSC8wZPqEUSqBpRCgOofYISWCb+EFz+sYExzPdrEGirUZZw4IkxL9ry04=
-----END CERTIFICATE-----