Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1af78db-4e03-4986-b016-394c842266cc.roa
File:                     d1af78db-4e03-4986-b016-394c842266cc.roa (raw, json)
Hash identifier:          cO1uCSHa+6H7Xr6DqJFwqzcd42N2p1klguZlVccrtw4=
Subject key identifier:   EE:8F:9D:0A:61:AB:7A:5C:C9:2F:F0:02:C6:37:F7:F0:FB:3E:66:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3375192E831E1F1D347374B4B8EA11FC08E67889
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1af78db-4e03-4986-b016-394c842266cc.roa
Signing time:             Mon 06 Oct 2025 15:40:49 +0000
ROA not before:           Mon 06 Oct 2025 15:40:49 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.162.80.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:75:19:2e:83:1e:1f:1d:34:73:74:b4:b8:ea:11:fc:08:e6:78:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:40:49 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=2a40af393b37bc6ae3d321191f3119cf82479e24f8c6ce042de6bd7044a3101d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:93:42:bf:de:22:6f:fa:62:10:9e:57:e9:cb:
                    d7:c9:14:c6:3a:38:75:07:39:4d:e7:b0:ed:5e:0d:
                    35:88:81:e9:56:21:32:49:4b:26:02:b5:67:16:3a:
                    92:bc:d7:38:e9:7c:52:70:4c:ad:3d:41:78:70:4c:
                    25:f0:19:fc:67:42:cf:72:4a:3d:49:d4:37:96:20:
                    b1:1e:bc:0f:3c:88:78:f2:66:aa:47:c2:3f:6b:51:
                    3a:93:5f:16:30:ad:c4:75:9d:a1:53:1f:87:e6:44:
                    94:5b:3e:4e:21:3a:ef:cc:f3:b5:13:48:4b:dd:c8:
                    06:cb:08:8e:61:7b:e0:e3:09:ed:dd:9a:0c:e8:92:
                    89:47:bc:c5:ab:5a:e3:d7:f0:23:d9:eb:88:cf:31:
                    bf:85:6d:65:c6:fd:56:dd:69:68:15:64:8c:da:22:
                    5e:85:ef:0b:7e:97:16:7e:e3:09:3c:b9:cf:6a:28:
                    59:7a:44:fb:ec:c4:41:18:f0:12:f1:76:2b:3d:4b:
                    c2:3c:e9:3f:13:17:d9:08:71:66:62:7f:d3:f9:09:
                    9c:48:31:67:9c:e4:71:3c:e5:cb:3b:2e:69:19:a7:
                    c2:4d:28:13:4f:16:fc:e2:24:d8:bc:f4:23:11:5b:
                    02:e4:b3:66:24:28:a2:92:76:7a:ec:3f:89:f4:7e:
                    45:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:8F:9D:0A:61:AB:7A:5C:C9:2F:F0:02:C6:37:F7:F0:FB:3E:66:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1af78db-4e03-4986-b016-394c842266cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.162.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         c1:ec:9f:a4:41:07:12:d0:c0:47:85:de:4c:7e:3a:4a:e1:be:
         3f:eb:be:30:4e:06:dd:41:29:5b:04:f3:1d:b5:40:00:3d:4b:
         0f:48:5d:6e:67:7a:9c:16:15:72:e4:80:f1:a9:f6:e6:c1:44:
         14:b2:a3:72:85:5f:bc:3a:3d:3f:40:05:69:22:59:ec:fc:bb:
         6e:f5:dc:27:49:58:37:f5:79:3e:e5:53:00:1b:8f:d5:4d:6d:
         80:9b:76:51:27:14:09:94:cf:2e:c1:0c:31:4d:42:cd:dc:54:
         f3:6b:be:16:2d:7a:6a:72:bb:6b:ce:28:0f:f8:24:f3:3e:a6:
         3a:eb:16:7e:f3:7e:5c:0c:cd:38:79:6f:c0:fb:a1:fd:b7:91:
         7c:6e:58:4b:11:b1:cb:ee:4e:86:7a:e1:6c:67:d5:85:b8:75:
         4c:e5:20:52:1c:07:d9:d7:27:b1:73:ce:81:2a:38:d6:af:65:
         4d:4f:f8:a4:4c:ef:af:ee:7b:ca:af:bf:4f:bf:c5:f6:6e:f0:
         e2:8b:89:11:58:1a:1b:89:28:78:a9:13:a8:93:1f:0b:54:7a:
         92:4d:9d:e3:dd:a1:46:67:d4:06:74:9e:14:14:b7:3f:5b:80:
         16:85:2c:43:5b:28:5c:0b:f1:33:73:48:c9:b4:34:9c:42:c7:
         a5:b4:ed:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM3UZLoMeHx00c3S0uOoR/AjmeIkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTU0MDQ5WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYTQwYWYzOTNiMzdiYzZhZTNkMzIxMTkxZjMxMTljZjgy
NDc5ZTI0ZjhjNmNlMDQyZGU2YmQ3MDQ0YTMxMDFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMk0K/3iJv+mIQnlfpy9fJFMY6OHUHOU3nsO1eDTWIgelW
ITJJSyYCtWcWOpK81zjpfFJwTK09QXhwTCXwGfxnQs9ySj1J1DeWILEevA88iHjy
ZqpHwj9rUTqTXxYwrcR1naFTH4fmRJRbPk4hOu/M87UTSEvdyAbLCI5he+DjCe3d
mgzokolHvMWrWuPX8CPZ64jPMb+FbWXG/VbdaWgVZIzaIl6F7wt+lxZ+4wk8uc9q
KFl6RPvsxEEY8BLxdis9S8I86T8TF9kIcWZif9P5CZxIMWec5HE85cs7LmkZp8JN
KBNPFvziJNi89CMRWwLks2YkKKKSdnrsP4n0fkVDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7o+dCmGrelzJL/ACxjf38Ps+ZscwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxYWY3OGRiLTRlMDMtNDk4Ni1iMDE2LTM5NGM4NDIyNjZjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNolAwDQYJKoZIhvcNAQELBQADggEBAMHsn6RBBxLQwEeF3kx+Okrhvj/r
vjBOBt1BKVsE8x21QAA9Sw9IXW5nepwWFXLkgPGp9ubBRBSyo3KFX7w6PT9ABWki
Wez8u2713CdJWDf1eT7lUwAbj9VNbYCbdlEnFAmUzy7BDDFNQs3cVPNrvhYtempy
u2vOKA/4JPM+pjrrFn7zflwMzTh5b8D7of23kXxuWEsRscvuToZ64Wxn1YW4dUzl
IFIcB9nXJ7FzzoEqONavZU1P+KRM76/ue8qvv0+/xfZu8OKLiRFYGhuJKHipE6iT
HwtUepJNnePdoUZn1AZ0nhQUtz9bgBaFLENbKFwL8TNzSMm0NJxCx6W07aU=
-----END CERTIFICATE-----