Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2b14584-beb1-4be9-ba33-b2dbc4ebb1a1.roa
File:                     d2b14584-beb1-4be9-ba33-b2dbc4ebb1a1.roa (raw, json)
Hash identifier:          f9eMK9Dgwe159ris+mYAoCiPmmUwrOBpGgxlY7F4oE0=
Subject key identifier:   06:95:35:E9:4D:78:1E:58:0D:BC:79:32:70:A4:57:AE:88:08:AE:7D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CE02E2A3F55319E265FAC25AEE364617DE865CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2b14584-beb1-4be9-ba33-b2dbc4ebb1a1.roa
Signing time:             Fri 26 Sep 2025 00:42:12 +0000
ROA not before:           Fri 26 Sep 2025 00:42:12 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.60.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:e0:2e:2a:3f:55:31:9e:26:5f:ac:25:ae:e3:64:61:7d:e8:65:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:42:12 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=4a4a34349fb8c1fdc63f5002d4e03b14045076e96b7ee06cc235ecda7bb41274, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b0:b7:ae:cd:84:d5:e5:8a:3c:93:a8:65:e1:
                    d9:1e:67:a5:66:7a:2f:24:45:f6:7b:69:84:41:24:
                    85:a5:74:f1:0a:e6:03:61:d5:57:f7:71:09:79:1b:
                    1b:e8:a3:57:50:06:74:57:9a:7b:4c:3f:d1:2b:5c:
                    c7:49:02:43:cb:d4:20:47:4b:18:e5:49:9a:34:cd:
                    b6:d7:77:78:38:ba:05:47:da:ef:f6:dd:42:f2:fb:
                    7e:85:13:2d:2b:6f:28:f4:27:79:d4:83:c6:3c:02:
                    fb:d7:dd:42:32:bb:6f:77:c5:c2:70:a8:1c:eb:fc:
                    ba:0b:a3:b0:d4:4a:fd:0b:50:d7:07:d6:96:04:51:
                    27:79:8c:b8:79:66:2d:86:a4:7c:05:78:9a:e7:1b:
                    ed:8d:6e:3a:40:e3:a6:92:15:f9:3f:98:a7:89:24:
                    7d:bc:f7:9c:2f:6d:22:81:4c:aa:5c:10:69:d5:09:
                    41:74:4c:98:f1:a7:e5:fc:75:31:bf:52:67:5e:8c:
                    45:7f:8d:53:ec:85:1a:e5:71:21:1b:10:a4:56:66:
                    4b:4b:bc:2f:22:7a:b0:42:16:37:26:d7:8f:73:b6:
                    79:b0:ff:ce:c1:8d:86:3e:67:58:b8:b6:08:5c:a8:
                    cf:8d:e2:7a:c8:d1:20:7e:2f:6e:b7:bf:6c:6c:a1:
                    0b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:95:35:E9:4D:78:1E:58:0D:BC:79:32:70:A4:57:AE:88:08:AE:7D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2b14584-beb1-4be9-ba33-b2dbc4ebb1a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:0c:4d:59:5b:76:ae:52:51:10:64:f1:cf:8e:d7:8f:13:d1:
         83:cb:a9:53:c7:2d:d5:86:ce:ad:b5:ea:e7:11:38:fc:1d:14:
         ce:8f:5c:61:f6:3e:2f:ea:45:0e:d6:61:b2:88:9e:c7:cb:9f:
         89:64:05:ba:18:09:36:bb:63:c0:4b:58:69:0a:33:3e:81:ce:
         1d:d7:be:dc:a9:0d:02:af:7f:55:7f:e9:04:84:bd:a6:a3:05:
         2c:c6:92:b9:e3:7b:bb:77:51:a0:e7:c5:ae:ce:cb:0b:4b:2a:
         74:fd:25:b9:6d:b1:7c:83:1e:3a:bc:51:59:10:37:3f:1d:2d:
         85:94:55:ef:09:46:5f:36:f3:aa:bd:55:8c:94:0a:16:8f:47:
         10:0d:f2:44:6e:20:d6:26:46:84:4d:a7:f4:78:e1:6b:43:4c:
         c7:40:fa:e6:8e:d5:a2:54:53:0e:a0:a3:78:d3:5c:39:39:b8:
         2c:5d:ca:c4:9d:6c:ab:81:25:77:21:d8:46:98:66:8c:2e:6e:
         0b:63:1b:c1:d0:35:c0:75:74:fd:21:d6:17:59:b9:8a:cf:c2:
         a8:7f:9c:b8:57:19:de:b1:43:c1:f6:d7:31:63:d5:68:47:c0:
         19:a9:37:9a:22:0e:a6:1e:33:fa:8c:52:ce:70:21:0b:bf:49:
         50:3d:34:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfOAuKj9VMZ4mX6wlruNkYX3oZc4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDA0MjEyWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTRhMzQzNDlmYjhjMWZkYzYzZjUwMDJkNGUwM2IxNDA0
NTA3NmU5NmI3ZWUwNmNjMjM1ZWNkYTdiYjQxMjc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTsLeuzYTV5Yo8k6hl4dkeZ6Vmei8kRfZ7aYRBJIWldPEK
5gNh1Vf3cQl5Gxvoo1dQBnRXmntMP9ErXMdJAkPL1CBHSxjlSZo0zbbXd3g4ugVH
2u/23ULy+36FEy0rbyj0J3nUg8Y8AvvX3UIyu293xcJwqBzr/LoLo7DUSv0LUNcH
1pYEUSd5jLh5Zi2GpHwFeJrnG+2NbjpA46aSFfk/mKeJJH2895wvbSKBTKpcEGnV
CUF0TJjxp+X8dTG/UmdejEV/jVPshRrlcSEbEKRWZktLvC8ierBCFjcm149ztnmw
/87BjYY+Z1i4tghcqM+N4nrI0SB+L263v2xsoQt7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBpU16U14HlgNvHkycKRXrogIrn0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyYjE0NTg0LWJlYjEtNGJlOS1iYTMzLWIyZGJjNGViYjFhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABODDwwDQYJKoZIhvcNAQELBQADggEBAFwMTVlbdq5SURBk8c+O148T0YPL
qVPHLdWGzq216ucROPwdFM6PXGH2Pi/qRQ7WYbKInsfLn4lkBboYCTa7Y8BLWGkK
Mz6Bzh3XvtypDQKvf1V/6QSEvaajBSzGkrnje7t3UaDnxa7OywtLKnT9JbltsXyD
Hjq8UVkQNz8dLYWUVe8JRl8286q9VYyUChaPRxAN8kRuINYmRoRNp/R44WtDTMdA
+uaO1aJUUw6go3jTXDk5uCxdysSdbKuBJXch2EaYZowubgtjG8HQNcB1dP0h1hdZ
uYrPwqh/nLhXGd6xQ8H21zFj1WhHwBmpN5oiDqYeM/qMUs5wIQu/SVA9NMQ=
-----END CERTIFICATE-----